Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

bind9: CVE-2015-8704: Specific APL data could trigger an INSIST in apl_42.c

Related Vulnerabilities: CVE-2015-8704  

Source

Debian Bug report logs - #812077
bind9: CVE-2015-8704: Specific APL data could trigger an INSIST in apl_42.c

version graph

Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@tracker.debian.org>;

Reported by: Salvatore Bonaccorso <carnil@debian.org>

Date: Wed, 20 Jan 2016 09:36:02 UTC

Severity: serious

Tags: fixed-upstream, security, upstream

Found in version bind9/1:9.7.3.dfsg-1

Fixed in versions bind9/1:9.8.4.dfsg.P1-6+nmu2+deb7u9, bind9/1:9.7.3.dfsg-1~squeeze19, bind9/1:9.10.3.dfsg.P2-3, bind9/1:9.9.5.dfsg-9+deb8u5

Done: Michael Gilbert <mgilbert@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, LaMont Jones <lamont@debian.org>:
Bug#812077; Package src:bind9. (Wed, 20 Jan 2016 09:36:07 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, LaMont Jones <lamont@debian.org>. (Wed, 20 Jan 2016 09:36:07 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: bind9: CVE-2015-8704: Specific APL data could trigger an INSIST in apl_42.c
Date: Wed, 20 Jan 2016 10:33:47 +0100
Source: bind9
Version: 1:9.7.3.dfsg-1
Severity: serious
Tags: security upstream fixed-upstream

Hi,

(Marking as RC, since fixes are in stable already and need to go to
stretch as well).

the following vulnerability was published for bind9.

CVE-2015-8704[0]:
Specific APL data could trigger an INSIST in apl_42.c

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-8704

Regards,
Salvatore

Marked as fixed in versions bind9/1:9.7.3.dfsg-1~squeeze19. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 20 Jan 2016 09:42:08 GMT) (full text, mbox, link).

Marked as fixed in versions bind9/1:9.8.4.dfsg.P1-6+nmu2+deb7u9. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 20 Jan 2016 09:42:09 GMT) (full text, mbox, link).

Marked as fixed in versions bind9/1:9.9.5.dfsg-9+deb8u5. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 20 Jan 2016 09:42:10 GMT) (full text, mbox, link).

Marked as fixed in versions bind9/1:9.10.3.dfsg.P2-3. Request was from LaMont Jones <lamont@debian.org> to control@bugs.debian.org. (Fri, 19 Feb 2016 16:42:15 GMT) (full text, mbox, link).

Reply sent to Michael Gilbert <mgilbert@debian.org>:
You have taken responsibility. (Tue, 05 Apr 2016 02:51:04 GMT) (full text, mbox, link).

Notification sent to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer. (Tue, 05 Apr 2016 02:51:04 GMT) (full text, mbox, link).

Message #18 received at 812077-close@bugs.debian.org (full text, mbox, reply):

From: Michael Gilbert <mgilbert@debian.org>
To: 812077-close@bugs.debian.org
Date: Mon, 4 Apr 2016 22:49:33 -0400

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 03 May 2016 07:35:26 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 14:02:54 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started