Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2012-5166: Specially crafted DNS data can cause a lockup in named

Related Vulnerabilities: CVE-2012-5166   cve-2012-5166  

Source

Debian Bug report logs - #690118
CVE-2012-5166: Specially crafted DNS data can cause a lockup in named

version graph

Package: bind9; Maintainer for bind9 is Debian DNS Team <team+dns@tracker.debian.org>; Source for bind9 is src:bind9 (PTS, buildd, popcon).

Reported by: Henri Salo <henri@nerv.fi>

Date: Wed, 10 Oct 2012 07:33:01 UTC

Severity: important

Tags: security

Found in version bind9/1:9.7.3.dfsg-1~squeeze7

Fixed in version 1:9.7.3.dfsg-1~squeeze8

Done: Bernhard Schmidt <berni@birkenwald.de>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, LaMont Jones <lamont@debian.org>:
Bug#690118; Package bind9. (Wed, 10 Oct 2012 07:33:04 GMT) (full text, mbox, link).

Acknowledgement sent to Henri Salo <henri@nerv.fi>:
New Bug report received and forwarded. Copy sent to LaMont Jones <lamont@debian.org>. (Wed, 10 Oct 2012 07:33:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Henri Salo <henri@nerv.fi>
To: submit@bugs.debian.org
Subject: CVE-2012-5166: Specially crafted DNS data can cause a lockup in named
Date: Wed, 10 Oct 2012 10:30:17 +0300
Package: bind9
Version: 1:9.7.3.dfsg-1~squeeze7
Severity: important
Tags: security

References:
https://www.isc.org/software/bind/advisories/cve-2012-5166
https://kb.isc.org/article/AA-00801

- Henri Salo

Reply sent to Bernhard Schmidt <berni@birkenwald.de>:
You have taken responsibility. (Sat, 27 Oct 2012 21:09:06 GMT) (full text, mbox, link).

Notification sent to Henri Salo <henri@nerv.fi>:
Bug acknowledged by developer. (Sat, 27 Oct 2012 21:09:06 GMT) (full text, mbox, link).

Message #10 received at 690118-done@bugs.debian.org (full text, mbox, reply):

From: Bernhard Schmidt <berni@birkenwald.de>
To: 690118-done@bugs.debian.org
Subject: Re: CVE-2012-5166: Specially crafted DNS data can cause a lockup in named
Date: Sat, 27 Oct 2012 23:06:11 +0200
Version: 1:9.7.3.dfsg-1~squeeze8

> References:
> https://www.isc.org/software/bind/advisories/cve-2012-5166
> https://kb.isc.org/article/AA-00801

This has been fixed for Squeeze in 1:9.7.3.dfsg-1~squeeze8

bind9 (1:9.7.3.dfsg-1~squeeze8) squeeze-security; urgency=high

   * Apply patch extracted from 9.7.6-P4 to fix CVE-2012-5166

 -- Florian Weimer <fw@deneb.enyo.de>  Sat, 20 Oct 2012 19:39:32 +0200 

The bug still affects Wheezy (#690142)

Bernhard

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 25 Nov 2012 07:26:06 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 17:19:52 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started