Security Information / 2015 / Security Information -- DSA-3350-1 bind9

Debian Security Advisory

DSA-3350-1 bind9 -- security update

Date Reported:

02 Sep 2015

Affected Packages:

bind9

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2015-5722.

More information:

Hanno Boeck discovered that incorrect validation of DNSSEC-signed records in the Bind DNS server could result in denial of service.

Updates for the oldstable distribution (wheezy) will be released shortly.

For the stable distribution (jessie), this problem has been fixed in version 9.9.5.dfsg-9+deb8u3.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your bind9 packages.