Viewing all changes in revision 4.
- Committer: Bazaar Package Importer
- Date: 2006-09-07 14:03:41 UTC
- Revision ID: james.westby@ubuntu.com-20060907140341-7vqgxb48bd95xkxf
* SECURITY UPDATE:
* lib/dns/resolver.c: Ported upstream patch from 9.3.2-P1 (thanks to LaMont
Jones for doing that) to fix the following flaws:
- A remote user (DNS server) can send specially crafted RRset responses in
return to a recursive SIG query to cause the requesting named service to
crash [CVE-2006-4095].
- A remote user can also send specially crafted queries to trigger an
INSIST failure and cause the requesting service(s) to crash
[CVE-2006-4096].
* lib/dns/resolver.c: Ported upstream patch from 9.3.2-P1 (thanks to LaMont
Jones for doing that) to fix the following flaws:
- A remote user (DNS server) can send specially crafted RRset responses in
return to a recursive SIG query to cause the requesting named service to
crash [CVE-2006-4095].
- A remote user can also send specially crafted queries to trigger an
INSIST failure and cause the requesting service(s) to crash
[CVE-2006-4096].
- files modified:
- debian/changelog
expand all
collapse all
added
removed
