—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

– ————————————————————————-
Debian Security Advisory DSA-3703-1 security@debian.org
https://www.debian.org/security/ Florian Weimer
November 01, 2016 https://www.debian.org/security/faq
– ————————————————————————-

Package : bind9
CVE ID : CVE-2016-8864
Debian Bug : 842858

Tony Finch and Marco Davids reported an assertion failure in BIND, a
DNS server implementation, which causes the server process to
terminate. This denial-of-service vulnerability is related to a
defect in the processing of responses with DNAME records from
authoritative servers and primarily affects recursive resolvers.

For the stable distribution (jessie), this problem has been fixed in
version 1:9.9.5.dfsg-9+deb8u8.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJYGReoAAoJEL97/wQC1SS+4RQH+wc73x8MRFd+jWShqFWzNbbG
BkKff8Q6yGvvJqOlwBBm7+je9r/NpeRPKkjzfOQlzw/vFzQw4KVVTzM/7FRJBoXR
AmfBjnl7LOmiqIlRxEMkJUhcnq5z3ATPqtgiz+es6/uQJXWFmufv7hrZ4Yh89EOP
c5uJpXipy4bhBMukovcs3qyLHCf5dKxiwW9i1XhV4uJueSWgyM80a+UoeHZgyBFi
lYSFPwFr7T1SjVZuzRX9HhbZhyS+YC5Kg6vqMpZ0iP5RS1ZbgFAQM91i9vxpZOh3
QopQ2TOaqwjVdKNA8JhpawHoTx4t+bbdH+T416cUQJwivyS2j7rT2iWVuFcpG1o=
=kaus
—–END PGP SIGNATURE—–