-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3304-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
July 07, 2015                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : bind9
CVE ID         : CVE-2015-4620

Breno Silveira Soares of Servico Federal de Processamento de Dados
(SERPRO) discovered that the BIND DNS server is prone to a denial of
service vulnerability. A remote attacker who can cause a validating
resolver to query a zone containing specifically constructed contents
can cause the resolver to terminate with an assertion failure, resulting
in a denial of service to clients relying on the resolver.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u5.

For the stable distribution (jessie), this problem has been fixed in
version 1:9.9.5.dfsg-9+deb8u1.

For the testing distribution (stretch) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVnC4OAAoJEAVMuPMTQ89Eo5oP/0x57OE+nwBjh97eZQ82UMDx
yIqckbRbbdO/NViH4kRepweXbm5I+p+p5YNKgwMlJmOSjq5GjIzeSdwQxIWseDv4
mFg34xOxn+PPIhr5n24niXZJAgfPnYhyCpWUbFT8itF5Z8XxYtmp9fws/zDkaLAK
5ay1IGJUxnSoCGviC/HsmfQHVS5mgU2LiL+l+Q6WOgxTRP4KxWlStAM7iDeJfgX6
y6zA2Z7LNjbAvnzW82W2mzLjwDSwjoHpINawPmFVw6yC1zPCI3+Hr0XIx5W0YX7o
9KckGgnuASgWE6B9WxL4418uH9rrw88b7TDf5Z4VfY2dKgonPrEmzvSvaBzmkDwx
FtdwuBWstSAJy6MUnGD40dMzkwzKZygh2KJbS5EFxozQ0i2gbWR/pvrvYY4G485R
Cj2kgH+hiTl87j33SqD3izWcsNsR1c++z7ifDfi0tURs4GAXJQrf8Bd4chSGj4Gl
s2oZWjc/NlM9JEuHYICKGUuXxBjCdXATJIEm8zfqkhPgZ+0FnUPtfRI9ONurnMHy
DAlnRKDtl+z6pTQ3pdYlslSU7MIIptMm+3pumLOzD8SXON2rvEkuiMhpRzxwDwfL
o3lT+OcrO2JlTSoBhf01XEBSw1ciY94yGdbn71gKYsYtLOX4GFV2hd/qR6K8Lp10
lIYiePafZF2a61n5J5FM
=UeRx
-----END PGP SIGNATURE-----