Debian 10260 Published by

Updated bind9 packages has been released for Debian 6 LTS



Package : bind9
Version : 1:9.7.3.dfsg-1~squeeze14
CVE ID : CVE-2015-1349
Debian Bug : 778733

Jan-Piet Mens discovered that the BIND DNS server would crash when
processing an invalid DNSSEC key rollover, either due to an error on
the zone operator's part, or due to interference with network traffic
by an attacker. This issue affects configurations with the directives
"dnssec-validation auto;" (as enabled in the Debian default
configuration) or "dnssec-lookaside auto;".