Debian 10225 Published by

The following two updates are available for Debian 6.0 LTS:

[DLA 47-1] lua5.1 security update
[DLA 48-1] bind9 security update



[DLA 47-1] lua5.1 security update

Package : lua5.1
Version : 5.1.4-5+deb6u1
CVE ID : CVE-2014-5461

Fix stack overflow in vararg functions.

[DLA 48-1] bind9 security update

Package : bind9
Version : 9.7.3.dfsg-1~squeeze12
CVE ID : CVE-2014-0591
Debian Bug : 735190

Fix denial of service attack when processing NSEC3-signed zone
queries, fixed by not calling memcpy with overlapping ranges in
bin/named/query.c. - patch backported from 9.8.6-P2 by Marc Deslauriers
from the Ubuntu Security team for USN-2081-1.