On Fri, Mar 29, 2013 at 4:08 PM, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > > On 29.03.2013 15:01, Salvatore Bonaccorso wrote: > >> bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high >> . >> * Non-maintainer upload by the Security Team. >> * Fix cve-2012-5689: issue in nameservers using DNS64 to perform a AAAA >> lookup for a record with an A record overwrite rule in a Response >> Policy >> Zone (closes: #699145). >> > > fwiw, this issue isn't marked as RC currently. The bug log notes that > there wasn't a production quality patch available and instead the plan was > to document how to avoid the issue, which Moritz seemed happy with. What > changed?
A production-ready patch. > * Fix cve-2013-2266: issues in regular expression handling >> (closes: #704174). >> > > and that one appears to have been NMUed around four hours after it was > filed, which I'm not overjoyed about. > You're aware that this is easily exploited in the wild already? Best wishes, Mike