On Thu, 02 Dec 2010 08:34:40 -1000, Debian security wrote: > Hello, > > ISC published new versions of their DNS server: bind. > This version is corrects bug and one security issue (classified as High) > that impacts the version shipped in Debian Lenny. > It has been published yeterday and I still can't see any update in the > security repository. > Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 > which correct the bugs? > > https://www.isc.org/software/bind/advisories/cve-2010-3613 > https://www.isc.org/software/bind/advisories/cve-2010-3614
This is the first I've heard of these issues. You can submit a bug report against bind9 to encourage the maintainer to start working on a fix for unstable and a backport for lenny. It would be even more helpful if you can extract the patches, apply them, and send a diff against the current packages. Mike -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101202140928.24213d1f.michael.s.gilb...@gmail.com