nion at alioth.debian.org
2009-Feb-09 18:05 UTC
[Secure-testing-commits] r11168 - data/CVE
Author: nion
Date: 2009-02-09 18:05:10 +0000 (Mon, 09 Feb 2009)
New Revision: 11168
Modified:
data/CVE/list
Log:
CVE-2009-0025 fixed in bind9 1:9.5.1.dfsg.P1-1
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-02-09 09:14:20 UTC (rev 11167)
+++ data/CVE/list 2009-02-09 18:05:10 UTC (rev 11168)
@@ -1954,7 +1954,7 @@
NOT-FOR-US: Apache Jackrabbit
CVE-2009-0025 (BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly
check ...)
{DSA-1703-1}
- - bind9 <unfixed> (low; bug #511936)
+ - bind9 1:9.5.1.dfsg.P1-1 (low; bug #511936)
NOTE: unlike the advisory states it is DSA_do_verify not DSA_verify
NOTE: low severity because it is believed hard to trigger and only
NOTE: affects DNSSEC with DSA, which is supposedly rarely used.