DSA-3904-2 bind9 -- bind9| ID: oval:org.secpod.oval:def:603017 | Date: (C)2017-08-01 (M)2023-02-13 |
| Class: PATCH | Family: unix |
The security update announced as DSA-3904-1 in bind9 introduced a regression. The fix for CVE-2017-3142 broke verification of TSIG signed TCP message sequences where not all the messages contain TSIG records. This is conform to the spec and may be used in AXFR and IXFR response.
| Platform: |
| Debian 8.x |
| Debian 9.x |
| Product: |
| bind9 |
| libbind-export-dev |
| libisccc140 |
| host |
| libisc160 |
| libisccfg140 |
| libdns162 |
| dnsutils |
| libbind-dev |
| libdns-export162 |
| liblwres141 |
| libbind9-140 |
| libirs-export141 |
| libisccc-export140 |
| libisccfg-export140 |
| libirs141 |
| libisc-export160 |
| lwresd |
