Hi everybody, I uploaded version 9.8.4.dfsg.P1-6+nmu2+deb7u16 of bind9 to:
https://people.debian.org/~alteholz/packages/wheezy-lts/bind9/amd64/ Please give it a try and tell me about any problems you met. Thanks! Thorsten * Dns64 with "break-dnssec yes;" can result in a assertion failure. (CVE-2017-3136) * Prerequisite for CVE-2017-3137 cherry-picked from upstream change #4190. If not cherry-picking this change the fix for CVE-2017-3137 can cause an assertion failure to appear in name.c. * Some chaining (CNAME or DNAME) responses to upstream queries could trigger assertion failures (CVE-2017-3137) * Reimplement: Some chaining (CNAME or DNAME) responses to upstream queries could trigger assertion failures. (CVE-2017-3137) * Fix regression introduced when handling CNAME to referral below the current domain * 'rndc ""' could trigger a assertion failure in named. (CVE-2017-3138)
