CVE-2017-3135

Priority
Medium
Description
Some configurations using both DNS64 and RPZ can lead to an INSIST assertion
failure or a NULL pointer read; in either case named will terminate.
Only servers which are configured to simultaneously use both Response Policy
Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records)
can be affected by this vulnerability.
References
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):released (1:9.8.1.dfsg.P1-4ubuntu0.21)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:9.9.5.dfsg-3ubuntu0.13)
Ubuntu Touch 15.04:needed
Ubuntu Core 15.04:needed
Ubuntu 16.04 LTS (Xenial Xerus):released (1:9.10.3.dfsg.P4-8ubuntu1.5)
Ubuntu 16.10 (Yakkety Yak):released (1:9.10.3.dfsg.P4-10.1ubuntu1.3)
Ubuntu 17.04 (Zesty Zapus):released (1:9.10.3.dfsg.P4-10.1ubuntu4)
More Information

Updated: 2017-02-17 14:14:24 UTC (commit 12108)