CVE-2017-3137

Priority
Medium
Description
A response packet can cause a resolver to terminate when
processing an answer containing a CNAME or DNAME
References
Notes
 sbeattie> in bind9 9.9 and earlier, with the bind9 patch
  for this issue applied, named will hit another assertion;
  to fix that requires the lib/dns/named.c change from
  https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=dc3912f3caac1104fef441fd18571b7a975708ea
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):released (1:9.10.3.dfsg.P4-10.1ubuntu5)
Ubuntu 12.04 ESM (Precise Pangolin):released (1:9.8.1.dfsg.P1-4ubuntu0.22)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:9.9.5.dfsg-3ubuntu0.14)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:9.10.3.dfsg.P4-8ubuntu1.6)
Ubuntu 17.04 (Zesty Zapus):released (1:9.10.3.dfsg.P4-10.1ubuntu5)
More Information

Updated: 2017-10-17 19:14:39 UTC (commit 13537)