Bug/Vulnerability in `Dig' in latest dnsutils/bind9
muks at isc.org
Tue Oct 28 11:41:51 UTC 2014
On Tue, Oct 28, 2014 at 07:30:45PM +1100, Joshua Rogers wrote:
> I'm not sure if this is really severe enough for a CVE-ID or not, but
> let me know about it anyways.
This crashes out almost immediately after next is assigned -1, by
dereferencing *(-1) which is likely not mapped on any platform. So I
don't think it's a severe or exploitable bug. The crash is the only
A fix is in review now.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 2881 bytes
Desc: not available
More information about the bind-users