Debian Information for VU#327633

BIND 8.4.4 and 8.4.5 vulnerable to buffer overflow in q_usedns



Vendor Statement

It seems that Debian stable is not vulnerable to either vulnerability
and Debian testing/unstable is only vulnerable to CAN-2005-033 (VU#327633).
The versions included are too old and the vulnerability does not seem to
be present in the older versions indeed.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.