DEBIAN-CVE-2017-3137

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/DEBIAN-CVE-2017-3137
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2017-3137.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2017-3137
Upstream
Published
2019-01-16T20:29:00Z
Modified
2025-09-19T06:10:44Z
Summary
[none]
Details

Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.

References

Affected packages

Debian:11 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.3.dfsg.P4-12.3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.3.dfsg.P4-12.3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.3.dfsg.P4-12.3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.3.dfsg.P4-12.3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}