Comment 1 Thomas Deutschmann (RETIRED) 2018-01-17 10:28:13 UTC

CVE-2017-3145:
==============
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named.

Comment 2 Christian Ruppert (idl0r) 2018-01-22 16:34:41 UTC

bind as well as bind-tools 9.11.2-P2 has just been pushed.

Comment 3 Aaron Bauman (RETIRED) 2018-01-22 21:52:54 UTC

(In reply to Christian Ruppert (idl0r) from comment #2)
> bind as well as bind-tools 9.11.2-P2 has just been pushed.

Christian, I am not seeing it, after a fresh Git sync, in the repo.

Comment 4 Christian Ruppert (idl0r) 2018-01-22 22:05:11 UTC

(In reply to Aaron Bauman from comment #3)
> (In reply to Christian Ruppert (idl0r) from comment #2)
> > bind as well as bind-tools 9.11.2-P2 has just been pushed.
> 
> Christian, I am not seeing it, after a fresh Git sync, in the repo.

Oops, sorry, I meant 9.11.2-P1 of course - net-dns/bind-9.11.2_p1.

Comment 5 Aaron Bauman (RETIRED) 2018-01-23 00:28:53 UTC

Christian, thank you for clarifying and please let us know when you are ready to call for stable.

Comment 6 Christian Ruppert (idl0r) 2018-01-23 18:41:43 UTC

bind is running fine for me for about 24h now, If you want, proceed with the stabilization process but please for both, bind and bind-tools. Thanks!

Comment 7 Thomas Deutschmann (RETIRED) 2018-01-23 20:30:20 UTC

@ Arches,

please test and mark stable:

  net-dns/bind-tools-9.11.2_p1
  net-dns/bind-9.11.2_p1

Comment 8 Agostino Sarubbo 2018-01-24 22:48:40 UTC

amd64 stable

Comment 9 Thomas Deutschmann (RETIRED) 2018-01-26 18:21:29 UTC

x86 stable

Comment 10 Sergei Trofimovich (RETIRED) 2018-01-28 22:30:51 UTC

ia64 stable

Comment 11 Sergei Trofimovich (RETIRED) 2018-01-28 23:00:24 UTC

ppc stable

Comment 12 Markus Meier 2018-02-05 21:24:22 UTC

arm stable

Comment 13 Sergei Trofimovich (RETIRED) 2018-02-05 21:58:20 UTC

hppa stable

Comment 14 Mart Raudsepp 2018-03-03 14:29:03 UTC

arm64 doesn't have stable keywords on these, please pay attention what arches you CC

Comment 15 Tobias Klausmann (RETIRED) 2018-03-04 16:24:12 UTC

Stable on alpha.

Comment 16 Matt Turner 2018-03-12 01:55:01 UTC

ppc64 done. last arch done

Comment 17 Christopher Díaz Riveros (RETIRED) 2018-03-12 17:57:02 UTC

@Maintainers please clean tree from vulnerable versions.

GLSA Vote: No.

Comment 18 Aaron Bauman (RETIRED) 2018-03-24 00:27:20 UTC

tree is clean

Comment 19 Larry the Git Cow 2018-05-08 06:23:58 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8319e0fede99aa4bf599860eeac1a5bcf4ea729d

commit 8319e0fede99aa4bf599860eeac1a5bcf4ea729d
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2018-05-08 05:50:18 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-05-08 06:23:27 +0000

    net-dns/bind: stable 9.11.2_p1 for sparc
    
    Bug: https://bugs.gentoo.org/644706
    Package-Manager: Portage-2.3.24, Repoman-2.3.6
    RepoMan-Options: --include-arches="sparc"

 net-dns/bind/bind-9.11.2_p1.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b57e16c0207aeb8b8ae924c8f7b342eb1c94db6f

commit b57e16c0207aeb8b8ae924c8f7b342eb1c94db6f
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2018-05-08 05:49:42 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-05-08 06:23:27 +0000

    net-dns/bind-tools: stable 9.11.2_p1 for sparc
    
    Bug: https://bugs.gentoo.org/644706
    Package-Manager: Portage-2.3.24, Repoman-2.3.6
    RepoMan-Options: --include-arches="sparc"

 net-dns/bind-tools/bind-tools-9.11.2_p1.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)