apticron report [Wed, 11 Jan 2017 23:38:21 +0100] ======================================================================== apticron has detected that some packages need upgrading on: quigon.federez.net [ 160.228.155.65 ] The following packages are currently pending an upgrade: bind9 1:9.9.5.dfsg-9+deb8u9 bind9-host 1:9.9.5.dfsg-9+deb8u9 bind9utils 1:9.9.5.dfsg-9+deb8u9 dnsutils 1:9.9.5.dfsg-9+deb8u9 libbind9-90 1:9.9.5.dfsg-9+deb8u9 libdns100 1:9.9.5.dfsg-9+deb8u9 libdns-export100 1:9.9.5.dfsg-9+deb8u9 libirs-export91 1:9.9.5.dfsg-9+deb8u9 libisc95 1:9.9.5.dfsg-9+deb8u9 libisccc90 1:9.9.5.dfsg-9+deb8u9 libisccfg90 1:9.9.5.dfsg-9+deb8u9 libisccfg-export90 1:9.9.5.dfsg-9+deb8u9 libisc-export95 1:9.9.5.dfsg-9+deb8u9 liblwres90 1:9.9.5.dfsg-9+deb8u9 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour bind9 (bind9 bind9-host bind9utils dnsutils libbind9-90 libdns100 libdns-export100 libirs-export91 libisc95 libisccc90 libisccfg90 libisccfg-export90 libisc-export95 liblwres90) --- bind9 (1:9.9.5.dfsg-9+deb8u9) jessie-security; urgency=medium * Apply patches from ISC. * CVE-2016-9131: Assertion failure related to caching of TKEY records in upstream DNS responses. * CVE-2016-9147: Processing of RRSIG records in upstream DNS response without corresponding signed data could lead to an assertion failure. * CVE-2016-9444: Missing RRSIG records in the authority section of upstream responses could lead to an assertion failure. * RT #43779: Fix handling of CNAME/DNAME responses. (Regression due to the CVE-2016-8864 fix.) -- Florian Weimer <fw(a)deneb.enyo.de> Wed, 11 Jan 2017 11:50:31 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on quigon.federez.net -- apticron