Two vulnerabilities were reported in BIND, a DNS server.
- CVE-2016-2775
The lwresd component in BIND (which is not enabled by default)
could crash while processing an overlong request name. This could
lead to a denial of service.
- CVE-2016-2776
A crafted query could crash the BIND name server daemon, leading
to a denial of service. All server roles (authoritative,
recursive and forwarding) in default configurations are
affected.
For the stable distribution (jessie), these problems have been fixed in
version 1:9.9.5.dfsg-9+deb8u7.
We recommend that you upgrade your bind9 packages.