[libbind9] [CVE-2008-0122] off-by-one error in the inet_network function

in 1:9.4.2-8, on the off chance that anyone in the world actually uses libbind9 to build packages on either linux distro.

Applications shipped in bind9 do not use this function, and no other applications link against bind9.

That should have read 'no other applications link against libbind9'.

This bug was fixed in the package bind9 - 1:9.4.2-9

---------------
bind9 (1:9.4.2-9) unstable; urgency=low

  * apparmor: allow subdirs in {/etc,/var/cache,/var/lib}/bind
  * apparmor: make profile match README.Debian

bind9 (1:9.4.2-8) unstable; urgency=low

  [ISC]

  * CVE-2008-0122: off by one error in (unused) inet_network function.
    Closes: #462783 LP: #203476

  [Michael Milligan]

  * Fix min-cache-ttl and min-ncache-ttl keywords

  [Jamie Strandboge]

  * apparmor: force complain-mode for apparmor on certain upgrades. LP: #203528
  * debian/bind9.postrm: purge /etc/apparmor.d/force-complain/usr.sbin.named

bind9 (1:9.4.2-7) unstable; urgency=low

  [Jamie Strandboge]

  * Allow rw access to /var/lib/bind/* in apparmor-profile. LP: #201954

  [LaMont Jones]

  * Drop root-delegation comments from named.conf. Closes: #217829, #297219

 -- LaMont Jones <email address hidden> Fri, 04 Apr 2008 11:44:26 +0100

Ubuntu Edgy Eft is no longer supported, so a SRU will not be issued for this release. Marking Edgy as Won't Fix.

Based on my previous comments, I am marking this bug as Won't Fix. It has negligible impact on Ubuntu.