Ubuntu
bind9 package

bind9 1:9.10.3.dfsg.P4-12.5ubuntu1 source package in Ubuntu

Changelog

bind9 (1:9.10.3.dfsg.P4-12.5ubuntu1) artful; urgency=medium

  * Merge with Debian unstable (LP: #1701687). Remaining changes:
    - Add RemainAfterExit to bind9-resolvconf unit configuration file
      (LP #1536181).
    - rules: Fix path to libsofthsm2.so. (LP #1685780)
  * Drop:
    - SECURITY UPDATE: denial of service via assertion failure
      + debian/patches/CVE-2016-2776.patch: properly handle lengths in
        lib/dns/message.c.
      + CVE-2016-2776
      + [Fixed in Debian 1:9.10.3.dfsg.P4-11]
    - SECURITY UPDATE: assertion failure via class mismatch
      + debian/patches/CVE-2016-9131.patch: properly handle certain TKEY
        records in lib/dns/resolver.c.
      + CVE-2016-9131
      + [Fixed in Debian 1:9.10.3.dfsg.P4-11]
    - SECURITY UPDATE: assertion failure via inconsistent DNSSEC information
      + debian/patches/CVE-2016-9147.patch: fix logic when records are
        returned without the requested data in lib/dns/resolver.c.
      + CVE-2016-9147
      + [Fixed in Debian 1:9.10.3.dfsg.P4-11]
    - SECURITY UPDATE: assertion failure via unusually-formed DS record
      + debian/patches/CVE-2016-9444.patch: handle missing RRSIGs in
        lib/dns/message.c, lib/dns/resolver.c.
      + CVE-2016-9444
      + [Fixed in Debian 1:9.10.3.dfsg.P4-11]
    - SECURITY UPDATE: regression in CVE-2016-8864
      + debian/patches/rt43779.patch: properly handle CNAME -> DNAME in
        responses in lib/dns/resolver.c, added tests to
        bin/tests/system/dname/ns2/example.db,
        bin/tests/system/dname/tests.sh.
      + No CVE number
      + [Fixed in Debian 1:9.10.3.dfsg.P4-11 and 1:9.10.3.dfsg.P4-12]
    - SECURITY UPDATE: Combining dns64 and rpz can result in dereferencing
      a NULL pointer
      + debian/patches/CVE-2017-3135.patch: properly handle dns64 and rpz
        combination in bin/named/query.c, lib/dns/message.c,
        lib/dns/rdataset.c.
      + CVE-2017-3135
      + [Fixed in Debian 1:9.10.3.dfsg.P4-12]
    - SECURITY UPDATE: regression in CVE-2016-8864
      + debian/patches/rt44318.patch: synthesised CNAME before matching DNAME
        was still being cached when it should have been in lib/dns/resolver.c,
        added tests to bin/tests/system/dname/ans3/ans.pl,
        bin/tests/system/dname/ns1/root.db, bin/tests/system/dname/tests.sh.
      + No CVE number
      + [Fixed in Debian 1:9.10.3.dfsg.P4-12]
    - SECURITY UPDATE: Denial of Service due to an error handling
      synthesized records when using DNS64 with "break-dnssec yes;"
      + debian/patches/CVE-2017-3136.patch: reset noqname if query_dns64()
        called.
      + CVE-2017-3136
      + [Fixed in Debian 1:9.10.3.dfsg.P4-12.3]
    - SECURITY UPDATE: Denial of Service due to resolver terminating when
      processing a response packet containing a CNAME or DNAME
      + debian/patches/CVE-2017-3137.patch: don't expect a specific
        ordering of answer components; add testcases.
      + CVE-2017-3137
      + [Fixed in Debian 1:9.10.3.dfsg.P4-12.3 with 3 patch files]
    - SECURITY UPDATE: Denial of Service when receiving a null command on
      the control channel
      + debian/patches/CVE-2017-3138.patch: don't throw an assert if no
        command token is given; add testcase.
      + CVE-2017-3138
      + [Fixed in Debian 1:9.10.3.dfsg.P4-12.3]
    - SECURITY UPDATE: TSIG authentication issues
      + debian/patches/CVE-2017-3042,3043.patch: fix TSIG logic in
        lib/dns/dnssec.c, lib/dns/message.c, lib/dns/tsig.c.
      + CVE-2017-3142
      + CVE-2017-3143
      + [Fixed in Debian 1:9.10.3.dfsg.P4-12.4]
  * d/p/CVE-2016-8864-regression-test.patch: tests for the regression
    introduced with the CVE-2016-8864.patch and fixed in
    CVE-2016-8864-regression.patch.
  * d/p/CVE-2016-8864-regression2-test.patch: tests for the second
    regression (RT #44318) introduced with the CVE-2016-8864.patch
    and fixed in CVE-2016-8864-regression2.patch.
  * d/control, d/rules: add json support for the statistics channels.
    (LP: #1669193)

 -- Andreas Hasenack <email address hidden>  Fri, 11 Aug 2017 17:12:09 -0300

Upload details

Uploaded by:
Andreas Hasenack
Sponsored by:
Nish Aravamudan
Uploaded to:
Artful
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
bind9_9.10.3.dfsg.P4.orig.tar.gz 8.2 MiB 895077c868d06eea39c1526624f2278a3b51a3358b5aa50f48a0f1c16a7ab6e6
bind9_9.10.3.dfsg.P4-12.5ubuntu1.debian.tar.xz 87.6 KiB fc811c7ce7299ce9230ed580ba114b20fd2e2b6eb5ebe932ce660faba45d4ad2
bind9_9.10.3.dfsg.P4-12.5ubuntu1.dsc 3.5 KiB 6e42852d4621fcb4717c4a4e5fef27b36b0c2fde8c449811e92535881ad6c597

View changes file

Binary packages built by this source

bind9: No summary available for bind9 in ubuntu artful.

No description available for bind9 in ubuntu artful.

bind9-dbgsym: No summary available for bind9-dbgsym in ubuntu artful.

No description available for bind9-dbgsym in ubuntu artful.

bind9-doc: No summary available for bind9-doc in ubuntu artful.

No description available for bind9-doc in ubuntu artful.

bind9-host: No summary available for bind9-host in ubuntu artful.

No description available for bind9-host in ubuntu artful.

bind9-host-dbgsym: No summary available for bind9-host-dbgsym in ubuntu artful.

No description available for bind9-host-dbgsym in ubuntu artful.

bind9utils: No summary available for bind9utils in ubuntu artful.

No description available for bind9utils in ubuntu artful.

bind9utils-dbgsym: No summary available for bind9utils-dbgsym in ubuntu artful.

No description available for bind9utils-dbgsym in ubuntu artful.

dnsutils: No summary available for dnsutils in ubuntu artful.

No description available for dnsutils in ubuntu artful.

dnsutils-dbgsym: No summary available for dnsutils-dbgsym in ubuntu artful.

No description available for dnsutils-dbgsym in ubuntu artful.

host: No summary available for host in ubuntu artful.

No description available for host in ubuntu artful.

libbind-dev: No summary available for libbind-dev in ubuntu artful.

No description available for libbind-dev in ubuntu artful.

libbind-export-dev: No summary available for libbind-export-dev in ubuntu artful.

No description available for libbind-export-dev in ubuntu artful.

libbind9-140: No summary available for libbind9-140 in ubuntu artful.

No description available for libbind9-140 in ubuntu artful.

libbind9-140-dbgsym: No summary available for libbind9-140-dbgsym in ubuntu artful.

No description available for libbind9-140-dbgsym in ubuntu artful.

libdns-export162: No summary available for libdns-export162 in ubuntu artful.

No description available for libdns-export162 in ubuntu artful.

libdns-export162-dbgsym: No summary available for libdns-export162-dbgsym in ubuntu artful.

No description available for libdns-export162-dbgsym in ubuntu artful.

libdns-export162-udeb: No summary available for libdns-export162-udeb in ubuntu artful.

No description available for libdns-export162-udeb in ubuntu artful.

libdns162: No summary available for libdns162 in ubuntu artful.

No description available for libdns162 in ubuntu artful.

libdns162-dbgsym: No summary available for libdns162-dbgsym in ubuntu artful.

No description available for libdns162-dbgsym in ubuntu artful.

libirs-export141: No summary available for libirs-export141 in ubuntu artful.

No description available for libirs-export141 in ubuntu artful.

libirs-export141-dbgsym: No summary available for libirs-export141-dbgsym in ubuntu artful.

No description available for libirs-export141-dbgsym in ubuntu artful.

libirs-export141-udeb: No summary available for libirs-export141-udeb in ubuntu artful.

No description available for libirs-export141-udeb in ubuntu artful.

libirs141: No summary available for libirs141 in ubuntu artful.

No description available for libirs141 in ubuntu artful.

libirs141-dbgsym: No summary available for libirs141-dbgsym in ubuntu artful.

No description available for libirs141-dbgsym in ubuntu artful.

libisc-export160: No summary available for libisc-export160 in ubuntu artful.

No description available for libisc-export160 in ubuntu artful.

libisc-export160-dbgsym: No summary available for libisc-export160-dbgsym in ubuntu artful.

No description available for libisc-export160-dbgsym in ubuntu artful.

libisc-export160-udeb: No summary available for libisc-export160-udeb in ubuntu artful.

No description available for libisc-export160-udeb in ubuntu artful.

libisc160: No summary available for libisc160 in ubuntu artful.

No description available for libisc160 in ubuntu artful.

libisc160-dbgsym: No summary available for libisc160-dbgsym in ubuntu artful.

No description available for libisc160-dbgsym in ubuntu artful.

libisccc-export140: No summary available for libisccc-export140 in ubuntu artful.

No description available for libisccc-export140 in ubuntu artful.

libisccc-export140-dbgsym: No summary available for libisccc-export140-dbgsym in ubuntu artful.

No description available for libisccc-export140-dbgsym in ubuntu artful.

libisccc-export140-udeb: No summary available for libisccc-export140-udeb in ubuntu artful.

No description available for libisccc-export140-udeb in ubuntu artful.

libisccc140: No summary available for libisccc140 in ubuntu artful.

No description available for libisccc140 in ubuntu artful.

libisccc140-dbgsym: No summary available for libisccc140-dbgsym in ubuntu artful.

No description available for libisccc140-dbgsym in ubuntu artful.

libisccfg-export140: No summary available for libisccfg-export140 in ubuntu artful.

No description available for libisccfg-export140 in ubuntu artful.

libisccfg-export140-dbgsym: No summary available for libisccfg-export140-dbgsym in ubuntu artful.

No description available for libisccfg-export140-dbgsym in ubuntu artful.

libisccfg-export140-udeb: No summary available for libisccfg-export140-udeb in ubuntu artful.

No description available for libisccfg-export140-udeb in ubuntu artful.

libisccfg140: No summary available for libisccfg140 in ubuntu artful.

No description available for libisccfg140 in ubuntu artful.

libisccfg140-dbgsym: No summary available for libisccfg140-dbgsym in ubuntu artful.

No description available for libisccfg140-dbgsym in ubuntu artful.

liblwres141: No summary available for liblwres141 in ubuntu artful.

No description available for liblwres141 in ubuntu artful.

liblwres141-dbgsym: No summary available for liblwres141-dbgsym in ubuntu artful.

No description available for liblwres141-dbgsym in ubuntu artful.

lwresd: No summary available for lwresd in ubuntu artful.

No description available for lwresd in ubuntu artful.

lwresd-dbgsym: No summary available for lwresd-dbgsym in ubuntu artful.

No description available for lwresd-dbgsym in ubuntu artful.