Ubuntu
bind9 package

Merge bind9 from Debian unstable for noble

Bug #2040359 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
bind-dyndb-ldap (Ubuntu)
Fix Released
Undecided
Lena Voytek
Ubuntu ubuntu-24.01
bind9 (Ubuntu)
Fix Released
Undecided
Lena Voytek
Ubuntu ubuntu-24.01

Bug Description

Upstream: 9.18.19
Debian: 1:9.19.17-1
Ubuntu: 1:9.18.18-0ubuntu2

Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle.

If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.

### New Debian Changes ###

bind9 (1:9.19.17-1) unstable; urgency=medium

  * New upstream version 9.19.17
   - CVE-2023-3341: A stack exhaustion flaw in control channel code may
     cause named to terminate unexpectedly (Closes: #1052416)
   - CVE-2023-4236: named may terminate unexpectedly under high
     DNS-over-TLS query load (Closes: #1052417)

 -- Ondřej Surý <email address hidden> Wed, 20 Sep 2023 18:13:07 +0200

bind9 (1:9.19.16-1) experimental; urgency=medium

  * New upstream version 9.19.16

 -- Ondřej Surý <email address hidden> Wed, 16 Aug 2023 17:54:24 +0200

bind9 (1:9.19.15-1) experimental; urgency=medium

  * New upstream version 9.19.15

 -- Ondřej Surý <email address hidden> Wed, 19 Jul 2023 14:16:46 +0200

bind9 (1:9.19.14-1) experimental; urgency=medium

  * New upstream version 9.19.14

 -- Ondřej Surý <email address hidden> Wed, 21 Jun 2023 21:00:01 +0200

bind9 (1:9.19.13-1) experimental; urgency=medium

  * New upstream version 9.19.13

 -- Ondřej Surý <email address hidden> Wed, 17 May 2023 17:50:48 +0200

bind9 (1:9.19.12-2) experimental; urgency=medium

  * Add liburcu-dev to Build-Depends

 -- Ondřej Surý <email address hidden> Thu, 20 Apr 2023 14:24:06 +0200

bind9 (1:9.19.12-1) experimental; urgency=medium

  * New upstream version 9.19.12

 -- Ondřej Surý <email address hidden> Wed, 19 Apr 2023 15:01:59 +0200

bind9 (1:9.19.11-1) experimental; urgency=medium

  * New upstream version 9.19.11
  * Update the d/bind9-dev.install, d/bind9.install and d/not-installed
    after library squash

 -- Ondřej Surý <email address hidden> Wed, 15 Mar 2023 18:27:20 +0100

bind9 (1:9.19.10-1) experimental; urgency=medium

  * New upstream version 9.19.10
  * Drop libtool-bin from B-D (Closes: #1022968)

 -- Ondřej Surý <email address hidden> Fri, 10 Feb 2023 15:16:29 +0100

bind9 (1:9.19.9-2) experimental; urgency=medium

  * Allow the named to use systemd notify service

 -- Ondřej Surý <email address hidden> Thu, 26 Jan 2023 21:18:35 +0100

bind9 (1:9.19.9-1) experimental; urgency=medium

  * New upstream version 9.19.9

 -- Ondřej Surý <email address hidden> Wed, 25 Jan 2023 16:04:03 +0100

bind9 (1:9.19.8-1) experimental; urgency=medium

  * New upstream version 9.19.8

 -- Ondřej Surý <email address hidden> Wed, 21 Dec 2022 18:02:17 +0100

bind9 (1:9.19.7-1) experimental; urgency=medium

  * New upstream version 9.19.7

 -- Ondřej Surý <email address hidden> Wed, 16 Nov 2022 14:05:15 +0100

bind9 (1:9.19.6-2) experimental; urgency=medium

  * Use systemd notify for service readyness check (Closes: #994696)

 -- Bernhard Schmidt <email address hidden> Sun, 30 Oct 2022 00:14:05 +0200

bind9 (1:9.19.6-1) experimental; urgency=medium

  * New upstream version 9.19.6

 -- Ondřej Surý <email address hidden> Wed, 19 Oct 2022 15:06:31 +0200

bind9 (1:9.19.5-1) experimental; urgency=medium

  * New upstream version 9.19.5

### Old Ubuntu Delta ###

bind9 (1:9.18.18-0ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: DoS via recusive packet parsing
    - debian/patches/CVE-2023-3341.patch: add a max depth check to
      lib/isc/include/isc/result.h, lib/isc/result.c, lib/isccc/cc.c.
    - CVE-2023-3341
  * SECURITY UPDATE: Dos via DNS-over-TLS queries
    - debian/patches/CVE-2023-4236.patch: check return code in
      lib/isc/netmgr/tlsdns.c.
    - CVE-2023-4236

 -- Marc Deslauriers <email address hidden> Wed, 20 Sep 2023 12:45:21 -0400

bind9 (1:9.18.18-0ubuntu1) mantic; urgency=medium

  * New upstream release 9.18.18 (LP: #2034367)
    - Updates:
      + Mark a primary server as temporarily unreachable when a TCP connection
        response to an SOA query times out, matching behavior of a refused TCP
        connection.
      + Mark dialup and heartbeat-interval options as deprecated.
      + Retry DNS queries without an EDNS COOKIE when the first response is
        FORMERR with the EDNS COOKIE that was sent originally.
      + Use NS records for the relaxed QNAME minimization mode to reduce the
        number of queries from named.
    - Bug Fixes:
      + Fix assertion failure from processing already-queued queries while
        server is being reconfigured or cache is being flushed.
      + Fix failure to load zones containing resource records with a TTL value
        larger than 86400 seconds when dnssec-policy is set to insecure.
      + Fix the ability to read HMAC-MD5 key files (LP: #2015176).
      + Fix stability issues with the catalog zone implementation.
    - See https://bind9.readthedocs.io/en/v9.18.18/notes.html for additional
      information.

 -- Lena Voytek <email address hidden> Tue, 05 Sep 2023 13:20:06 -0700

bind9 (1:9.18.16-1ubuntu4) mantic; urgency=medium

  * d/t/dyndb-ldap: allow writing to the dns tree (LP: #2034250)

 -- Andreas Hasenack <email address hidden> Tue, 05 Sep 2023 10:20:27 -0300

bind9 (1:9.18.16-1ubuntu3) mantic; urgency=medium

  * d/t/control: exclude the i386 architecture for the dyndb-ldap test,
    since bind9-dyndb-ldap is not available there on Ubuntu
  * d/t/dyndb-ldap: fix for the ldap bind9 dn entry

 -- Andreas Hasenack <email address hidden> Wed, 30 Aug 2023 10:14:04 -0300

bind9 (1:9.18.16-1ubuntu2) mantic; urgency=medium

  * d/t/control, d/t/dyndb-ldap: add DEP8 test (LP: #2032650)

 -- Andreas Hasenack <email address hidden> Tue, 22 Aug 2023 09:24:02 -0300

bind9 (1:9.18.16-1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2018050). Remaining changes:
    - Don't build dnstap as it depends on universe packages:
      + d/control: drop build-depends on libfstrm-dev, libprotobuf-c-dev and
        protobuf-c-compiler (universe packages)
      + d/dnsutils.install: don't install dnstap
      + d/rules: don't build dnstap nor install dnstap.proto
    - Add back apport:
      + d/bind9.apport: add back old bind9 apport hook, but without calling
        attach_conffiles() since that is already done by apport itself, with
        confirmation from the user.
      + d/control, d/rules: build-depends on dh-apport and use it
    - d/control: remove optional libjemalloc-dev Build-Depends as it is not in
      main.
    - d/NEWS: mention relevant packaging changes
    - Improve dep-8 test suite (LP #2003584):
      + d/t/zonetest: Add dep8 test for checking the domain zone creation
        process
      + d/t/control: Add new test outline
  * Added Changes:
    - d/po/de.po: Fix German UTF-8 encoding
    - d/copyright: Fix lintian warnings
      + Remove the entry for lib/isc/hp.c lib/isc/include/isc/hp.h as they were
        deleted in 9.18.2
      + Remove the entry for lib/isc/include/pkcs11/pkcs11.h as it is no longer
        bundled as of 9.17.19
      + Update the location of random_test.c and add info about its public
        domain section
      + Add wildcards to folders as needed
      + Note that m4/ uses the FSFAP license
    - d/control: Remove lsb-base dependency as it is no longer needed
      + See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019851

 -- Lena Voytek <email address hidden> Mon, 26 Jun 2023 14:25:50 -0700

Related branches

~lvoytek/ubuntu/+source/bind9:merge-lp2040359-noble
git-ubuntu bot: Approve
Andreas Hasenack: Approve
Canonical Server Reporter: Pending requested
Diff: 126176 lines (+40934/-33965)
656 files modified
CHANGES (+120/-0)
CONTRIBUTING.md (+1/-16)
ChangeLog (+120/-0)
Makefile.in (+8/-10)
NEWS (+120/-0)
README.md (+3/-11)
SECURITY.md (+35/-0)
aclocal.m4 (+325/-122)
ar-lib (+1/-1)
bin/Makefile.in (+6/-7)
bin/check/Makefile.in (+6/-7)
bin/confgen/Makefile.in (+6/-7)
bin/delv/Makefile.in (+6/-7)
bin/dig/Makefile.in (+6/-7)
bin/dig/dighost.c (+2/-0)
bin/dnssec/Makefile.in (+6/-7)
bin/dnssec/dnssec-signzone.c (+1/-1)
bin/named/Makefile.in (+6/-7)
bin/named/config.c (+2/-2)
bin/named/os.c (+11/-10)
bin/named/server.c (+21/-19)
bin/nsupdate/Makefile.in (+6/-7)
bin/nsupdate/nsupdate.c (+13/-2)
bin/plugins/Makefile.in (+6/-7)
bin/rndc/Makefile.in (+6/-7)
bin/rndc/rndc.rst (+3/-1)
bin/tests/Makefile.in (+6/-7)
bin/tests/system/Makefile.am (+52/-76)
bin/tests/system/Makefile.in (+420/-335)
bin/tests/system/README (+25/-10)
bin/tests/system/acl/ns2/named1.conf.in (+1/-1)
bin/tests/system/acl/ns2/named2.conf.in (+1/-1)
bin/tests/system/acl/ns2/named3.conf.in (+1/-1)
bin/tests/system/acl/ns2/named4.conf.in (+1/-1)
bin/tests/system/acl/ns2/named5.conf.in (+1/-1)
bin/tests/system/acl/tests.sh (+106/-53)
bin/tests/system/additional/ns1/named1.conf.in (+1/-1)
bin/tests/system/additional/ns1/named2.conf.in (+1/-1)
bin/tests/system/additional/ns1/named3.conf.in (+1/-1)
bin/tests/system/additional/ns1/named4.conf.in (+1/-1)
bin/tests/system/additional/tests.sh (+272/-246)
bin/tests/system/addzone/ns1/named.conf.in (+1/-1)
bin/tests/system/addzone/ns2/named1.conf.in (+2/-2)
bin/tests/system/addzone/ns2/named2.conf.in (+3/-3)
bin/tests/system/addzone/ns2/named3.conf.in (+4/-4)
bin/tests/system/addzone/ns3/named1.conf.in (+1/-1)
bin/tests/system/addzone/ns3/named2.conf.in (+1/-1)
bin/tests/system/addzone/tests.sh (+261/-260)
bin/tests/system/addzone/tests_rndc_deadlock.py (+1/-1)
bin/tests/system/allow-query/ns2/named01.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named02.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named03.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named04.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named05.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named06.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named07.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named08.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named09.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named10.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named11.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named12.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named21.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named22.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named23.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named24.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named25.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named26.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named27.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named28.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named29.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named30.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named31.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named32.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named33.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named34.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named40.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named53.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named54.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named55.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named56.conf.in (+1/-1)
bin/tests/system/allow-query/ns2/named57.conf.in (+1/-1)
bin/tests/system/allow-query/ns3/named1.conf.in (+1/-1)
bin/tests/system/allow-query/ns3/named2.conf.in (+1/-1)
bin/tests/system/allow-query/ns3/named3.conf.in (+1/-1)
bin/tests/system/allow-query/ns3/named4.conf.in (+1/-1)
bin/tests/system/allow-query/setup.sh (+4/-4)
bin/tests/system/allow-query/tests.sh (+209/-210)
bin/tests/system/allow-query/tests_sh_allow_query.py (+1/-1)
bin/tests/system/auth/tests.sh (+70/-72)
bin/tests/system/autosign/ns1/keygen.sh (+13/-13)
bin/tests/system/autosign/ns2/keygen.sh (+17/-19)
bin/tests/system/autosign/ns2/named.conf.in (+1/-1)
bin/tests/system/autosign/ns3/keygen.sh (+147/-147)
bin/tests/system/autosign/ns3/named.conf.in (+1/-1)
bin/tests/system/autosign/ns4/named.conf.in (+1/-1)
bin/tests/system/autosign/ns5/named.conf.in (+1/-1)
bin/tests/system/autosign/tests.sh (+544/-547)
bin/tests/system/builtin/ns1/named.conf.in (+1/-1)
bin/tests/system/builtin/ns2/named.conf.in (+1/-1)
bin/tests/system/builtin/ns3/named.conf.in (+1/-1)
bin/tests/system/builtin/tests.sh (+93/-54)
bin/tests/system/cacheclean/ns2/named.conf.in (+1/-1)
bin/tests/system/cacheclean/tests.sh (+61/-49)
bin/tests/system/case/tests.sh (+28/-30)
bin/tests/system/catz/ns1/named.conf.in (+1/-1)
bin/tests/system/catz/ns2/named1.conf.in (+1/-1)
bin/tests/system/catz/ns2/named2.conf.in (+1/-1)
bin/tests/system/catz/ns3/named.conf.in (+1/-1)
bin/tests/system/catz/ns4/named.conf.in (+1/-1)
bin/tests/system/catz/tests.sh (+925/-930)
bin/tests/system/cds/setup.sh (+24/-24)
bin/tests/system/cds/tests.sh (+35/-31)
bin/tests/system/chain/ns2/sign.sh (+5/-5)
bin/tests/system/chain/ns5/named.conf.in (+1/-1)
bin/tests/system/chain/prereq.sh (+31/-0)
bin/tests/system/chain/tests.sh (+129/-129)
bin/tests/system/checkconf/deprecated.conf (+7/-2)
bin/tests/system/checkconf/tests.sh (+405/-265)
bin/tests/system/checkds/ns1/setup.sh (+6/-6)
bin/tests/system/checkds/ns2/named.conf.in (+1/-1)
bin/tests/system/checkds/ns2/setup.sh (+10/-11)
bin/tests/system/checkds/ns3/named.conf.in (+1/-1)
bin/tests/system/checkds/ns5/named.conf.in (+1/-1)
bin/tests/system/checkds/ns5/setup.sh (+4/-4)
bin/tests/system/checkds/ns6/named.conf.in (+1/-1)
bin/tests/system/checkds/ns7/named.conf.in (+1/-1)
bin/tests/system/checkds/ns9/named.conf.in (+1/-1)
bin/tests/system/checkds/ns9/setup.sh (+25/-27)
bin/tests/system/checkds/setup.sh (+8/-8)
bin/tests/system/checkds/tests_checkds.py (+5/-0)
bin/tests/system/checknames/tests.sh (+47/-47)
bin/tests/system/checkzone/setup.sh (+1/-1)
bin/tests/system/checkzone/tests.sh (+88/-90)
bin/tests/system/ckdnsrps.sh (+64/-59)
bin/tests/system/cleanall.sh (+7/-10)
bin/tests/system/conf.sh.common (+7/-7)
bin/tests/system/conf.sh.in (+9/-9)
bin/tests/system/conftest.py (+601/-572)
bin/tests/system/convert-junit-to-trs.py (+70/-0)
bin/tests/system/cookie/prereq.sh (+21/-0)
bin/tests/system/cookie/tests.sh (+207/-210)
bin/tests/system/custom-test-driver (+69/-42)
bin/tests/system/database/tests.sh (+10/-11)
bin/tests/system/dialup/tests.sh (+19/-23)
bin/tests/system/digdelv/ns2/named.conf.in (+1/-1)
bin/tests/system/digdelv/ns2/sign.sh (+5/-5)
bin/tests/system/digdelv/ns3/named.conf.in (+1/-1)
bin/tests/system/digdelv/prereq.sh (+26/-0)
bin/tests/system/digdelv/tests.sh (+639/-639)
bin/tests/system/dispatch/ns2/named.conf.in (+1/-1)
bin/tests/system/dlzexternal/driver/Makefile.am (+1/-1)
bin/tests/system/dlzexternal/driver/Makefile.in (+16/-16)
bin/tests/system/dlzexternal/prereq.sh (+2/-2)
bin/tests/system/dlzexternal/setup.sh (+1/-1)
bin/tests/system/dlzexternal/tests.sh (+72/-72)
bin/tests/system/dns64/ns1/named.conf1.in (+1/-1)
bin/tests/system/dns64/ns1/named.conf2.in (+1/-1)
bin/tests/system/dns64/ns1/named.conf3.in (+1/-1)
bin/tests/system/dns64/ns1/sign.sh (+2/-2)
bin/tests/system/dns64/ns2/named.conf.in (+1/-1)
bin/tests/system/dns64/tests.sh (+484/-488)
bin/tests/system/dnssec/ns1/sign.sh (+10/-10)
bin/tests/system/dnssec/ns2/named.conf.in (+1/-1)
bin/tests/system/dnssec/ns2/sign.sh (+71/-73)
bin/tests/system/dnssec/ns3/named.conf.in (+1/-1)
bin/tests/system/dnssec/ns3/sign.sh (+161/-162)
bin/tests/system/dnssec/ns4/named1.conf.in (+1/-1)
bin/tests/system/dnssec/ns4/named2.conf.in (+1/-1)
bin/tests/system/dnssec/ns4/named3.conf.in (+1/-1)
bin/tests/system/dnssec/ns4/named4.conf.in (+1/-1)
bin/tests/system/dnssec/ns5/named1.conf.in (+1/-1)
bin/tests/system/dnssec/ns5/sign.sh (+6/-6)
bin/tests/system/dnssec/ns6/named.conf.in (+1/-1)
bin/tests/system/dnssec/ns6/sign.sh (+2/-2)
bin/tests/system/dnssec/ns7/named.conf.in (+1/-1)
bin/tests/system/dnssec/ns7/sign.sh (+3/-3)
bin/tests/system/dnssec/ns8/named.conf.in (+1/-1)
bin/tests/system/dnssec/prereq.sh (+26/-0)
bin/tests/system/dnssec/setup.sh (+11/-11)
bin/tests/system/dnssec/tests.sh (+2145/-2146)
bin/tests/system/dnstap/clean.sh (+1/-1)
bin/tests/system/dnstap/ns2/named.conf.in (+1/-1)
bin/tests/system/dnstap/ns3/named.conf.in (+1/-1)
bin/tests/system/dnstap/ns4/named.conf.in (+1/-1)
bin/tests/system/dnstap/prereq.sh (+2/-2)
bin/tests/system/dnstap/tests.sh (+446/-422)
bin/tests/system/dnstap/tests_dnstap.py (+1/-1)
bin/tests/system/doth/ns1/named.conf.in (+26/-1)
bin/tests/system/doth/ns2/named.conf.in (+2/-2)
bin/tests/system/doth/ns3/named.conf.in (+2/-2)
bin/tests/system/doth/ns4/named.conf.in (+2/-2)
bin/tests/system/doth/ns5/named.conf.in (+83/-0)
bin/tests/system/doth/prereq.sh (+2/-2)
bin/tests/system/doth/setup.sh (+8/-7)
bin/tests/system/doth/stress_http_quota.py (+2/-2)
bin/tests/system/doth/tests.sh (+354/-323)
bin/tests/system/dsdigest/ns1/sign.sh (+3/-3)
bin/tests/system/dsdigest/ns2/named.conf.in (+1/-1)
bin/tests/system/dsdigest/ns2/sign.sh (+6/-7)
bin/tests/system/dsdigest/ns3/named.conf.in (+1/-1)
bin/tests/system/dsdigest/ns4/named.conf.in (+1/-1)
bin/tests/system/dsdigest/tests.sh (+11/-11)
bin/tests/system/dupsigs/ns1/reset_keys.sh (+3/-4)
bin/tests/system/dupsigs/setup.sh (+4/-1)
bin/tests/system/dupsigs/tests.sh (+19/-20)
bin/tests/system/dyndb/driver/Makefile.am (+1/-1)
bin/tests/system/dyndb/driver/Makefile.in (+16/-16)
bin/tests/system/dyndb/prereq.sh (+3/-3)
bin/tests/system/dyndb/tests.sh (+74/-76)
bin/tests/system/ecdsa/ns1/sign.sh (+17/-17)
bin/tests/system/ecdsa/ns2/named.conf.in (+1/-1)
bin/tests/system/ecdsa/ns3/named.conf.in (+1/-1)
bin/tests/system/ecdsa/setup.sh (+4/-4)
bin/tests/system/ecdsa/tests.sh (+21/-21)
bin/tests/system/eddsa/ns1/sign.sh (+17/-17)
bin/tests/system/eddsa/ns2/named.conf.in (+1/-1)
bin/tests/system/eddsa/ns2/sign.sh (+6/-7)
bin/tests/system/eddsa/ns3/named.conf.in (+1/-1)
bin/tests/system/eddsa/ns3/sign.sh (+6/-7)
bin/tests/system/eddsa/prereq.sh (+2/-2)
bin/tests/system/eddsa/setup.sh (+8/-8)
bin/tests/system/eddsa/tests.sh (+50/-50)
bin/tests/system/ednscompliance/tests.sh (+109/-34)
bin/tests/system/emptyzones/tests.sh (+5/-5)
bin/tests/system/enginepkcs11/prereq.sh (+1/-1)
bin/tests/system/enginepkcs11/setup.sh (+80/-83)
bin/tests/system/enginepkcs11/tests.sh (+115/-118)
bin/tests/system/fetchlimit/prereq.sh (+21/-0)
bin/tests/system/fetchlimit/tests.sh (+99/-90)
bin/tests/system/filter-aaaa/ns1/sign.sh (+4/-4)
bin/tests/system/filter-aaaa/ns4/sign.sh (+3/-3)
bin/tests/system/filter-aaaa/tests.sh (+500/-515)
bin/tests/system/formerr/tests.sh (+12/-12)
bin/tests/system/forward/ns1/sign.sh (+3/-3)
bin/tests/system/forward/prereq.sh (+26/-0)
bin/tests/system/forward/setup.sh (+2/-2)
bin/tests/system/forward/tests.sh (+159/-159)
bin/tests/system/genzone.sh (+2/-3)
bin/tests/system/geoip2/prereq.sh (+2/-2)
bin/tests/system/geoip2/setup.sh (+2/-2)
bin/tests/system/geoip2/tests.sh (+103/-116)
bin/tests/system/get_core_dumps.sh (+33/-33)
bin/tests/system/get_ports.sh (+23/-20)
bin/tests/system/glue/tests.sh (+1/-1)
bin/tests/system/hooks/driver/Makefile.am (+1/-1)
bin/tests/system/hooks/driver/Makefile.in (+16/-16)
bin/tests/system/host/tests.sh (+33/-33)
bin/tests/system/idna/tests.sh (+247/-251)
bin/tests/system/ifconfig.sh.in (+195/-197)
bin/tests/system/include-multiplecfg/setup.sh (+1/-1)
bin/tests/system/include-multiplecfg/tests.sh (+13/-10)
bin/tests/system/inline/clean.sh (+13/-13)
bin/tests/system/inline/ns1/sign.sh (+2/-2)
bin/tests/system/inline/ns2/named.conf.in (+1/-1)
bin/tests/system/inline/ns3/named.conf.in (+1/-1)
bin/tests/system/inline/ns3/sign.sh (+37/-40)
bin/tests/system/inline/ns5/named.conf.post (+1/-1)
bin/tests/system/inline/ns5/named.conf.pre (+1/-1)
bin/tests/system/inline/ns6/named.conf.in (+2/-2)
bin/tests/system/inline/ns7/named.conf.in (+1/-1)
bin/tests/system/inline/ns8/named.conf.in (+1/-1)
bin/tests/system/inline/ns8/sign.sh (+4/-5)
bin/tests/system/inline/setup.sh (+16/-4)
bin/tests/system/inline/tests.sh (+550/-550)
bin/tests/system/integrity/ns1/named.conf.in (+1/-1)
bin/tests/system/integrity/tests.sh (+36/-36)
bin/tests/system/isctest/__init__.py (+2/-3)
bin/tests/system/isctest/check.py (+34/-0)
bin/tests/system/isctest/query.py (+35/-0)
bin/tests/system/ixfr/prereq.sh (+21/-0)
bin/tests/system/ixfr/setup.sh (+16/-16)
bin/tests/system/ixfr/tests.sh (+95/-94)
bin/tests/system/journal/setup.sh (+1/-1)
bin/tests/system/journal/tests.sh (+52/-54)
bin/tests/system/kasp.sh (+902/-905)
bin/tests/system/kasp/clean.sh (+1/-0)
bin/tests/system/kasp/ns3/named-fips.conf.in (+21/-0)
bin/tests/system/kasp/ns3/setup.sh (+396/-378)
bin/tests/system/kasp/ns4/setup.sh (+6/-7)
bin/tests/system/kasp/ns5/setup.sh (+6/-7)
bin/tests/system/kasp/ns6/setup.sh (+187/-188)
bin/tests/system/kasp/setup.sh (+21/-23)
bin/tests/system/kasp/tests.sh (+1252/-1235)
bin/tests/system/keepalive/ns2/named.conf.in (+1/-1)
bin/tests/system/keepalive/ns3/named.conf.in (+1/-1)
bin/tests/system/keepalive/tests.sh (+20/-20)
bin/tests/system/keyfromlabel/prereq.sh (+1/-1)
bin/tests/system/keyfromlabel/setup.sh (+1/-1)
bin/tests/system/keyfromlabel/tests.sh (+58/-60)
bin/tests/system/keymgr2kasp/clean.sh (+0/-1)
bin/tests/system/keymgr2kasp/ns3/setup.sh (+56/-56)
bin/tests/system/keymgr2kasp/ns4/setup.sh (+5/-5)
bin/tests/system/keymgr2kasp/setup.sh (+4/-4)
bin/tests/system/keymgr2kasp/tests.sh (+301/-304)
bin/tests/system/legacy.run.sh.in (+124/-185)
bin/tests/system/legacy/ns6/sign.sh (+3/-3)
bin/tests/system/legacy/ns7/sign.sh (+4/-4)
bin/tests/system/legacy/tests.sh (+94/-94)
bin/tests/system/limits/tests.sh (+10/-10)
bin/tests/system/logfileconfig/named1.args (+1/-1)
bin/tests/system/logfileconfig/named2.args (+1/-1)
bin/tests/system/logfileconfig/tests.sh (+119/-123)
bin/tests/system/masterfile/ns2/named.conf.in (+1/-1)
bin/tests/system/masterfile/tests.sh (+5/-5)
bin/tests/system/masterformat/ns1/compile.sh (+11/-11)
bin/tests/system/masterformat/setup.sh (+1/-1)
bin/tests/system/masterformat/tests.sh (+117/-118)
bin/tests/system/metadata/setup.sh (+12/-13)
bin/tests/system/metadata/tests.sh (+40/-40)
bin/tests/system/mirror/ns1/sign.sh (+7/-7)
bin/tests/system/mirror/ns2/sign.sh (+35/-35)
bin/tests/system/mirror/ns3/named.conf.in (+1/-1)
bin/tests/system/mirror/setup.sh (+3/-3)
bin/tests/system/mirror/tests.sh (+194/-194)
bin/tests/system/mkeys/ns1/sign.sh (+12/-12)
bin/tests/system/mkeys/ns2/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns3/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns4/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns4/sign.sh (+2/-2)
bin/tests/system/mkeys/ns5/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns6/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns6/setup.sh (+1/-1)
bin/tests/system/mkeys/ns7/named.conf.in (+2/-2)
bin/tests/system/mkeys/setup.sh (+5/-5)
bin/tests/system/mkeys/tests.sh (+275/-241)
bin/tests/system/names/tests.sh (+14/-11)
bin/tests/system/notify/ns2/named.conf.in (+1/-1)
bin/tests/system/notify/ns3/named.conf.in (+1/-1)
bin/tests/system/notify/ns4/named.conf.in (+1/-1)
bin/tests/system/notify/tests.sh (+59/-62)
bin/tests/system/nsec3/ns3/setup.sh (+32/-32)
bin/tests/system/nsec3/setup.sh (+4/-4)
bin/tests/system/nsec3/tests.sh (+217/-219)
bin/tests/system/nslookup/tests.sh (+46/-46)
bin/tests/system/nsupdate/krb/setup.sh (+2/-3)
bin/tests/system/nsupdate/ns3/sign.sh (+3/-3)
bin/tests/system/nsupdate/prereq.sh (+21/-0)
bin/tests/system/nsupdate/setup.sh (+28/-25)
bin/tests/system/nsupdate/tests.sh (+1156/-764)
bin/tests/system/nzd2nzf/prereq.sh (+2/-2)
bin/tests/system/nzd2nzf/tests.sh (+22/-22)
bin/tests/system/padding/ns2/named.conf.in (+1/-1)
bin/tests/system/padding/ns3/named.conf.in (+1/-1)
bin/tests/system/padding/ns4/named.conf.in (+1/-1)
bin/tests/system/padding/tests.sh (+37/-31)
bin/tests/system/parallel.sh (+4/-4)
bin/tests/system/pending/ns1/sign.sh (+4/-4)
bin/tests/system/pending/ns2/named.conf.in (+1/-1)
bin/tests/system/pending/ns2/sign.sh (+8/-8)
bin/tests/system/pending/ns3/named.conf.in (+1/-1)
bin/tests/system/pending/ns4/named.conf.in (+1/-1)
bin/tests/system/pending/tests.sh (+18/-19)
bin/tests/system/pipelined/ns2/named.conf.in (+1/-1)
bin/tests/system/pipelined/ns3/named.conf.in (+1/-1)
bin/tests/system/pipelined/ns4/named.conf.in (+1/-1)
bin/tests/system/pipelined/tests.sh (+31/-19)
bin/tests/system/pytest_custom_markers.py (+18/-0)
bin/tests/system/qmin/ns5/named.conf.in (+1/-1)
bin/tests/system/qmin/ns6/named.conf.in (+1/-1)
bin/tests/system/qmin/ns7/named.conf.in (+1/-1)
bin/tests/system/qmin/prereq.sh (+21/-0)
bin/tests/system/qmin/tests.sh (+175/-175)
bin/tests/system/qmin/tests_sh_qmin.py (+4/-0)
bin/tests/system/reclimit/prereq.sh (+26/-0)
bin/tests/system/reclimit/tests.sh (+103/-88)
bin/tests/system/reclimit/tests_sh_reclimit.py (+4/-0)
bin/tests/system/redirect/ns1/sign.sh (+4/-4)
bin/tests/system/redirect/ns2/named.conf.in (+1/-1)
bin/tests/system/redirect/ns3/sign.sh (+4/-4)
bin/tests/system/redirect/ns5/sign.sh (+8/-8)
bin/tests/system/redirect/setup.sh (+3/-3)
bin/tests/system/redirect/tests.sh (+190/-192)
bin/tests/system/resolver/ns6/keygen.sh (+5/-5)
bin/tests/system/resolver/prereq.sh (+21/-0)
bin/tests/system/resolver/tests.sh (+525/-492)
bin/tests/system/rndc/ns2/named.conf.in (+1/-1)
bin/tests/system/rndc/ns3/named.conf.in (+1/-1)
bin/tests/system/rndc/ns5/named.conf.in (+1/-1)
bin/tests/system/rndc/setup.sh (+8/-8)
bin/tests/system/rndc/tests.sh (+352/-337)
bin/tests/system/rndc/tests_cve-2023-3341.py (+57/-0)
bin/tests/system/rootkeysentinel/ns1/sign.sh (+4/-4)
bin/tests/system/rootkeysentinel/ns2/sign.sh (+11/-11)
bin/tests/system/rootkeysentinel/tests.sh (+104/-104)
bin/tests/system/rpz/clean.sh (+22/-19)
bin/tests/system/rpz/qperf.sh (+5/-5)
bin/tests/system/rpz/setup.sh (+37/-31)
bin/tests/system/rpz/tests.sh (+546/-536)
bin/tests/system/rpzextra/ns3/named.args (+1/-1)
bin/tests/system/rpzrecurse/ns3/named1.conf.in (+1/-1)
bin/tests/system/rpzrecurse/ns3/named2.conf.in (+1/-1)
bin/tests/system/rpzrecurse/ns3/named3.conf.in (+1/-1)
bin/tests/system/rpzrecurse/prereq.sh (+21/-0)
bin/tests/system/rpzrecurse/setup.sh (+31/-27)
bin/tests/system/rpzrecurse/tests.sh (+168/-162)
bin/tests/system/rrchecker/tests.sh (+54/-41)
bin/tests/system/rrl/clean.sh (+1/-1)
bin/tests/system/rrl/tests.sh (+143/-142)
bin/tests/system/rrl/tests_sh_rrl.py (+4/-0)
bin/tests/system/rrsetorder/ns3/named.conf.in (+1/-1)
bin/tests/system/rrsetorder/ns4/named.conf.in (+1/-1)
bin/tests/system/rrsetorder/ns5/named.conf.in (+1/-1)
bin/tests/system/rrsetorder/tests.sh (+209/-243)
bin/tests/system/rsabigexponent/bigkey.c (+3/-0)
bin/tests/system/rsabigexponent/ns1/sign.sh (+3/-3)
bin/tests/system/rsabigexponent/ns2/named.conf.in (+1/-1)
bin/tests/system/rsabigexponent/ns2/sign.sh (+4/-5)
bin/tests/system/rsabigexponent/ns3/named.conf.in (+1/-1)
bin/tests/system/rsabigexponent/tests.sh (+17/-19)
bin/tests/system/run.sh (+6/-3)
bin/tests/system/runall.sh (+33/-33)
bin/tests/system/runsequential.sh (+2/-3)
bin/tests/system/runtime/tests.sh (+108/-104)
bin/tests/system/serve-stale/ns1/root.db (+2/-0)
bin/tests/system/serve-stale/ns3/named.conf.in (+27/-8)
bin/tests/system/serve-stale/ns3/serve.stale.db (+18/-0)
bin/tests/system/serve-stale/ns6/named.conf.in (+44/-0)
bin/tests/system/serve-stale/ns6/serve.stale.db (+16/-0)
bin/tests/system/serve-stale/ns6/stale.db (+17/-0)
bin/tests/system/serve-stale/prereq.sh (+21/-0)
bin/tests/system/serve-stale/setup.sh (+2/-1)
bin/tests/system/serve-stale/tests.sh (+1290/-1236)
bin/tests/system/setup.sh (+10/-7)
bin/tests/system/sfcache/ns1/sign.sh (+5/-5)
bin/tests/system/sfcache/ns2/named.conf.in (+1/-1)
bin/tests/system/sfcache/ns2/sign.sh (+2/-2)
bin/tests/system/sfcache/ns5/named.conf.in (+1/-1)
bin/tests/system/sfcache/ns5/sign.sh (+1/-1)
bin/tests/system/sfcache/tests.sh (+40/-40)
bin/tests/system/shutdown/tests_shutdown.py (+3/-3)
bin/tests/system/smartsign/tests.sh (+181/-130)
bin/tests/system/sortlist/tests.sh (+9/-9)
bin/tests/system/spf/tests.sh (+12/-13)
bin/tests/system/start.pl (+6/-15)
bin/tests/system/staticstub/ns2/named.conf.in (+1/-1)
bin/tests/system/staticstub/ns3/sign.sh (+7/-7)
bin/tests/system/staticstub/ns4/sign.sh (+2/-2)
bin/tests/system/staticstub/setup.sh (+2/-2)
bin/tests/system/staticstub/tests.sh (+70/-74)
bin/tests/system/statistics/ns2/named.conf.in (+1/-1)
bin/tests/system/statistics/ns2/named2.conf.in (+1/-1)
bin/tests/system/statistics/prereq.sh (+21/-0)
bin/tests/system/statistics/tests.sh (+99/-99)
bin/tests/system/statschannel/clean.sh (+3/-1)
bin/tests/system/statschannel/conftest.py (+3/-11)
bin/tests/system/statschannel/generic.py (+109/-4)
bin/tests/system/statschannel/ns2/sign.sh (+10/-10)
bin/tests/system/statschannel/prereq.sh (+26/-0)
bin/tests/system/statschannel/setup.sh (+1/-1)
bin/tests/system/statschannel/tests.sh (+354/-269)
bin/tests/system/statschannel/tests_json.py (+5/-8)
bin/tests/system/statschannel/tests_xml.py (+5/-8)
bin/tests/system/stop.pl (+1/-1)
bin/tests/system/stopall.sh (+2/-3)
bin/tests/system/stress/clean.sh (+0/-6)
bin/tests/system/stress/ns2/named.conf.in (+27/-4)
bin/tests/system/stress/ns2/zone.template.db (+21/-0)
bin/tests/system/stress/ns3/named.conf.in (+30/-6)
bin/tests/system/stress/ns4/named.conf.in (+26/-4)
bin/tests/system/stress/prereq.sh (+21/-0)
bin/tests/system/stress/setup.sh (+5/-6)
bin/tests/system/stress/tests_stress_update.py (+79/-0)
bin/tests/system/stub/ns2/named.conf.in (+1/-1)
bin/tests/system/stub/ns3/named.conf.in (+1/-1)
bin/tests/system/stub/ns5/named.conf.in (+1/-1)
bin/tests/system/stub/tests.sh (+58/-46)
bin/tests/system/synthfromdnssec/ns1/sign.sh (+15/-15)
bin/tests/system/synthfromdnssec/setup.sh (+2/-2)
bin/tests/system/synthfromdnssec/tests.sh (+732/-743)
bin/tests/system/tcp/ns2/named.conf.in (+1/-1)
bin/tests/system/tcp/ns3/named.conf.in (+1/-1)
bin/tests/system/tcp/ns4/named.conf.in (+1/-1)
bin/tests/system/tcp/ns5/named.conf.in (+1/-1)
bin/tests/system/tcp/tests.sh (+32/-32)
bin/tests/system/testcrypto.sh (+58/-59)
bin/tests/system/testsummary.sh (+23/-23)
bin/tests/system/timeouts/ns1/named.conf.in (+1/-1)
bin/tests/system/timeouts/prereq.sh (+9/-11)
bin/tests/system/timeouts/setup.sh (+1/-1)
bin/tests/system/timeouts/tests_tcp_timeouts.py (+1/-0)
bin/tests/system/tkey/tests.sh (+93/-94)
bin/tests/system/tools/tests.sh (+78/-40)
bin/tests/system/transport-acl/ns1/named.conf.in (+1/-1)
bin/tests/system/transport-acl/setup.sh (+1/-1)
bin/tests/system/transport-acl/tests.sh (+20/-20)
bin/tests/system/tsig/setup.sh (+2/-3)
bin/tests/system/tsig/tests.sh (+187/-163)
bin/tests/system/tsiggss/prereq.sh (+3/-3)
bin/tests/system/tsiggss/setup.sh (+1/-1)
bin/tests/system/tsiggss/tests.sh (+73/-72)
bin/tests/system/ttl/ns1/named.conf.in (+1/-1)
bin/tests/system/unknown/setup.sh (+4/-1)
bin/tests/system/unknown/tests.sh (+118/-117)
bin/tests/system/upforwd/prereq.sh (+21/-0)
bin/tests/system/upforwd/setup.sh (+9/-12)
bin/tests/system/upforwd/tests.sh (+163/-122)
bin/tests/system/verify/tests.sh (+73/-75)
bin/tests/system/verify/zones/genzones.sh (+110/-110)
bin/tests/system/views/ns2/named1.conf.in (+1/-1)
bin/tests/system/views/ns2/named2.conf.in (+2/-2)
bin/tests/system/views/ns3/named1.conf.in (+1/-1)
bin/tests/system/views/ns3/named2.conf.in (+1/-1)
bin/tests/system/views/ns5/named.conf.in (+1/-1)
bin/tests/system/views/setup.sh (+6/-6)
bin/tests/system/views/tests.sh (+51/-43)
bin/tests/system/wildcard/ns1/sign.sh (+22/-22)
bin/tests/system/wildcard/ns2/named.conf.in (+1/-1)
bin/tests/system/wildcard/ns3/named.conf.in (+1/-1)
bin/tests/system/wildcard/ns5/named.conf.in (+1/-1)
bin/tests/system/wildcard/tests.sh (+112/-102)
bin/tests/system/xfer/ns1/named1.conf.in (+1/-1)
bin/tests/system/xfer/ns1/named2.conf.in (+1/-1)
bin/tests/system/xfer/ns1/named3.conf.in (+1/-1)
bin/tests/system/xfer/ns2/named.conf.in (+1/-1)
bin/tests/system/xfer/ns3/named.conf.in (+1/-1)
bin/tests/system/xfer/ns6/named.conf.in (+2/-2)
bin/tests/system/xfer/ns7/named.conf.in (+2/-2)
bin/tests/system/xfer/ns8/named.conf.in (+1/-1)
bin/tests/system/xfer/prereq.sh (+9/-5)
bin/tests/system/xfer/setup.sh (+3/-3)
bin/tests/system/xfer/tests.sh (+210/-211)
bin/tests/system/xferquota/ns2/named.conf.in (+1/-1)
bin/tests/system/xferquota/tests.sh (+19/-19)
bin/tests/system/zero/prereq.sh (+21/-0)
bin/tests/system/zero/setup.sh (+1/-1)
bin/tests/system/zero/tests.sh (+95/-67)
bin/tests/system/zonechecks/setup.sh (+10/-10)
bin/tests/system/zonechecks/tests.sh (+124/-129)
bin/tests/wire_test.c (+1/-1)
bin/tools/Makefile.in (+6/-7)
bin/tools/dnstap-read.c (+0/-13)
compile (+1/-1)
config.guess (+887/-613)
config.h.in (+81/-22)
config.sub (+1349/-1260)
configure (+8237/-5845)
configure.ac (+1/-24)
contrib/dlz/modules/common/dlz_dbi.c (+1/-1)
contrib/scripts/zone-edit.sh.in (+100/-108)
debian/changelog (+34/-0)
debian/patches/always-use-standard-library-stdatomic.patch (+27/-0)
debian/patches/series (+1/-2)
depcomp (+1/-1)
dev/null (+0/-33)
doc/Makefile.in (+6/-7)
doc/arm/Makefile.in (+6/-5)
doc/arm/conf.py (+39/-0)
doc/arm/notes.rst (+3/-0)
doc/arm/platforms.inc.rst (+9/-8)
doc/arm/reference.rst (+39/-9)
doc/arm/requirements.txt (+3/-3)
doc/arm/security.inc.rst (+50/-0)
doc/dnssec-guide/introduction.rst (+1/-1)
doc/dnssec-guide/validation.rst (+1/-1)
doc/man/Makefile.in (+6/-5)
doc/man/named.conf.5in (+6/-6)
doc/man/rndc.8in (+3/-1)
doc/misc/Makefile.in (+6/-7)
doc/misc/options (+6/-6)
doc/notes/notes-9.18.1.rst (+4/-4)
doc/notes/notes-9.18.11.rst (+3/-3)
doc/notes/notes-9.18.16.rst (+2/-2)
doc/notes/notes-9.18.19.rst (+96/-0)
doc/notes/notes-9.18.20.rst (+44/-0)
doc/notes/notes-9.18.21.rst (+31/-0)
doc/notes/notes-9.18.3.rst (+1/-1)
doc/notes/notes-9.18.7.rst (+5/-5)
fuzz/Makefile.in (+6/-7)
lib/Makefile.in (+6/-7)
lib/bind9/Makefile.in (+6/-7)
lib/bind9/check.c (+4/-0)
lib/dns/Makefile.in (+6/-7)
lib/dns/adb.c (+5/-5)
lib/dns/cache.c (+1/-0)
lib/dns/catz.c (+16/-0)
lib/dns/dst_api.c (+1/-1)
lib/dns/include/dns/catz.h (+3/-5)
lib/dns/include/dns/dispatch.h (+1/-1)
lib/dns/include/dns/message.h (+1/-1)
lib/dns/include/dns/rbt.h (+7/-0)
lib/dns/include/dns/rpz.h (+1/-4)
lib/dns/include/dns/stats.h (+1/-1)
lib/dns/master.c (+1/-1)
lib/dns/message.c (+1/-0)
lib/dns/ncache.c (+1/-1)
lib/dns/nsec3.c (+4/-4)
lib/dns/openssl_link.c (+1/-0)
lib/dns/opensslecdsa_link.c (+14/-5)
lib/dns/openssleddsa_link.c (+1/-1)
lib/dns/opensslrsa_link.c (+40/-18)
lib/dns/private.c (+4/-4)
lib/dns/rbt.c (+7/-0)
lib/dns/rbtdb.c (+70/-18)
lib/dns/rdata.c (+1/-1)
lib/dns/resolver.c (+14/-12)
lib/dns/rootns.c (+47/-6)
lib/dns/stats.c (+6/-4)
lib/dns/xfrin.c (+32/-11)
lib/dns/zone.c (+53/-54)
lib/irs/Makefile.in (+6/-7)
lib/isc/Makefile.in (+6/-7)
lib/isc/hmac.c (+6/-0)
lib/isc/httpd.c (+28/-12)
lib/isc/include/isc/atomic.h (+1/-1)
lib/isc/include/isc/endian.h (+17/-17)
lib/isc/include/isc/mem.h (+36/-0)
lib/isc/include/isc/net.h (+2/-2)
lib/isc/include/isc/radix.h (+1/-1)
lib/isc/include/isc/result.h (+1/-0)
lib/isc/iterated_hash.c (+6/-1)
lib/isc/jemalloc_shim.h (+4/-1)
lib/isc/md.c (+12/-2)
lib/isc/mem.c (+167/-17)
lib/isc/mem_p.h (+11/-0)
lib/isc/netaddr.c (+1/-1)
lib/isc/netmgr/http.c (+1/-0)
lib/isc/netmgr/tlsdns.c (+75/-2)
lib/isc/netmgr/udp.c (+3/-1)
lib/isc/netmgr/uv-compat.h (+1/-1)
lib/isc/result.c (+2/-0)
lib/isc/tls.c (+7/-1)
lib/isc/trampoline.c (+3/-2)
lib/isc/url.c (+3/-2)
lib/isccc/Makefile.in (+6/-7)
lib/isccc/cc.c (+29/-10)
lib/isccfg/Makefile.in (+6/-7)
lib/isccfg/namedconf.c (+5/-3)
lib/ns/Makefile.in (+6/-7)
lib/ns/client.c (+76/-33)
lib/ns/include/ns/client.h (+1/-0)
lib/ns/query.c (+20/-3)
lib/ns/server.c (+5/-0)
lib/ns/update.c (+9/-2)
lib/ns/xfrout.c (+1/-1)
ltmain.sh (+512/-315)
m4/libtool.m4 (+131/-98)
m4/ltoptions.m4 (+2/-2)
m4/ltsugar.m4 (+1/-1)
m4/ltversion.m4 (+7/-6)
m4/lt~obsolete.m4 (+2/-2)
missing (+1/-1)
srcid (+1/-1)
test-driver (+7/-4)
tests/Makefile.in (+6/-7)
tests/dns/Makefile.am (+10/-2)
tests/dns/Makefile.in (+41/-23)
tests/dns/rdata_test.c (+28/-0)
tests/irs/Makefile.in (+6/-7)
tests/isc/Makefile.in (+6/-7)
tests/isc/hmac_test.c (+1/-1)
tests/isc/netmgr_test.c (+3/-3)
tests/isccfg/Makefile.in (+6/-7)
tests/libtest/Makefile.in (+6/-7)
tests/libtest/ns.c (+1/-1)
tests/ns/Makefile.in (+6/-7)
tests/unit-test-driver.sh.in (+24/-24)

CVE References

Bryce Harrington (bryce)
Changed in bind9 (Ubuntu):
milestone: none → ubuntu-24.01
Lena Voytek (lvoytek)
Changed in bind9 (Ubuntu):
assignee: nobody → Lena Voytek (lvoytek)
Lena Voytek (lvoytek)
Changed in bind9 (Ubuntu):
status: New → In Progress
Lena Voytek (lvoytek)
Changed in bind-dyndb-ldap (Ubuntu):
status: New → In Progress
assignee: nobody → Lena Voytek (lvoytek)
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

Note that bind-dyndb-ldap does not support 9.19 yet

https://pagure.io/bind-dyndb-ldap/issue/222

but since 9.19 should become 9.20 in March, maybe upstream will fix it in time for noble release. But in the meantime b-d-l would have to be removed from noble until that happens.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

> Note that bind-dyndb-ldap does not support 9.19 yet

Good to know, thanks. We are sticking to 9.18.x for now, as that's upstream's current LTS branch.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package bind-dyndb-ldap - 11.10-6ubuntu4

---------------
bind-dyndb-ldap (11.10-6ubuntu4) noble; urgency=medium

  * No-change rebuild with bind9-libs 1:9.18.21-0ubuntu1 (LP: #2040359)

 -- Lena Voytek <email address hidden> Thu, 25 Jan 2024 15:10:49 -0700

Changed in bind-dyndb-ldap (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package bind9 - 1:9.18.21-0ubuntu1

---------------
bind9 (1:9.18.21-0ubuntu1) noble; urgency=medium

  * New upstream release 9.18.21 (LP: #2040359)
    - Updates:
      + Update IP addresses for B.ROOT-SERVERS.NET to 170.247.170.2 and
        2801:1b8:10::b.
      + Honor nsupdate -v option when server command specified by sending both
        the UPDATE request and the initial query over TCP.
      + Mark cookie-algorithm aes as deprecated, use SipHash-2-4, instead.
      + Mark resolver-nonbackoff-tries and resolver-retry-interval as
        deprecated.
      + Mark dnssec-must-be-secure as deprecated.
    - Bug Fixes:
      + Do not schedule unsigned versions of inline-signed zones containing
        DNSSEC records for resigning.
      + Take local authoritative data into account when looking up stale cache
        data.
      + Fix use of named -X and lock-file at the same time.
      + Fix improper lock-file removal.
      + Fix bound checking in Content-Length header in the statistics channel.
      + Fix memory leaks from not clearing the OpenSSL error stack.
      + Fix SERVFAIL responses from introduction of krb5-subdomain-self-rhs and
        ms-subdomain-self-rhs update policies.
      + Fix stale-refresh-time feature being disabled by cache flush.
      + Fix DNS message corruption from partial writes.
    - See https://bind9.readthedocs.io/en/v9.18.21/notes.html for additional
      information
  * d/p/CVE-2023-3341.patch, d/p/CVE-2023-4236.patch: Remove - fixed by
    upstream in version 9.18.19
  * d/p/always-use-standard-library-stdatomic.patch: Maintain use of the
    standard library stdatomic.h

 -- Lena Voytek <email address hidden> Thu, 25 Jan 2024 08:37:15 -0700

Changed in bind9 (Ubuntu):
status: In Progress → Fix Released
Lena Voytek (lvoytek)
Changed in bind-dyndb-ldap (Ubuntu):
milestone: none → ubuntu-24.01
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.