Change log for bind9 package in Debian
| 1 → 75 of 234 results | First • Previous • Next • Last |
| Published in sid-release |
bind9 (1:9.19.21-1) unstable; urgency=high
[ Helmut Grohne ]
* Drop unused Build-Depends: python3. (Closes: #1063448)
[ Ondřej Surý ]
* New upstream version 9.19.21
- CVE-2023-4408: Parsing large DNS messages may cause excessive CPU
load
- CVE-2023-5517: Querying RFC 1918 reverse zones may cause an assertion
failure when "nxdomain-redirect" is enabled
- CVE-2023-5679: Enabling both DNS64 and serve-stale may cause an
assertion failure during recursive resolution
- CVE-2023-6516: Specific recursive query patterns may lead to an
out-of-memory condition
- CVE-2023-50387: KeyTrap - Extreme CPU consumption in DNSSEC validator
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof can exhaust
CPU resources
-- Ondřej Surý <email address hidden> Mon, 12 Feb 2024 17:04:19 +0100
| Superseded in sid-release |
bind9 (1:9.19.19-1) unstable; urgency=medium [ Ondřej Surý ] * New upstream version 9.19.19 [ Bernhard Schmidt ] * Sync 9.18 to 9.19 (Closes: #1056984) -- Ondřej Surý <email address hidden> Wed, 20 Dec 2023 17:01:32 +0100
| Published in bullseye-release |
bind9 (1:9.16.44-1~deb11u1) bullseye-security; urgency=high
* New upstream version 9.16.44
- CVE-2023-3341: A stack exhaustion flaw in control channel code may
cause named to terminate unexpectedly
-- Ondřej Surý <email address hidden> Thu, 21 Sep 2023 19:30:52 +0200
| Published in bookworm-release |
bind9 (1:9.18.19-1~deb12u1) bookworm-security; urgency=high
* New upstream version 9.18.19
- CVE-2023-3341: A stack exhaustion flaw in control channel code may
cause named to terminate unexpectedly
- CVE-2023-4236: named may terminate unexpectedly under high
DNS-over-TLS query load
-- Ondřej Surý <email address hidden> Thu, 21 Sep 2023 19:33:58 +0200
| Superseded in sid-release |
bind9 (1:9.19.17-1) unstable; urgency=medium
* New upstream version 9.19.17
- CVE-2023-3341: A stack exhaustion flaw in control channel code may
cause named to terminate unexpectedly (Closes: #1052416)
- CVE-2023-4236: named may terminate unexpectedly under high
DNS-over-TLS query load (Closes: #1052417)
-- Ondřej Surý <email address hidden> Wed, 20 Sep 2023 18:13:07 +0200
| Superseded in bookworm-release |
bind9 (1:9.18.16-1~deb12u1) bookworm-security; urgency=high
* New upstream version 9.18.16
- CVE-2023-2828: The overmem cleaning process has been improved,
to prevent the cache from significantly exceeding the configured
max-cache-size limit.
- CVE-2023-2911: A query that prioritizes stale data over lookup
triggers a fetch to refresh the stale data in cache. If the fetch
is aborted for exceeding the recursion quota, it was possible for
named to enter an infinite callback loop and crash due to stack
overflow. This has been fixed.
-- Ondřej Surý <email address hidden> Wed, 21 Jun 2023 20:48:44 +0200
| Deleted in experimental-release (Reason: None provided.) |
bind9 (1:9.19.14-1) experimental; urgency=medium * New upstream version 9.19.14 -- Ondřej Surý <email address hidden> Wed, 21 Jun 2023 21:00:01 +0200
| Superseded in sid-release |
bind9 (1:9.18.16-1) unstable; urgency=medium
* New upstream version 9.18.16
- CVE-2023-2828: The overmem cleaning process has been improved,
to prevent the cache from significantly exceeding the configured
max-cache-size limit.
- CVE-2023-2911: A query that prioritizes stale data over lookup
triggers a fetch to refresh the stale data in cache. If the fetch
is aborted for exceeding the recursion quota, it was possible for
named to enter an infinite callback loop and crash due to stack
overflow. This has been fixed.
-- Ondřej Surý <email address hidden> Wed, 21 Jun 2023 20:43:16 +0200
| Superseded in bullseye-release |
bind9 (1:9.16.37-1~deb11u1) bullseye-security; urgency=high
* New upstream version 9.16.37
- CVE-2022-3094: An UPDATE message flood could cause named
to exhaust all available memory.
- CVE-2022-3736: named could crash with an assertion failure
when an RRSIG query was received and stale-answer-client-timeout
was set to a non-zero value.
- CVE-2022-3924: named running as a resolver with the
stale-answer-client-timeout option set to any value greater
than 0 could crash with an assertion failure, when the
recursive-clients soft quota was reached.
-- Ondřej Surý <email address hidden> Wed, 25 Jan 2023 16:22:22 +0100
| Superseded in sid-release |
bind9 (1:9.18.13-1) unstable; urgency=medium * New upstream version 9.18.13 -- Ondřej Surý <email address hidden> Wed, 15 Mar 2023 18:11:29 +0100
| Superseded in experimental-release |
bind9 (1:9.19.11-1) experimental; urgency=medium
* New upstream version 9.19.11
* Update the d/bind9-dev.install, d/bind9.install and d/not-installed
after library squash
-- Ondřej Surý <email address hidden> Wed, 15 Mar 2023 18:27:20 +0100
| Superseded in experimental-release |
bind9 (1:9.19.10-1) experimental; urgency=medium * New upstream version 9.19.10 * Drop libtool-bin from B-D (Closes: #1022968) -- Ondřej Surý <email address hidden> Fri, 10 Feb 2023 15:16:29 +0100
bind9 (1:9.18.12-1) unstable; urgency=medium * New upstream version 9.18.12 * Drop libtool-bin from B-D (Closes: #1022968) -- Ondřej Surý <email address hidden> Fri, 10 Feb 2023 15:15:49 +0100
| Superseded in sid-release |
bind9 (1:9.18.11-2) unstable; urgency=medium * Allow the named to use systemd notify service -- Ondřej Surý <email address hidden> Thu, 26 Jan 2023 21:13:55 +0100
| Superseded in sid-release |
bind9 (1:9.18.11-1) unstable; urgency=medium * New upstream version 9.18.11 -- Ondřej Surý <email address hidden> Wed, 25 Jan 2023 15:51:35 +0100
| Superseded in sid-release |
bind9 (1:9.18.10-2) unstable; urgency=medium
* Backport upstream feature to use sd_notify()
* Use systemd notify for service readyness check (Closes: #994696)
* apparmor.d: Allow named to read all OpenSSL config files.
(Closes: #1025519)
* apparmor.d: Allow named to query for hugepages support.
(Closes: #1020315)
* Fix path to README.Debian (Closes: #1016646)
-- Bernhard Schmidt <email address hidden> Thu, 22 Dec 2022 17:12:17 +0100
| Superseded in sid-release |
bind9 (1:9.18.10-1) unstable; urgency=medium * New upstream version 9.18.10 -- Ondřej Surý <email address hidden> Wed, 21 Dec 2022 18:00:33 +0100
| Superseded in bullseye-release |
bind9 (1:9.16.33-1~deb11u1) bullseye-security; urgency=high
* New upstream version 9.16.33
- CVE-2022-2795: Processing large delegations may severely degrade
resolver performance
- CVE-2022-2881: Buffer overread in statistics channel code
- CVE-2022-2906: Memory leaks in code handling Diffie-Hellman key
exchange via TKEY RRs (OpenSSL 3.0.0+ only)
- CVE-2022-3080: BIND 9 resolvers configured to answer from stale
cache with zero stale-answer-client-timeout may terminate unexpectedly
- CVE-2022-38177: Memory leak in ECDSA DNSSEC verification code
- CVE-2022-38178: Memory leaks in EdDSA DNSSEC verification code
* Drop libldap2-dev from Build-Depends (Closes: #1008021)
* Add runtime dependency on libuv1 >= 1.40.0 (Closes: #1009889)
-- Ondřej Surý <email address hidden> Wed, 21 Sep 2022 12:40:02 +0200
| Superseded in experimental-release |
bind9 (1:9.19.6-2) experimental; urgency=medium * Use systemd notify for service readyness check (Closes: #994696) -- Bernhard Schmidt <email address hidden> Sun, 30 Oct 2022 00:14:05 +0200
| Superseded in sid-release |
bind9 (1:9.18.8-1) unstable; urgency=medium * New upstream version 9.18.8 -- Ondřej Surý <email address hidden> Wed, 19 Oct 2022 14:58:38 +0200
| Superseded in experimental-release |
bind9 (1:9.19.6-1) experimental; urgency=medium * New upstream version 9.19.6 -- Ondřej Surý <email address hidden> Wed, 19 Oct 2022 15:06:31 +0200
| Superseded in sid-release |
bind9 (1:9.18.7-1) unstable; urgency=medium
* New upstream version 9.18.7
- CVE-2022-2795: Processing large delegations may severely degrade
resolver performance
- CVE-2022-2881: Buffer overread in statistics channel code
- CVE-2022-2906: Memory leaks in code handling Diffie-Hellman key
exchange via TKEY RRs (OpenSSL 3.0.0+ only)
- CVE-2022-3080: BIND 9 resolvers configured to answer from stale
cache with zero stale-answer-client-timeout may terminate unexpectedly
- CVE-2022-38177: Memory leak in ECDSA DNSSEC verification code
- CVE-2022-38178: Memory leaks in EdDSA DNSSEC verification code
-- Ondřej Surý <email address hidden> Wed, 21 Sep 2022 12:48:36 +0200
| Superseded in sid-release |
bind9 (1:9.18.6-2) unstable; urgency=medium * No-change source-only upload -- Bernhard Schmidt <email address hidden> Mon, 05 Sep 2022 21:30:08 +0200
| Superseded in sid-release |
bind9 (1:9.18.6-1) unstable; urgency=medium * Disable treat-warnings-as-errors in sphinx-build * New upstream version 9.18.6 -- Ondřej Surý <email address hidden> Thu, 18 Aug 2022 09:39:20 +0200
| Superseded in sid-release |
bind9 (1:9.18.4-2) unstable; urgency=medium [ Simon Deziel ] * debian/extras/etc/db.0: correct descriptive comment [ Bernhard Schmidt ] * Add sleep workaround in tests/simpletests (Closes: #1012059) -- Ondřej Surý <email address hidden> Tue, 05 Jul 2022 12:58:06 +0200
| Superseded in sid-release |
bind9 (1:9.18.3-1) unstable; urgency=medium * New upstream version 9.18.3 -- Ondřej Surý <email address hidden> Wed, 18 May 2022 16:53:01 +0200
| Superseded in sid-release |
bind9 (1:9.18.2-1) unstable; urgency=medium * Drop libldap2-dev from Build-Depends (Closes: #1008021) * New upstream version 9.18.2 * Add runtime dependency on libuv1 >= 1.40.0 (Closes: #1009889) -- Ondřej Surý <email address hidden> Tue, 26 Apr 2022 11:03:35 +0200
| Published in buster-release |
bind9 (1:9.11.5.P4+dfsg-5.1+deb10u7) buster-security; urgency=high
* CVE-2021-25220: The rules for acceptance of records into the cache
have been tightened to prevent the possibility of poisoning if
forwarders send records outside the configured bailiwick.
-- Ondřej Surý <email address hidden> Mon, 14 Mar 2022 15:21:48 +0100
| Superseded in bullseye-release |
bind9 (1:9.16.27-1~deb11u1) bullseye-security; urgency=high
* New upstream version 9.16.27
* CVE-2022-0396: A synchronous call to closehandle_cb() caused
isc__nm_process_sock_buffer() to be called recursively, which in turn
left TCP connections hanging in the CLOSE_WAIT state blocking
indefinitely when out-of-order processing was disabled.
* CVE-2021-25220: The rules for acceptance of records into the cache
have been tightened to prevent the possibility of poisoning if
forwarders send records outside the configured bailiwick
* Remove patch to fix sphinx-build failure (fixed upstream)
-- Ondřej Surý <email address hidden> Mon, 14 Mar 2022 15:25:15 +0100
| Superseded in sid-release |
bind9 (1:9.18.1-1) unstable; urgency=high
* New upstream version 9.18.1
* CVE-2021-25220: The rules for acceptance of records into the cache
have been tightened to prevent the possibility of poisoning if
forwarders send records outside the configured bailiwick.
* CVE-2022-0396: TCP connections with 'keep-response-order' enabled
could leave the TCP sockets in the 'CLOSE_WAIT' state when the client
did not properly shut down the connection.
* CVE-2022-0635: Lookups involving a DNAME could trigger an assertion
failure when 'synth-from-dnssec' was enabled (which is the default)
* CVE-2022-0667: When chasing DS records, a timed out or artificially
delayed fetch could cause 'named' to crash while resuming a DS lookup.
-- Ondřej Surý <email address hidden> Mon, 14 Mar 2022 15:29:31 +0100
| Superseded in sid-release |
bind9 (1:9.18.0-2) unstable; urgency=medium
* Add patch to use detected L1 cache-line size instead of hard-coded
value, this should fix architectures with 128-byte L1 cache.
-- Ondřej Surý <email address hidden> Thu, 27 Jan 2022 13:16:04 +0100
| Superseded in sid-release |
bind9 (1:9.18.0-1) unstable; urgency=medium * Bump the upstream version in debian/ to 9.18 * New upstream version 9.18.0 -- Ondřej Surý <email address hidden> Wed, 26 Jan 2022 12:31:55 +0100
| Superseded in sid-release |
bind9 (1:9.18.0~0+git28350c-1) unstable; urgency=medium
* New upstream version 9.18.0~0+git28350c
+ Pull the 9.18.0 pre-release git to have the L1 cache line
fix (Closes: #1004271)
* Fix the typo when backing up and restoring configure{,.ac}
(Closes: #903586)
* Remove some prehistoring conffile no longer in use
(Closes: #942377)
* Pick UTC date for release_date variable (Closes: #1000893)
-- Ondřej Surý <email address hidden> Mon, 24 Jan 2022 16:00:49 +0100
| Superseded in sid-release |
bind9 (1:9.17.22-1) unstable; urgency=medium * New upstream version 9.17.22 -- Ondřej Surý <email address hidden> Wed, 19 Jan 2022 18:38:13 +0100
| Superseded in bullseye-release |
bind9 (1:9.16.22-1~deb11u1) bullseye-security; urgency=high
* New upstream version 9.16.22
+ CVE-2021-25219: The "lame-ttl" option is now forcibly set to 0. This
effectively disables the lame server cache, as it could previously be
abused by an attacker to significantly degrade resolver performance.
-- Ondřej Surý <email address hidden> Mon, 25 Oct 2021 13:29:14 +0200
| Superseded in sid-release |
bind9 (1:9.17.21-1) unstable; urgency=medium * New upstream version 9.17.21 -- Ondřej Surý <email address hidden> Wed, 15 Dec 2021 15:22:46 +0100
| Superseded in sid-release |
bind9 (1:9.17.20-3) unstable; urgency=medium * Retain bind9-resolvconf.service alias (Closes: #1000565) -- Ondřej Surý <email address hidden> Thu, 25 Nov 2021 10:10:50 +0100
| Superseded in sid-release |
bind9 (1:9.17.20-2) unstable; urgency=medium
* Tighten the dependencies on bind9-libs for the utils too
(Closes: #1000354)
-- Ondřej Surý <email address hidden> Mon, 22 Nov 2021 08:58:22 +0100
| Superseded in sid-release |
bind9 (1:9.17.19-3) unstable; urgency=medium * Remove the .so libraries from excluded files -- Ondřej Surý <email address hidden> Fri, 12 Nov 2021 14:24:13 +0100
| Superseded in sid-release |
bind9 (1:9.17.19-2) unstable; urgency=medium * Add libjemalloc-dev to Build-Depends * Sync the packaging between BIND 9.16 and BIND 9.17 branches * Don't install static libraries to bind9-dev, they are not built -- Ondřej Surý <email address hidden> Tue, 09 Nov 2021 10:42:43 +0100
| Superseded in sid-release |
bind9 (1:9.17.19-1) unstable; urgency=medium * New upstream version 9.17.19 -- Ondřej Surý <email address hidden> Mon, 25 Oct 2021 14:29:06 +0200
| Superseded in sid-release |
bind9 (1:9.16.21-1) unstable; urgency=medium * New upstream version 9.16.21 -- Ondřej Surý <email address hidden> Thu, 16 Sep 2021 09:54:17 +0200
| Superseded in buster-release |
bind9 (1:9.11.5.P4+dfsg-5.1+deb10u5) buster-security; urgency=high
* CVE-2021-25214: A malformed incoming IXFR transfer could trigger
an assertion failure in ``named``, causing it to quit abnormally.
* CVE-2021-25215: ``named`` crashed when a DNAME record placed in
the ANSWER section during DNAME chasing turned out to be the final
answer to a client query.
* CVE-2021-25216: Compile with system provided SPNEGO
* Ensure all resources are properly cleaned up when a call to
gss_accept_sec_context() fails.
-- Ondřej Surý <email address hidden> Thu, 29 Apr 2021 12:42:26 +0200
bind9 (1:9.16.15-1) unstable; urgency=high
* New upstream version 9.16.15 (Closes: #987741, #987742, #987743)
+ CVE-2021-25214: A malformed incoming IXFR transfer could trigger an
assertion failure in ``named``, causing it to quit abnormally.
+ CVE-2021-25215: ``named`` crashed when a DNAME record placed in the
ANSWER section during DNAME chasing turned out to be the final
answer to a client query.
+ CVE-2021-25216: When a server's configuration set the
``tkey-gssapi-keytab`` or ``tkey-gssapi-credential`` option, a
specially crafted GSS-TSIG query could cause a buffer overflow in
the ISC implementation of SPNEGO (a protocol enabling negotiation of
the security mechanism used for GSSAPI authentication).
* Add patches to implement I-D draft-hardaker-dnsop-nsec3-guidance
-- Ondřej Surý <email address hidden> Thu, 29 Apr 2021 09:11:32 +0200
| Superseded in buster-release |
bind9 (1:9.11.5.P4+dfsg-5.1+deb10u3) buster-security; urgency=high * Non-maintainer upload by the Security Team. * Buffer overflow in GSSAPI security policy negotiation (CVE-2020-8625) -- Salvatore Bonaccorso <email address hidden> Mon, 15 Feb 2021 08:51:28 +0100
| Superseded in sid-release |
bind9 (1:9.16.13-1) unstable; urgency=medium * New upstream version 9.16.13 * Add upstream patches to fix TCP timeouts firing too early -- Ondřej Surý <email address hidden> Thu, 18 Mar 2021 14:23:49 +0100
| Superseded in sid-release |
bind9 (1:9.16.12-3) unstable; urgency=medium * Add most important patches from upcoming 9.16.13 release -- Ondřej Surý <email address hidden> Fri, 12 Mar 2021 09:59:49 +0100
| Superseded in sid-release |
bind9 (1:9.16.12-1) unstable; urgency=high
* New upstream version 9.16.12
+ [CVE-2020-8625]: Fix off-by-one bug in ISC SPNEGO implementation.
(Closes: #983004)
* Adjust the bind9-libs and bind9-dev packages for new upstream library
names
-- Ondřej Surý <email address hidden> Thu, 18 Feb 2021 08:13:58 +0100
| Superseded in sid-release |
bind9 (1:9.16.11-3) unstable; urgency=medium
* Split the simple validation test to separate file and mark it as flaky
(Closes: #976045)
-- Ondřej Surý <email address hidden> Sun, 14 Feb 2021 20:04:39 +0100
| Superseded in sid-release |
bind9 (1:9.16.11-2) unstable; urgency=medium
* Cherry-pick upstream commit to fix segfault with named ACLs used in
allow-update (Closes: #980786)
-- Bernhard Schmidt <email address hidden> Fri, 29 Jan 2021 08:27:31 +0100
| Superseded in sid-release |
bind9 (1:9.16.11-1) unstable; urgency=medium * Add the ISC code-signing key for 2021-2022 * New upstream version 9.16.11 -- Ondřej Surý <email address hidden> Thu, 21 Jan 2021 09:58:33 +0100
| Superseded in sid-release |
bind9 (1:9.16.8-1) unstable; urgency=medium
[ Ondřej Surý ]
* New upstream version 9.16.8
[ Bernhard Schmidt ]
* d/t/control:
- tag autopkgtest with needs-internet (Closes: #973955)
- depend on bind9-dnsutils insead of the transitional dnsutils
* d/rules: change deprecated --with-libjson-c configure argument to
--with-json-c
-- Bernhard Schmidt <email address hidden> Mon, 09 Nov 2020 23:03:53 +0100
| Superseded in buster-release |
bind9 (1:9.11.5.P4+dfsg-5.1+deb10u2) buster-security; urgency=high
[ Salvatore Bonaccorso ]
* [CVE-2020-8622] Properly handle malformed truncated responses to TSIG
queries
* [CVE-2020-8623] Fix crash in pk11_numbits() with crafted packet when
native-pkcs11 is used
* Wait more than 1 second for NSEC3 chain changes
* [CVE-2020-8624] Fix processing of "update-policy" rules of type
"subdomain" (Closes: #966497)
[ Ondřej Surý ]
* [CVE-2020-8619]: It was possible to trigger a INSIST when a zone with
interior (non-leaf) wildcard label
-- Salvatore Bonaccorso <email address hidden> Tue, 25 Aug 2020 10:10:23 +0200
| Superseded in sid-release |
bind9 (1:9.16.6-3) unstable; urgency=medium [ Ondřej Surý ] * Add upstream patches to fix some rare conditions (Closes: #969448) [ Bernhard Schmidt ] * Set Restart=on-failure in systemd unit -- Bernhard Schmidt <email address hidden> Tue, 15 Sep 2020 00:26:14 +0200
| Superseded in sid-release |
bind9 (1:9.16.6-2) unstable; urgency=medium
* Move Build-Depends for documentation to Build-Depends-Indep, this
should fix the arch-any build on s390x where xindy is not available.
-- Bernhard Schmidt <email address hidden> Sat, 22 Aug 2020 20:06:00 +0200
| Superseded in sid-release |
bind9 (1:9.16.6-1) unstable; urgency=medium * New upstream version 9.16.6 -- Ondřej Surý <email address hidden> Thu, 20 Aug 2020 21:32:46 +0200
| Superseded in buster-release |
bind9 (1:9.11.5.P4+dfsg-5.1+deb10u1) buster-security; urgency=high
* [CVE-2019-6477]: TCP-pipelined queries can bypass tcp-clients limit.
(Closes: #945171)
* [CVE-2020-8616]: Fix NXNSATTACK amplification attack on BIND 9
* [CVE-2020-8617]: Fix assertion failure in TSIG processing code
-- Ondřej Surý <email address hidden> Mon, 18 May 2020 10:02:41 +0200
| Published in stretch-release |
bind9 (1:9.10.3.dfsg.P4-12.3+deb9u6) stretch-security; urgency=medium * [CVE-2020-8616]: Fix NXNSATTACK amplification attack on BIND 9 * [CVE-2020-8617]: Fix assertion failure in TSIG processing code -- Ondřej Surý <email address hidden> Thu, 14 May 2020 13:00:44 +0200
| Superseded in sid-release |
bind9 (1:9.16.4-1) unstable; urgency=medium * New upstream version 9.16.4 * Update Debian packaging for sphinx-doc documentation -- Ondřej Surý <email address hidden> Wed, 17 Jun 2020 09:27:29 +0200
| Superseded in sid-release |
bind9 (1:9.16.3-1) unstable; urgency=medium * New upstream version 9.16.3 -- Ondřej Surý <email address hidden> Tue, 19 May 2020 14:14:35 +0200
| Superseded in sid-release |
bind9 (1:9.16.2-3) unstable; urgency=medium [ Simon Deziel ] * apparmor: use profile name specifier -- Bernhard Schmidt <email address hidden> Thu, 23 Apr 2020 11:45:43 +0200
| Superseded in sid-release |
bind9 (1:9.16.2-2) unstable; urgency=medium * Update gbp.conf to debian/master and upstream/latest * Reintroduce the bind9-dev package (Closes: #954906) -- Ondřej Surý <email address hidden> Thu, 16 Apr 2020 12:14:44 +0200
| Superseded in sid-release |
bind9 (1:9.16.2-1) unstable; urgency=medium * Update d/copyright (Closes: #947978) * New upstream version 9.16.2 (Closes: #952946, #954919) -- Ondřej Surý <email address hidden> Thu, 16 Apr 2020 10:07:07 +0200
| Superseded in sid-release |
bind9 (1:9.16.1-2) unstable; urgency=medium
[ Andreas Hasenack ]
* Bring back the DEP8 test from sid
* Use iproute2 instead of net-tools
* d/control: drop hardcoded python3 dependency
[ Bernhard Schmidt ]
* Fix apparmor profile name.
Thanks to Andreas Hasenack
* Enable readline support
[ Andreas Hasenack ]
* Update apparmor profile with what is in sid
* Create the missing transitional packages for dnsutils, bind9utils
* There is a licensing conflict with adding libreadline and we should
use libedit-dev instead.
[ Ondřej Surý ]
* Add Breaks: freeipa, so the package doesn't migrate to testing before freeipa is fixed
-- Ondřej Surý <email address hidden> Sun, 22 Mar 2020 09:21:21 +0100
| Deleted in experimental-release (Reason: None provided.) |
bind9 (1:9.16.1-1) experimental; urgency=medium * New upstream version 9.16.1 -- Ondřej Surý <email address hidden> Fri, 20 Mar 2020 13:59:34 +0100
| Superseded in sid-release |
bind9 (1:9.11.16+dfsg-2) unstable; urgency=medium
* No-changes source-only upload to allow migration
Should also fix FTBFS on several platforms that was caused by #952115
in libxml2.
-- Bernhard Schmidt <email address hidden> Tue, 25 Feb 2020 22:12:13 +0100
| Superseded in sid-release |
bind9 (1:9.11.16+dfsg-1) unstable; urgency=medium * New upstream version 9.11.16+dfsg * Bump libisc SOVERSION to 1105 -- Ondřej Surý <email address hidden> Thu, 20 Feb 2020 10:44:11 +0100
| Superseded in experimental-release |
bind9 (1:9.16.0-1) experimental; urgency=medium * Change the branch to 9.16 * New upstream version 9.16.0 -- Ondřej Surý <email address hidden> Thu, 20 Feb 2020 10:54:34 +0100
| Superseded in sid-release |
bind9 (1:9.11.14+dfsg-3) unstable; urgency=medium * cherry-pick upstream patch to fix FTBFS on armel -- Bernhard Schmidt <email address hidden> Thu, 16 Jan 2020 16:58:50 +0100
| Superseded in sid-release |
bind9 (1:9.11.14+dfsg-2) unstable; urgency=medium [ Bernhard Schmidt ] * Unmark bind9-host as deprecated (Closes: #948139) [ Andreas Hasenack ] * d/control: drop hardcoded python3 dependency * Use iproute2 instead of net-tools -- Bernhard Schmidt <email address hidden> Thu, 16 Jan 2020 14:23:27 +0100
| Superseded in sid-release |
bind9 (1:9.11.14+dfsg-1) unstable; urgency=medium * New upstream version 9.11.14+dfsg * Make lib/dns/gen.c independent of isc/platform.h header -- Ondřej Surý <email address hidden> Thu, 19 Dec 2019 09:40:34 +0100
| Superseded in experimental-release |
bind9 (1:9.15.7-1) experimental; urgency=medium * Add libuv1-dev, libcmocka-dev, libedit-dev and zlib1g-dev to B-D * Update d/watch to use tar.xz * New upstream version 9.15.7 -- Ondřej Surý <email address hidden> Thu, 19 Dec 2019 09:40:52 +0100
| Superseded in experimental-release |
bind9 (1:9.11.8+dfsg-1) experimental; urgency=medium
* New upstream version 9.11.8+dfsg
* Rebase patches for BIND 9.11.8
* AppArmor: Allow /var/tmp/krb5_* (owner-only) for Samba AD DLZ.
Thanks to Steven Monai (Closes: 928398)
* Enable readline support in dnsutils (nslookup and nsupdate)
-- Bernhard Schmidt <email address hidden> Sun, 07 Jul 2019 21:38:14 +0200
| Superseded in experimental-release |
bind9 (1:9.11.6+dfsg-1) experimental; urgency=medium [ Ondřej Surý ] * New upstream version 9.11.6+dfsg (Closes: #923984) * Update d/gbp.conf for DEP-14 * Fix the checkapi script * Bump libdns SOVERSION from 1104 to 1105 * Update libdns1105 symbols [ Bernhard Schmidt] * Add missing pkg-config build-dep -- Bernhard Schmidt <email address hidden> Wed, 20 Mar 2019 11:55:34 +0100
| Superseded in stretch-release |
bind9 (1:9.10.3.dfsg.P4-12.3+deb9u5) stretch-security; urgency=high
[ Marc Deslauriers (Ubuntu) ]
* CVE-2018-5743: limiting simultaneous TCP clients is ineffective.
Thanks to Marc Deslauriers of Ubuntu (Closes: #927932)
[ Ondřej Surý ]
* Sync Maintainer and Uploaders with unstable
* [CVE-2019-6465]: Zone transfer for DLZs are executed though not
permitted by ACLs. (Closes: #922955)
* [CVE-2018-5745]: Avoid assertion and thus causing named to
deliberately exit when a trust anchor's key is replaced with a key
which uses an unsupported algorithm. (Closes: #922954)
-- Bernhard Schmidt <email address hidden> Fri, 03 May 2019 22:34:35 +0200
| 1 → 75 of 234 results | First • Previous • Next • Last |
