Changelog
bind9 (1:9.10.4-P5-1) experimental; urgency=medium
* New upstream: 9.10.4-P5
- Fixes CVE-2016-2775: crash in lwresd due to a long query name
(closes: #831796).
- Fixes CVE-2016-2776: maliciously crafted query can cause named to crash
(closes: #839010).
- Fixes CVE-2016-6170: improper zone size limits (closes: #830810).
- Fixes CVE-2016-8864: incorrect handling of a DNAME record can cause
named to crash (closes: #842858).
- Fixes CVE-2016-9131: maliciously crafted response to an ANY query can
cause named to crash (closes: #851065).
- Fixes CVE-2016-9147: query with contradictory DNSSEC information can
cause named to crash (closes: #851063).
- Fixes CVE-2016-9444: maliciously formed DNSSEC Delegation Signer (DS)
record can cause named to crash (closes: #851062).
* Openssl 1.1 is not yet supported, so build with openssl 1.0 for now
(closes: #828082).
* Update debian/copyright to format 1.0.
* Add upstream signing key.
-- Michael Gilbert <email address hidden> Sun, 15 Jan 2017 06:04:12 +0000