Format: 1.8
Date: Fri, 22 May 2020 09:52:13 -0300
Source: bind9
Binary: bind9 bind9-dev bind9-dnsutils bind9-host bind9-libs bind9-utils
Architecture: arm64 arm64_translations
Version: 1:9.16.2-3ubuntu1
Distribution: groovy-proposed
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-001.buildd>
Changed-By: Andreas Hasenack <andreas@canonical.com>
Description:
 bind9      - Internet Domain Name Server
 bind9-dev  - Static Libraries and Headers used by BIND 9
 bind9-dnsutils - Clients provided with BIND 9
 bind9-host - DNS Lookup Utility
 bind9-libs - Shared Libraries used by BIND 9
 bind9-utils - Utilities for BIND 9
Closes: 928398
Changes:
 bind9 (1:9.16.2-3ubuntu1) groovy; urgency=medium
 .
   * Merge with Debian unstable. Remaining changes:
     - Don't build dnstap as it depends on universe packages:
       + d/control: drop build-depends on libfstrm-dev, libprotobuf-c-dev and
         protobuf-c-compiler (universe packages)
       + d/dnsutils.install: don't install dnstap
       + d/libdns1104.symbols: don't include dnstap symbols
       + d/rules: don't build dnstap nor install dnstap.proto
     - Add back apport:
       + d/bind9.apport: add back old bind9 apport hook, but without calling
         attach_conffiles() since that is already done by apport itself, with
         confirmation from the user.
       + d/control, d/rules: buil-depends on dh-apport and use it
     - d/t/simpletest: drop the internetsociety.org test as it requires
       network egress access that is not available in the Ubuntu autopkgtest
       farm.
     - d/NEWS: mention some of the bigger changes in 9.16.0 packaging
     - d/t/control: change the dep8 test dependency to be on the real
       bind9-dnsutils package, and not the transitional one (LP #1864761)
     - d/control: make bind9-dnsutils multi-arch foreign as another step
       towards fixing LP #1864761
     - d/rules: change deprecated --with-libjson-c configure argument to
       --with-json-c
     - SECURITY UPDATE: BIND does not sufficiently limit the number of fetches
       performed when processing referrals
       + debian/patches/CVE-2020-8616.patch: further limit the number of
         queries that can be triggered from a request in lib/dns/adb.c,
         lib/dns/include/dns/adb.h, lib/dns/resolver.c.
       + CVE-2020-8616
     - SECURITY UPDATE: A logic error in code which checks TSIG validity can
       be used to trigger an assertion failure in tsig.c
       + debian/patches/CVE-2020-8617.patch: don't allow replaying a TSIG
         BADTIME response in lib/dns/tsig.c.
       + CVE-2020-8617
   * Dropped:
     - use iproute2 instead of net-tools (LP #1850699):
       + d/control: replace net-tools depends with iproute2
       + d/bind9.init: use ip instead of ifconfig
       [In 1:9.16.1-2]
     - d/control: Enable readline-like support in dnsutils (nslookup and nsupdate)
       via libedit-dev (libreadline has a license conflict with bind)
       [In 1:9.16.1-2]
     - d/control: drop hardcoded python3 dependency
       (LP #1856211, Closes #946643)
       [In 1:9.16.1-2]
     - d/extras/apparmor.d/usr.sbin.named:
       + Add flags=(attach_disconnected) to AppArmor profile
       + AppArmor: Allow /var/tmp/krb5_* (owner-only) for Samba AD DLZ
         (Closes: #928398)
       [In 1:9.16.1-2]
     - d/rules: fix typo in the apparmor profile installation
       [In 1:9.16.1-2]
     - d/control: create transitional packages for dnsutils, bind9utils
       [In 1:9.16.1-2]
     - d/p/fix-rebinding-protection.patch: fix rebinding protection bug
       when using forwarder setups (LP #1873046)
       [Fixed upstream]
Checksums-Sha1:
 420b773cde0a3eded3a19fd29eaad874445d00d2 535480 bind9-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 3be4aa1bce88126f1a8de9f9f8ebc3b0d0c2492d 1461484 bind9-dev_9.16.2-3ubuntu1_arm64.deb
 1015c92325aa47e8b5b8437b18d8ba7f093bea9b 293920 bind9-dnsutils-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 917a02974740386ef0f6ef89d7ddd4183846dff8 130580 bind9-dnsutils_9.16.2-3ubuntu1_arm64.deb
 2ad24b150be335dd95fba9eaf08f5a7691b819bc 82344 bind9-host-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 91403755a0388aa23d554bc96a2c8f0803624a58 42548 bind9-host_9.16.2-3ubuntu1_arm64.deb
 b0d58208bbafdade18597f9c3c70a2c62455e940 3427256 bind9-libs-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 82f29ef8e7fd1699e178df3fd55d3e54881331d6 1006004 bind9-libs_9.16.2-3ubuntu1_arm64.deb
 5d136c823f997c60c3154c5d87dea11eef155d46 293876 bind9-utils-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 a008aaa53df2b7e49ca49a46c1427d4d03c1e64d 167768 bind9-utils_9.16.2-3ubuntu1_arm64.deb
 1112256c97513fbc9383091c80c27f0ae01e4c0f 10833 bind9_9.16.2-3ubuntu1_arm64.buildinfo
 cee33825e0a578297eba598a6164171b0f672f2e 215512 bind9_9.16.2-3ubuntu1_arm64.deb
 5c4f768674fbdc5091504bcab067fccca915a94d 12981 bind9_9.16.2-3ubuntu1_arm64_translations.tar.gz
Checksums-Sha256:
 1921521d022d670264dccbc729e7b7e0e0af525819b49c6e0d2fa39787b49fc3 535480 bind9-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 6e1c5e45899c5d0ffdb4999ed932a642af164fb165222af4bec67438214b8698 1461484 bind9-dev_9.16.2-3ubuntu1_arm64.deb
 cdf8f0be5ed21134f12040152e17216f8dd9a421abfe3d403b60417f197eef68 293920 bind9-dnsutils-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 c2dd1026fb42faa9702d3be9997aac3c8c374e88a8dc00001f0f3c8a0cc2c3bb 130580 bind9-dnsutils_9.16.2-3ubuntu1_arm64.deb
 a0d2ed0147962b3cc1d2a4545264719dd2b6e0ef15ac62bdf8f7c0c54c2cae95 82344 bind9-host-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 9fdd123bc012b3b5c7b0ad6f37cd5c20abc648ee597d9a82111c3188e46e93cb 42548 bind9-host_9.16.2-3ubuntu1_arm64.deb
 56b775873e9305d3423d9c65b3896e34a94840c85a4236de5a189fd184cd2efd 3427256 bind9-libs-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 3f2e6734a53ac2c528dfa0110c5e5dc54877096fbd136335481741afbb842336 1006004 bind9-libs_9.16.2-3ubuntu1_arm64.deb
 6541d9519a7bad86c60f954343426e175e423e11761e090a773bb85447ed9e92 293876 bind9-utils-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 ce8f3a9e761d4622d539337c75720e9c61c20958546b20394813c45ed738648c 167768 bind9-utils_9.16.2-3ubuntu1_arm64.deb
 f0297817941970701c0e18ce9cb7865ace9af2585dc8f225504fe8b067192f0a 10833 bind9_9.16.2-3ubuntu1_arm64.buildinfo
 01dc1c692a690d17587e52461f558418dfbf07286be12cdbffc13de4c32d408c 215512 bind9_9.16.2-3ubuntu1_arm64.deb
 2e0dad2561e86195f15990d5eadd5b558e5733562eaf86a67386419b328d894d 12981 bind9_9.16.2-3ubuntu1_arm64_translations.tar.gz
Files:
 1ddd9d45347b0895d60b4ffb0cb92d9d 535480 debug optional bind9-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 2085f48e2986f11861520f2c7d1a25e9 1461484 devel optional bind9-dev_9.16.2-3ubuntu1_arm64.deb
 18a9e4922470b93875931e4fd6daf386 293920 debug optional bind9-dnsutils-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 c047100a3b5eba24c13f36337510d152 130580 net standard bind9-dnsutils_9.16.2-3ubuntu1_arm64.deb
 90afe11ca66c33dc2503a53fc6d61854 82344 debug optional bind9-host-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 da8b9cbf7fb9c19283bd112b428435d2 42548 net standard bind9-host_9.16.2-3ubuntu1_arm64.deb
 fec96543743a034c453fb81a6707baa0 3427256 debug optional bind9-libs-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 b6ee696b2c3f04f5d78c30cb7c68ac39 1006004 libs standard bind9-libs_9.16.2-3ubuntu1_arm64.deb
 ff483d1beadde82a4cf119f38aff6c6b 293876 debug optional bind9-utils-dbgsym_9.16.2-3ubuntu1_arm64.ddeb
 5998d705ebc964d5b109f1ae89656b40 167768 net optional bind9-utils_9.16.2-3ubuntu1_arm64.deb
 61a721e26d9df2e46be9e7efd55d5565 10833 net optional bind9_9.16.2-3ubuntu1_arm64.buildinfo
 7a4af760b1cf1a54df814eba5e712d56 215512 net optional bind9_9.16.2-3ubuntu1_arm64.deb
 ff50c663f986171f26066c1020264023 12981 raw-translations - bind9_9.16.2-3ubuntu1_arm64_translations.tar.gz
Original-Maintainer: Debian DNS Team <team+dns@tracker.debian.org>