bind9 1:9.16.3-1ubuntu1 source package in Ubuntu

Changelog

bind9 (1:9.16.3-1ubuntu1) groovy; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - Don't build dnstap as it depends on universe packages:
      + d/control: drop build-depends on libfstrm-dev, libprotobuf-c-dev and
        protobuf-c-compiler (universe packages)
      + d/dnsutils.install: don't install dnstap
      + d/libdns1104.symbols: don't include dnstap symbols
      + d/rules: don't build dnstap nor install dnstap.proto
    - Add back apport:
      + d/bind9.apport: add back old bind9 apport hook, but without calling
        attach_conffiles() since that is already done by apport itself, with
        confirmation from the user.
      + d/control, d/rules: buil-depends on dh-apport and use it
    - d/t/simpletest: drop the internetsociety.org test as it requires
      network egress access that is not available in the Ubuntu autopkgtest
      farm.
    - d/NEWS: mention some of the bigger changes in 9.16.0 packaging
    - d/t/control: change the dep8 test dependency to be on the real
      bind9-dnsutils package, and not the transitional one (LP #1864761)
    - d/rules: change deprecated --with-libjson-c configure argument to
      --with-json-c
  * Dropped:
    - d/control: make bind9-dnsutils multi-arch foreign as another step
      towards fixing LP #1864761
      [The correct fix was to change the dep8 dependency to be on the real
      package, and not the transitional one]
    - SECURITY UPDATE: BIND does not sufficiently limit the number of fetches
      performed when processing referrals
      + debian/patches/CVE-2020-8616.patch: further limit the number of
        queries that can be triggered from a request in lib/dns/adb.c,
        lib/dns/include/dns/adb.h, lib/dns/resolver.c.
      + CVE-2020-8616
      [Fixed upstream]
    - SECURITY UPDATE: A logic error in code which checks TSIG validity can
      be used to trigger an assertion failure in tsig.c
      + debian/patches/CVE-2020-8617.patch: don't allow replaying a TSIG
        BADTIME response in lib/dns/tsig.c.
      + CVE-2020-8617
      [Fixed upstream]

bind9 (1:9.16.3-1) unstable; urgency=medium

  * New upstream version 9.16.3

 -- Andreas Hasenack <email address hidden>  Tue, 02 Jun 2020 17:37:44 -0300

Upload details

Uploaded by:
Andreas Hasenack
Uploaded to:
Groovy
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
bind9_9.16.3.orig.tar.xz 4.4 MiB 27ac6513de5f8d0db34b9f241da53baa15a14b2ad21338d0cde0826eaf564f7e
bind9_9.16.3-1ubuntu1.debian.tar.xz 66.2 KiB 5cadc2bca9c499c5cb2f56a4af19675014dee1f44ee78affd140699a1cc49885
bind9_9.16.3-1ubuntu1.dsc 2.7 KiB 1a01a6d15135127b28fcdbbc48f66b4df3d02cabf962c6c558683f6a1f691fd2

View changes file

Binary packages built by this source

bind9: Internet Domain Name Server

 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server. BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package provides the server and related configuration files.

bind9-dbgsym: debug symbols for bind9
bind9-dev: Static Libraries and Headers used by BIND 9

 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server. BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package contains a bundle of static libraries and header files used by
 BIND 9.
 .
 Please be aware that the BIND 9 libraries are considered private by upstream
 developers and the API and ABI might break at any time.

bind9-dnsutils: Clients provided with BIND 9

 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server. BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package delivers various client programs related to DNS that are
 derived from the BIND 9 source tree.
 .
  - dig - query the DNS in various ways
  - nslookup - the older way to do it
  - nsupdate - perform dynamic updates (See RFC2136)

bind9-dnsutils-dbgsym: debug symbols for bind9-dnsutils
bind9-doc: Documentation for BIND 9

 This package provides various documents that are useful for maintaining a
 working BIND 9 installation.

bind9-host: DNS Lookup Utility

 This package provides the 'host' DNS lookup utility in the form that
 is bundled with the BIND 9 sources.

bind9-host-dbgsym: debug symbols for bind9-host
bind9-libs: Shared Libraries used by BIND 9

 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server. BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package contains a bundle of shared libraries used by BIND 9.

bind9-libs-dbgsym: debug symbols for bind9-libs
bind9-utils: Utilities for BIND 9

 This package provides various utilities that are useful for maintaining a
 working BIND 9 installation.

bind9-utils-dbgsym: debug symbols for bind9-utils
bind9utils: Transitional package for bind9-utils

 This is a transitional package. It can safely be removed.

dnsutils: Transitional package for bind9-dnsutils

 This is a transitional package. It can safely be removed.