Ubuntu
bind9 package

bind9 1:9.18.24-0ubuntu0.22.04.1 source package in Ubuntu

Changelog

bind9 (1:9.18.24-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream version 9.18.24 (LP: #2040459)
    - Updates:
      + Mark use of AES as the DNS COOKIE algorithm as depricated.
      + Mark resolver-nonbackoff-tries and resolver-retry-interval statements
        as depricated.
      + Update IP addresses for B.ROOT-SERVERS.NET to 170.247.170.2 and
        2801:1b8:10::b.
      + Mark dnssec-must-be-secure option as deprecated.
      + Honor nsupdate -v option for SOA queries by sending both the UPDATE
        request and the initial query over TCP.
      + Reduce memory consumption through dedicated jemalloc memory arenas.
    - Bug fixes:
      + Fix accidental truncation to 32 bit of statistics channel counters.
      + Do not schedule unsigned versions of inline-signed zones containing
        DNSSEC records for resigning.
      + Take local authoritive data into account when looking up stale data
        from the cache.
      + Fix assertion failure when lock-file used at the same time as named -X.
      + Fix lockfile removal issue when starting named 3+ times.
      + Fix validation of If-Modified-Since header in statistics channel for
        its length.
      + Add Content-Length header bounds check to avoid integer overflow.
      + Fix memory leaks from OpenSSL error stack.
      + Fix SERVFAIL responses after introduction of krb5-subdomain-self-rhs
        and ms-subdomain-self-rhs UPDATE policies.
      + Fix accidental disable of stale-refresh-time feature on rndc flush.
      + Fix possible DNS message corruption from partial writes in TLS DNS.
    - See https://bind9.readthedocs.io/en/v9.18.24/notes.html for additional
      information.
  * Remove CVE patches fixed upstream:
    - CVE-2023-3341.patch
    - CVE-2023-4236.patch
    [ Fixed in 9.18.19 ]
    - 0001-CVE-2023-4408.patch
    - 0002-CVE-2023-5517.patch
    - 0003-CVE-2023-5679.patch
    - 0004-CVE-2023-50387-CVE-2023-50868.patch
    [ Fixed in 9.18.24 ]
  * d/p/always-use-standard-library-stdatomic.patch: Maintain use of the
    standard library stdatomic.h.

 -- Lena Voytek <email address hidden>  Thu, 11 Apr 2024 14:11:18 -0700

Upload details

Uploaded by:
Lena Voytek
Uploaded to:
Jammy
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Jammy proposed main net

Downloads

File Size SHA-256 Checksum
bind9_9.18.24.orig.tar.xz 5.3 MiB 709d73023c9115ddad3bab65b6c8c79a590196d0d114f5d0ca2533dbd52ddf66
bind9_9.18.24.orig.tar.xz.asc 833 bytes d69191fd021bd68280077f03f586942cf2027ae7683be08aeb244bc58530e625
bind9_9.18.24-0ubuntu0.22.04.1.debian.tar.xz 90.4 KiB e4cae64dc29bd05fe50b187017b73f5a53b56ef20c126f9272e96686d8c67210
bind9_9.18.24-0ubuntu0.22.04.1.dsc 3.3 KiB a4b4c9dde8a3e087e10cd5a1a0af63e8232edd4ebdfb01200d8571c45515b9ee

View changes file

Binary packages built by this source

bind9: Internet Domain Name Server

 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server. BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package provides the server and related configuration files.

bind9-dbgsym: debug symbols for bind9
bind9-dev: Static Libraries and Headers used by BIND 9

 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server. BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package contains a bundle of static libraries and header files used by
 BIND 9.
 .
 Please be aware that the BIND 9 libraries are considered private by upstream
 developers and the API and ABI might break at any time.

bind9-dnsutils: Clients provided with BIND 9

 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server. BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package delivers various client programs related to DNS that are
 derived from the BIND 9 source tree.
 .
  - dig - query the DNS in various ways
  - nslookup - the older way to do it
  - nsupdate - perform dynamic updates (See RFC2136)

bind9-dnsutils-dbgsym: debug symbols for bind9-dnsutils
bind9-doc: Documentation for BIND 9

 This package provides various documents that are useful for maintaining a
 working BIND 9 installation.

bind9-host: DNS Lookup Utility

 This package provides the 'host' DNS lookup utility in the form that
 is bundled with the BIND 9 sources.

bind9-host-dbgsym: debug symbols for bind9-host
bind9-libs: Shared Libraries used by BIND 9

 The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
 name server. BIND 9 is the most widely-used name server software on the
 Internet, and is supported by the Internet Software Consortium, www.isc.org.
 .
 This package contains a bundle of shared libraries used by BIND 9.

bind9-libs-dbgsym: debug symbols for bind9-libs
bind9-utils: Utilities for BIND 9

 This package provides various utilities that are useful for maintaining a
 working BIND 9 installation.

bind9-utils-dbgsym: debug symbols for bind9-utils
bind9utils: Transitional package for bind9-utils

 This is a transitional package. It can safely be removed.

dnsutils: Transitional package for bind9-dnsutils

 This is a transitional package. It can safely be removed.