-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.32) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: off-by-one bug in ISC SPNEGO implementation
- properly calculate length in lib/dns/spnego.c.
- CVE-2020-8625
-- Avital Ostromich <email address hidden> Tue, 23 Feb 2021 18:56:07 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.22) precise-security; urgency=medium
* SECURITY UPDATE: Denial of Service due to an error handling
synthesized records when using DNS64 with "break-dnssec yes;"
- bin/named/query.c: reset noqname if query_dns64() called.
- CVE-2017-3136
* SECURITY UPDATE: Denial of Service due to resolver terminating when
processing a response packet containing a CNAME or DNAME
- lib/dns/resolver.c: don't expect a specific
ordering of answer components
- lib/dns/name.c: remove part of assertion that triggers in
dns_name_split() (partial cherrypick of upstream
dc3912f3caac1104fef441fd18571b7a975708ea
- bin/tests/system/dname/ns2/example.db,
bin/tests/system/dname/tests.sh: add testcases.
- CVE-2017-3137
* SECURITY UPDATE: Denial of Service when receiving a null command on
the control channel
- lib/isc/lex.c, lib/isc/include/isc/lex.h: don't throw an assert if no
command token is given
- CVE-2017-3138
-- Steve Beattie <email address hidden> Thu, 13 Apr 2017 00:02:24 -0700
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.21) precise-security; urgency=medium
* SECURITY UPDATE: Combining dns64 and rpz can result in dereferencing
a NULL pointer
- bin/named/query.c, lib/dns/message.c, lib/dns/rdataset.c: properly
handle dns64 and rpz combination.
- CVE-2017-3135
* SECURITY UPDATE: regression in CVE-2016-8864
- lib/dns/resolver.c: synthesised CNAME before matching DNAME was still
being cached when it should have been,
- bin/tests/system/dname/ans3/ans.pl,
bin/tests/system/dname/ns1/root.db, bin/tests/system/dname/tests.sh:
added tests.
- No CVE number
-- Marc Deslauriers <email address hidden> Wed, 15 Feb 2017 10:36:42 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.20) precise-security; urgency=medium
* SECURITY UPDATE: assertion failure via class mismatch
- lib/dns/resolver.c: properly handle certain TKEY records.
- CVE-2016-9131
* SECURITY UPDATE: assertion failure via inconsistent DNSSEC information
- lib/dns/resolver.c: fix logic when records are returned without the
requested data.
- CVE-2016-9147
* SECURITY UPDATE: regression in CVE-2016-8864
- lib/dns/resolver.c: properly handle CNAME -> DNAME in responses,
added tests to bin/tests/system/dname/ns2/example.db,
bin/tests/system/dname/tests.sh.
- No CVE number
-- Marc Deslauriers <email address hidden> Mon, 09 Jan 2017 10:47:06 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.19) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via responses containing a DNAME
answer
- lib/dns/resolver.c: remove assertion failure.
- patch backported from 9.9.9-P4.
- CVE-2016-8864
-- Marc Deslauriers <email address hidden> Mon, 31 Oct 2016 09:00:00 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.18) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via malformed options
- Backported upstream commit 4adf97c32fcca7d00e5756607fd045f2aab9c3d4.
- CVE-2016-2848
-- Marc Deslauriers <email address hidden> Mon, 17 Oct 2016 14:39:54 +0200
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.17) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via assertion failure
- lib/dns/message.c: properly handle lengths.
- backported from patch provided by upstream.
- CVE-2016-2776
-- Marc Deslauriers <email address hidden> Mon, 26 Sep 2016 14:42:15 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.16) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via rndc control channel input
parsing error
- properly check data in bin/named/control.c, bin/named/controlconf.c,
bin/rndc/rndc.c, lib/isccc/cc.c.
- CVE-2016-1285
* SECURITY UPDATE: denial of service via resource record signatures
parsing issue
- fix improper DNAME handling in lib/dns/resolver.c.
- CVE-2016-1286
-- Marc Deslauriers <email address hidden> Tue, 08 Mar 2016 08:35:01 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.15) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via string formatting operations
- lib/dns/rdata/in_1/apl_42.c: use correct length.
- CVE-2015-8704
-- Marc Deslauriers <email address hidden> Mon, 18 Jan 2016 07:56:11 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.14) precise-security; urgency=medium
* SECURITY UPDATE: REQUIRE failure via incorrect class
- properly handle class in lib/dns/include/dns/message.h,
lib/dns/message.c, lib/dns/resolver.c, lib/dns/xfrin.c.
- CVE-2015-8000
-- Marc Deslauriers <email address hidden> Mon, 14 Dec 2015 13:48:33 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.13) precise-security; urgency=medium
* SECURITY UPDATE: denial of service in DNSSEC-signed record validation
via malformed keys
- fix validation inlib/dns/hmac_link.c, lib/dns/include/dst/dst.h,
lib/dns/ncache.c, lib/dns/openssldh_link.c,
lib/dns/openssldsa_link.c, lib/dns/opensslrsa_link.c,
lib/dns/resolver.c.
- CVE-2015-5722
-- Marc Deslauriers <email address hidden> Tue, 01 Sep 2015 14:07:19 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.12) precise-security; urgency=medium
* SECURITY UPDATE: denial of service in TKEY record query handling
- lib/dns/tkey.c: clear out name before trying the answer section.
- CVE-2015-5477
* SECURITY UPDATE: denial of service via AAAA record query
- bin/named/query.c: arrange for RPZ rewriting of any A records.
- CVE-2012-5689
-- Marc Deslauriers <email address hidden> Mon, 27 Jul 2015 11:42:05 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.11) precise-security; urgency=medium
* SECURITY UPDATE: resolver DoS via specially crafted zone data
- lib/dns/validator.c: don't use uninitialized fixedname.
- CVE-2015-4620
-- Marc Deslauriers <email address hidden> Mon, 29 Jun 2015 15:02:08 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.10) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via revoking a managed trust anchor
and supplying an untrusted replacement
- lib/dns/zone.c: avoid crash due to managed-key rollover
- Based on patch supplied by Evan Hunt <email address hidden>
- CVE-2015-1349
-- Marc Deslauriers <email address hidden> Wed, 18 Feb 2015 07:41:24 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.9) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via delegation handling defect
- limit max recursion in bin/named/config.c, bin/named/query.c,
bin/named/server.c, lib/dns/adb.c, lib/dns/include/dns/adb.h,
lib/dns/include/dns/resolver.h, lib/dns/resolver.c,
lib/export/isc/Makefile.in, lib/isc/Makefile.in, lib/isc/counter.c,
lib/isc/include/isc/counter.h, lib/isc/include/isc/Makefile.in,
lib/isc/include/isc/types.h, lib/isc/tests/counter_test.c,
lib/isccfg/namedconf.c.
- Patch provided by upstream.
- CVE-2014-8500
-- Marc Deslauriers <email address hidden> Tue, 09 Dec 2014 09:20:13 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.8) precise-security; urgency=low
* SECURITY UPDATE: denial of service when processing NSEC3-signed zone
queries
- debian/patches/CVE-2014-0591.patch: don't call memcpy with
overlapping ranges in bin/named/query.c.
- patch backported from 9.8.6-P2.
- CVE-2014-0591
-- Marc Deslauriers <email address hidden> Fri, 10 Jan 2014 09:44:31 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.7) precise-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect bounds checking on
private type 'keydata'
- lib/dns/rdata/generic/keydata_65533.c: check for correct length.
- Patch backported from 9.8.5-P2
- CVE-2013-4854
-- Marc Deslauriers <email address hidden> Fri, 26 Jul 2013 22:56:08 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.6) precise-security; urgency=low
* SECURITY UPDATE: denial of service via regex syntax checking
- configure,configure.in,config.h.in: remove check for regex.h to
disable regex syntax checking.
- CVE-2013-2266
-- Marc Deslauriers <email address hidden> Thu, 28 Mar 2013 15:31:46 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.5) precise-security; urgency=low
* SECURITY UPDATE: denial of service via DNS64 and crafted query
- bin/named/query.c: init rdataset before cleanup.
- Patch backported from 9.8.4-P1
- CVE-2012-5688
-- Marc Deslauriers <email address hidden> Wed, 05 Dec 2012 15:48:39 -0500
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.4) precise-security; urgency=low
* SECURITY UPDATE: denial of service via specific combinations of RDATA
- bin/named/query.c: fix logic
- Patch backported from 9.8.3-P4
- CVE-2012-5166
-- Marc Deslauriers <email address hidden> Fri, 05 Oct 2012 10:54:15 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.3) precise-security; urgency=low
* SECURITY UPDATE: denial of service via large crafted resource record
- check length in lib/dns/include/dns/rdata.h,
lib/dns/{master,rdata,rdataslab}.c. Added tests to
lib/dns/tests/Makefile.in, lib/dns/tests/{master,rdata}_test.c,
lib/dns/tests/testdata/master/master1{5,6}.data.
- Patch backported from 9.8.3-P3
- CVE-2012-4244
-- Marc Deslauriers <email address hidden> Wed, 12 Sep 2012 16:12:28 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.2) precise-security; urgency=low
* SECURITY UPDATE: denial of service via dnssec validation load
- lib/dns/resolver.c: don't use bad->expire before it has been set.
- Patch backported from 9.8.3-P2.
- CVE-2012-3817
-- Marc Deslauriers <email address hidden> Wed, 25 Jul 2012 16:21:36 -0400
-
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.1) precise-security; urgency=low
* SECURITY UPDATE: ghost domain names attack
- lib/dns/rbtdb.c: Restrict the TTL of NS RRset to no more than that
of the old NS RRset when replacing it.
- Patch backported from 9.8.2.
- CVE-2012-1033
* SECURITY UPDATE: denial of service via zero length rdata handling
- lib/dns/rdata.c,lib/dns/rdataslab.c: use sentinel pointer for
duplicate rdata.
- Patch backported from 9.8.3-P1.
- CVE-2012-1667
-- Marc Deslauriers <email address hidden> Mon, 04 Jun 2012 13:12:43 -0400
-
bind9 (1:9.8.1.dfsg.P1-4) unstable; urgency=low
[Christoph Egger]
* define _GNU_SOURCE on kfreebsd et al. Closes: #658201
[LaMont Jones]
* chmod typo in postinst. LP: #980798
* Correctly order debhelper bits in postrm. Closes: #661040
-- LaMont Jones <email address hidden> Fri, 13 Apr 2012 12:09:24 -0600
-
bind9 (1:9.8.1.dfsg.P1-3) unstable; urgency=low
[Zlatan Todoric]
* fixed Serbian latin translation of debconf template. Closes: #634951
[Peter Eisentraut]
* Add support for "status" action to lwresd init script. Closes: #651540
[Bjørn Steensrud]
* NB Translations. Closes: #654454
[LaMont Jones]
* Default to run_resolvconf=false. LP: #933723
* Deliver named.conf.options on fresh install. Closes: #657042 LP: #920202
* Do not deliver /usr/share/bind9/bind9-default.md5sum in the bind9 deb.
Closes: #620007 LP: #681536
* Deliver and use /etc/apparmor.d/local/usr.sbin.named for local overrides.
LP: #929563
-- LaMont Jones <email address hidden> Fri, 17 Feb 2012 14:40:29 -0800
-
bind9 (1:9.8.1.dfsg.P1-2) unstable; urgency=low
* Deliver named.conf.options on fresh install. Closes: #657042 LP: #920202
-- LaMont Jones <email address hidden> Wed, 25 Jan 2012 03:55:21 -0700
-
bind9 (1:9.8.1.dfsg.P1-1) unstable; urgency=low
[Internet Software Consortium, Inc]
* 9.8.1-P1
- Cache lookup could return RRSIG data associated with nonexistent
records, leading to an assertion failure.
[LaMont Jones]
* add a readme entry for DNSSEC-by-default
* Failed to install due to chgrp on non-existant directory. Closes: #647598
* ack NMU: l10n issues
-- LaMont Jones <email address hidden> Wed, 18 Jan 2012 10:44:14 -0700
-
bind9 (1:9.8.1.dfsg.P1-1~build1) precise; urgency=low
* precise upload
bind9 (1:9.8.1.dfsg.P1-1) unstable; urgency=low
[Internet Software Consortium, Inc]
* 9.8.1-P1
- Cache lookup could return RRSIG data associated with nonexistent
records, leading to an assertion failure.
[LaMont Jones]
* add a readme entry for DNSSEC-by-default
* Failed to install due to chgrp on non-existant directory. Closes: #647598
* ack NMU: l10n issues
bind9 (1:9.8.1.dfsg-1.1) unstable; urgency=low
* Non-maintainer upload.
* Fix pending l10n issues. Debconf translations:
- Danish (Joe Hansen). Closes: #619302
- Korean (강민지). Closes: #632006, #632016
- Serbian (FULL NAME). Closes: #634886
-- LaMont Jones <email address hidden> Thu, 19 Jan 2012 12:30:31 -0700
-
bind9 (1:9.7.3.dfsg-1ubuntu5) precise; urgency=low
* SECURITY UPDATE: denial of service via specially crafted packet
- bin/named/query.c,lib/dns/rbtdb.c: correctly handle cache lookups
that return RRSIG data associated with nonexistent records.
- Patch backported from 9.7.4-P1.
- CVE-2011-4313
-- Marc Deslauriers <email address hidden> Wed, 16 Nov 2011 14:22:11 -0500
-
bind9 (1:9.7.3.dfsg-1ubuntu4) oneiric; urgency=low
* debian/apparmor-profile: Allow /var/run and /run. (LP: #810270)
-- Martin Pitt <email address hidden> Thu, 14 Jul 2011 15:15:45 +0200