Superseded
by bind9 - 1:9.19.24-1+ubuntu22.04.1+deb.sury.org+1
Published
Changelog
bind9 (1:9.19.23-1+ubuntu22.04.1+deb.sury.org+1) jammy; urgency=medium
* No-change backport to jammy.
bind9 (1:9.19.23-1) unstable; urgency=medium
* New upstream version 9.19.23
bind9 (1:9.19.22-1) unstable; urgency=medium
* New upstream version 9.19.22
- A regression caused by CVE-2023-6516 fix could lead into
an out-of-memory condition when the server is under heavy
load.
bind9 (1:9.19.21-1) unstable; urgency=high
[ Helmut Grohne ]
* Drop unused Build-Depends: python3. (Closes: #1063448)
[ Ondřej Surý ]
* New upstream version 9.19.21
- CVE-2023-4408: Parsing large DNS messages may cause excessive CPU
load
- CVE-2023-5517: Querying RFC 1918 reverse zones may cause an assertion
failure when "nxdomain-redirect" is enabled
- CVE-2023-5679: Enabling both DNS64 and serve-stale may cause an
assertion failure during recursive resolution
- CVE-2023-6516: Specific recursive query patterns may lead to an
out-of-memory condition
- CVE-2023-50387: KeyTrap - Extreme CPU consumption in DNSSEC validator
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof can exhaust
CPU resources
bind9 (1:9.19.19-1) unstable; urgency=medium
[ Ondřej Surý ]
* New upstream version 9.19.19
[ Bernhard Schmidt ]
* Sync 9.18 to 9.19 (Closes: #1056984)
bind9 (1:9.19.18-1) unstable; urgency=medium
* New upstream version 9.19.18
bind9 (1:9.19.17-1) unstable; urgency=medium
* New upstream version 9.19.17
- CVE-2023-3341: A stack exhaustion flaw in control channel code may
cause named to terminate unexpectedly (Closes: #1052416)
- CVE-2023-4236: named may terminate unexpectedly under high
DNS-over-TLS query load (Closes: #1052417)
bind9 (1:9.19.16-1) experimental; urgency=medium
* New upstream version 9.19.16
bind9 (1:9.19.15-1) experimental; urgency=medium
* New upstream version 9.19.15
bind9 (1:9.19.14-1) experimental; urgency=medium
* New upstream version 9.19.14
bind9 (1:9.19.13-1) experimental; urgency=medium
* New upstream version 9.19.13
bind9 (1:9.19.12-2) experimental; urgency=medium
* Add liburcu-dev to Build-Depends
bind9 (1:9.19.12-1) experimental; urgency=medium
* New upstream version 9.19.12
bind9 (1:9.19.11-1) experimental; urgency=medium
* New upstream version 9.19.11
* Update the d/bind9-dev.install, d/bind9.install and d/not-installed
after library squash
bind9 (1:9.19.10-1) experimental; urgency=medium
* New upstream version 9.19.10
* Drop libtool-bin from B-D (Closes: #1022968)
bind9 (1:9.19.9-2) experimental; urgency=medium
* Allow the named to use systemd notify service
bind9 (1:9.19.9-1) experimental; urgency=medium
* New upstream version 9.19.9
bind9 (1:9.19.8-1) experimental; urgency=medium
* New upstream version 9.19.8
bind9 (1:9.19.7-1) experimental; urgency=medium
* New upstream version 9.19.7
bind9 (1:9.19.6-2) experimental; urgency=medium
* Use systemd notify for service readyness check (Closes: #994696)
bind9 (1:9.19.6-1) experimental; urgency=medium
* New upstream version 9.19.6
bind9 (1:9.19.5-1) experimental; urgency=medium
* New upstream version 9.19.5
- CVE-2022-2795: Processing large delegations may severely degrade
resolver performance
- CVE-2022-2881: Buffer overread in statistics channel code
- CVE-2022-2906: Memory leaks in code handling Diffie-Hellman key
exchange via TKEY RRs (OpenSSL 3.0.0+ only)
- CVE-2022-3080: BIND 9 resolvers configured to answer from stale
cache with zero stale-answer-client-timeout may terminate unexpectedly
- CVE-2022-38177: Memory leak in ECDSA DNSSEC verification code
- CVE-2022-38178: Memory leaks in EdDSA DNSSEC verification code
bind9 (1:9.19.4-1) unstable; urgency=medium
* Remove doc/misc/options.active from the docs
* New upstream version 9.19.4
bind9 (1:9.19.3-1) unstable; urgency=medium
* New upstream version 9.19.3
bind9 (1:9.19.2-1) unstable; urgency=medium
* New upstream version 9.19.2
bind9 (1:9.19.1-1) unstable; urgency=medium
* Disable treat-warnings-as-errors in sphinx-build
* New upstream version 9.19.1
bind9 (1:9.19.0-1) unstable; urgency=medium
* Update d/ for BIND 9.19 Development
* New upstream version 9.19.0
-- Ondřej Surý <email address hidden> Wed, 17 Apr 2024 23:49:04 +0200