[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Lena Voytek]

** No longer affects: bind-dyndb-ldap (Ubuntu Focal)

** Changed in: bind9 (Ubuntu Focal)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind9 source package in Focal:
  In Progress
Status in bind-dyndb-ldap source package in Jammy:
  Fix Committed
Status in bind9 source package in Jammy:
  Fix Released
Status in bind-dyndb-ldap source package in Kinetic:
  Fix Committed
Status in bind9 source package in Kinetic:
  Fix Released

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3200

  This will also fix bugs LP: #1258003, LP: #1970252, and LP: #2006972

  Full release notes for versions 9.18.2-9.18.12:
  https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-
  bind-9-18-12

  
  For bind9 9.16.2-9.16.39, major changes include:

  CVE fixes (These already existed as 

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Lena Voytek]

** Merge proposal linked:
   
https://code.launchpad.net/~lvoytek/ubuntu/+source/bind9/+git/bind9/+merge/439956

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  Fix Committed
Status in bind9 source package in Jammy:
  Fix Released
Status in bind-dyndb-ldap source package in Kinetic:
  Fix Committed
Status in bind9 source package in Kinetic:
  Fix Released

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3200

  This will also fix bugs LP: #1258003, LP: #1970252, and LP: #2006972

  Full release notes for versions 9.18.2-9.18.12:
  https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-
  bind-9-18-12

  
  For bind9 9.16.2-9.16.39, major changes include:

  CVE 

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Lena Voytek]

** Description changed:

  This bug tracks an update for the bind9 package, moving to versions:
  
  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36
  
  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.
  
  [Upstream changes]
  
  For bind9 9.18.2-9.18.12, major changes include:
  
  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924
  
  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs
  
  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option
  
  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3200
  
  This will also fix bugs LP: #1258003, LP: #1970252, and LP: #2006972
  
  Full release notes for versions 9.18.2-9.18.12:
  https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-
  bind-9-18-12
  
+ 
+ For bind9 9.16.2-9.16.39, major changes include:
+ 
+ CVE fixes (These already existed as patches but are now included as part of 
upstream):
+ CVE-2020-8616
+ CVE-2020-8617
+ CVE-2020-8618
+ CVE-2020-8619,
+ CVE-2020-8620
+ CVE-2020-8621
+ CVE-2020-8622
+ CVE-2020-8623
+ CVE-2020-8624
+ CVE-2020-8625
+ CVE-2021-25214
+ CVE-2021-25215
+ CVE-2021-25219
+ CVE-2021-25220
+ CVE-2022-2795
+ CVE-2022-38177
+ CVE-2022-38178
+ CVE-2022-3094
+ 
+ Features:
+ update-quota option
+ parental-agents configuration option
+ stale-refresh-time configuration option
+ stale-cache-enable configuration option
+ purge-keys and nsec3param options in dnssec-policy
+ max-ixfr-ratio option
+ stale-answer-client-timeout option
+ rndc dnssec -rollover command
+ rndc dnssec -checkds command
+ rndc dnssec -status command
+ 

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Launchpad Bug Tracker]

This bug was fixed in the package bind9 - 1:9.18.12-0ubuntu0.22.10.1

---
bind9 (1:9.18.12-0ubuntu0.22.10.1) kinetic; urgency=medium

  * New upstream releases 9.18.5 - 9.18.12 (LP: #2003586)
- Updates:
  + update-quota option
  + named -V shows supported cryptographic algorithms
- Bug Fixes Include:
  + Fix crash when using dig with +nssearch and +tcp (LP: #1258003)
  + Fix incomplete results using dig with +nssearch (LP: #1970252)
  + CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080,
CVE-2022-38178, CVE-2022-3094, CVE-2022-3736, CVE-2022-3924
  + Fix thread safety in dns_dispatch
  + Fix ADB quota management in resolver
  + Fix Prohibited DNS error on allow-recursion
  + Fix crash when restarting server with active statschannel connection
  + Fix use after free for catalog zone processing
  + Fix leak of dns_keyfileio_t objects
  + Fix nslookup failure to use port option when record type ANY is used
  + Fix crash on dnssec-policy zone with NSEC3 and inline-signing turned on
  + Fix inheritance when setting remote server port
  + Fix assertion error when accessing statistics channel
  + Fix rndc dumpdb -expired for stuck cache
  + Fix check for other name servers after receiving FORMERR
  + See 
https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-bind-9-18-12
for additional bug fixes and information
  * Improve dep-8 test suite (LP: #2003584):
- d/t/zonetest: Add dep8 test for checking the domain zone creation process
- d/t/control: Add new test outline
  * d/bind9-doc.docs: Stop installing removed file doc/misc/options.active
  * d/p/0001-Disable-treat-warnings-as-errors-in-sphinx-build.patch: refresh to
apply with version 9.18.8
  * Remove CVE patches fixed upstream:
- debian/patches/CVE-2022-2795.patch
- debian/patches/CVE-2022-2881.patch
- debian/patches/CVE-2022-2906.patch
- debian/patches/CVE-2022-3080.patch
- debian/patches/CVE-2022-38178.patch
  [Included in upstream release 9.18.7]
- debian/patches/CVE-2022-3094.patch
- debian/patches/CVE-2022-3736.patch
- debian/patches/CVE-2022-3924.patch
  [Included in upstream release 9.18.11]

 -- Lena Voytek   Wed, 08 Mar 2023 08:49:53
-0700

** Changed in: bind9 (Ubuntu Kinetic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  Fix Committed
Status in bind9 source package in Jammy:
  Fix Released
Status in bind-dyndb-ldap source package in Kinetic:
  Fix Committed
Status in bind9 source package in Kinetic:
  Fix Released

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Launchpad Bug Tracker]

This bug was fixed in the package bind9 - 1:9.18.12-0ubuntu0.22.04.1

---
bind9 (1:9.18.12-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream releases 9.18.2 - 9.18.12 (LP: #2003586)
- Updates:
  + update-quota option
  + named -V shows supported cryptographic algorithms
  + Catalog Zones schema version 2 support in named
  + DNS error support Stale Answer and Stale NXDOMAIN Answer
  + Remote TLS certificate verification support
  + reusereport option
- Bug Fixes Include:
  + Fix crash when using dig with +nssearch and +tcp (LP: #1258003)
  + Fix incomplete results using dig with +nssearch (LP: #1970252)
  + Fix loading of preinstalled plugins (LP: #2006972)
  + CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080,
CVE-2022-38178, CVE-2022-3094, CVE-2022-3736, CVE-2022-3924,
CVE-2022-1183
  + Fix thread safety in dns_dispatch
  + Fix ADB quota management in resolver
  + Fix Prohibited DNS error on allow-recursion
  + Fix crash when restarting server with active statschannel connection
  + Fix use after free for catalog zone processing
  + Fix leak of dns_keyfileio_t objects
  + Fix nslookup failure to use port option when record type ANY is used
  + Fix crash on dnssec-policy zone with NSEC3 and inline-signing turned on
  + Fix inheritance when setting remote server port
  + Fix assertion error when accessing statistics channel
  + Fix rndc dumpdb -expired for stuck cache
  + Fix check for other name servers after receiving FORMERR
  + Fix deletion of CDS after zone sign
  + Fix dighost query context management
  + Fix dig hanging due to IPv4 mapped IPv6 address
  + See 
https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-bind-9-18-12
for additional bug fixes and information
  * Improve dep-8 test suite (LP: #2003584):
- d/t/zonetest: Add dep8 test for checking the domain zone creation process
- d/t/control: Add new test outline
  * d/bind9-doc.docs: Stop installing removed file doc/misc/options.active
  * Remove patches for bugs LP #1964400 and LP #1964686 fixed upstream:
- lp1964400-lp1964686-Fix-an-issue-in-dig-when-retrying-with-the-next-serv
- lp1964400-lp1964686-When-resending-a-UDP-request-insert-the-query-to-the
- lp1964400-lp1964686-Add-digdelv-system-test-to-check-timed-out-result-fo
- lp1964400-lp1964686-After-dig-request-errors-try-to-use-other-servers-wh
- lp1964400-lp1964686-Add-digdelv-system-test-to-check-that-dig-tries-othe
- lp1964400-lp1964686-Fix-dig-error-when-trying-the-next-server-after-a-TC
- lp1964400-lp1964686-Add-various-dig-host-tests-for-TCP-UDP-socket-error-
  * Remove CVE patches fixed upstream:
- debian/patches/CVE-2022-1183.patch
  [Included in upstream release 9.18.3]
- debian/patches/CVE-2022-2795.patch
- debian/patches/CVE-2022-2881.patch
- debian/patches/CVE-2022-2906.patch
- debian/patches/CVE-2022-3080.patch
- debian/patches/CVE-2022-38178.patch
  [Included in upstream release 9.18.7]
- debian/patches/CVE-2022-3094.patch
- debian/patches/CVE-2022-3736.patch
- debian/patches/CVE-2022-3924.patch
  [Included in upstream release 9.18.11]

 -- Lena Voytek   Wed, 08 Mar 2023 12:08:55
-0700

** Changed in: bind9 (Ubuntu Jammy)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1183

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2795

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2881

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2906

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3080

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3094

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3736

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-38178

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3924

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  Fix Committed
Status in bind9 source package in Jammy:
  Fix Released
Status in bind-dyndb-ldap source package in Kinetic:
  Fix Committed
Status in bind9 source package in Kinetic:
  Fix Released

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Lena Voytek]

Verified installation success for Jammy and kinetic:

# lxc launch images:ubuntu/jammy test-bind-dyndb-ldap
# lxc exec test-bind-dyndb-ldap bash
# apt update && apt dist-upgrade -y

# apt install -y bind9-dyndb-ldap
...
The following packages have unmet dependencies:
 bind9-dyndb-ldap : Depends: bind9-libs (= 1:9.18.1-1ubuntu1) but 
1:9.18.1-1ubuntu1.3 is to be installed
E: Unable to correct problems, you have held broken packages.


# cat 

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Timo Aaltonen]

Hello Lena, or anyone else affected,

Accepted bind-dyndb-ldap into jammy-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/bind-dyndb-
ldap/11.9-5ubuntu0.22.04.1 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: bind-dyndb-ldap (Ubuntu Jammy)
   Status: In Progress => Fix Committed

** Tags removed: verification-done-jammy
** Tags added: verification-needed-jammy

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  Fix Committed
Status in bind9 source package in Jammy:
  Fix Committed
Status in bind-dyndb-ldap source package in Kinetic:
  Fix Committed
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Timo Aaltonen]

Hello Lena, or anyone else affected,

Accepted bind-dyndb-ldap into kinetic-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/bind-dyndb-
ldap/11.10-1ubuntu0.22.10.1 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
kinetic to verification-done-kinetic. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-kinetic. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: bind-dyndb-ldap (Ubuntu Kinetic)
   Status: In Progress => Fix Committed

** Tags removed: verification-done verification-done-kinetic
** Tags added: verification-needed verification-needed-kinetic

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  Fix Committed
Status in bind-dyndb-ldap source package in Kinetic:
  Fix Committed
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Lena Voytek]

Verified for Kinetic:

verified for bugs:
(LP: #2003584)
(LP: #2006972)
(LP: #1258003)
(LP: #1970252)

DEP-8 Tests work as expected:

autopkgtest [21:02:38]:  summary
simpletest PASS
validation FLAKY non-zero exit status 1
zonetest PASS

** Tags removed: verification-needed verification-needed-kinetic
** Tags added: verification-done verification-done-kinetic

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  Fix Committed
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Simon Déziel]

I've tested the Jammy -proposed package and it works well here:

The following packages will be upgraded:
   bind9 (1:9.18.1-1ubuntu1.3 => 1:9.18.12-0ubuntu0.22.04.1)
   bind9-dnsutils (1:9.18.1-1ubuntu1.3 => 1:9.18.12-0ubuntu0.22.04.1)
   bind9-host (1:9.18.1-1ubuntu1.3 => 1:9.18.12-0ubuntu0.22.04.1)
   bind9-libs (1:9.18.1-1ubuntu1.3 => 1:9.18.12-0ubuntu0.22.04.1)
   bind9-utils (1:9.18.1-1ubuntu1.3 => 1:9.18.12-0ubuntu0.22.04.1)
5 upgraded, 0 newly installed, 0 to remove and 13 not upgraded.
Need to get 1,870 kB of archives.


The journal output looks good:

Mar 20 17:31:30 bind named[1088]: all zones loaded
Mar 20 17:31:30 bind named[1088]: running

It successfully loaded my 28 zones (most of them using DNSSEC) and was
able to transfer zones properly.

# rndc status
version: BIND 9.18.12-0ubuntu0.22.04.1-Ubuntu (Extended Support Version)  
(version.bind/txt/ch disabled)
running on bind: Linux x86_64 5.19.0-35-generic #36~22.04.1-Ubuntu SMP 
PREEMPT_DYNAMIC Fri Feb 17 15:17:25 UTC 2
boot time: Mon, 20 Mar 2023 17:31:30 GMT
last configured: Mon, 20 Mar 2023 17:31:30 GMT
configuration file: /etc/bind/named.conf
CPUs found: 2
worker threads: 2
UDP listeners per interface: 2
number of zones: 28 (0 automatic)
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/900/1000
tcp clients: 0/150
TCP high-water: 5
server is up and running

** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  Fix Committed
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Timo Aaltonen]

oh cool, I missed those.. yes they look fine to me too.

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  Fix Committed
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3200

  This will also fix bugs LP: #1258003, LP: #1970252, and LP: #2006972

  Full release notes for versions 9.18.2-9.18.12:
  https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-
  bind-9-18-12

  [Test Plan]

  DEP-8 Tests:

  simpletest - Confirms bind9 daemon starts successfully and dig can
  find 127.0.0.1 

Re: [Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Sergio Durigan Junior]

On Saturday, March 18 2023, Timo Aaltonen wrote:

> Lena, I can help with the bind-dyndb-ldap backports. The version in
> lunar has everything, it should be backportable as-is to kinetic, but I
> wonder if the same would be fine for jammy too.

Timo, Lena prepared an SRU for bind-dyndb-ldap for Jammy and Kinetic:

https://code.launchpad.net/~lvoytek/ubuntu/+source/bind-dyndb-ldap/+git/bind-dyndb-ldap/+merge/438637
https://code.launchpad.net/~lvoytek/ubuntu/+source/bind-dyndb-ldap/+git/bind-dyndb-ldap/+merge/438564

Everything is looking good; I was just waiting for bind9 to be accepted
because Lena's bind-dyndb-ldap won't build with bind9 < 9.18.12.  Now
that both packages are in -proposed, I'll upload her changes soon.

-- 
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0  EB2F 106D A1C8 C3CB BF14

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  Fix Committed
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Timo Aaltonen]

Lena, I can help with the bind-dyndb-ldap backports. The version in
lunar has everything, it should be backportable as-is to kinetic, but I
wonder if the same would be fine for jammy too.

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  Fix Committed
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3200

  This will also fix bugs LP: #1258003, LP: #1970252, and LP: #2006972

  Full release notes for versions 9.18.2-9.18.12:
  https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Steve Langasek]

Hello Lena, or anyone else affected,

Accepted bind9 into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/bind9/1:9.18.12-0ubuntu0.22.04.1 in
a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: bind9 (Ubuntu Jammy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-jammy

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  Fix Committed
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Steve Langasek]

Hello Lena, or anyone else affected,

Accepted bind9 into kinetic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/bind9/1:9.18.12-0ubuntu0.22.10.1 in
a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
kinetic to verification-done-kinetic. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-kinetic. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: bind9 (Ubuntu Kinetic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-kinetic

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  In Progress
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  Fix Committed

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Steve Langasek]

** Description changed:

  This bug tracks an update for the bind9 package, moving to versions:
  
  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36
  
  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.
  
  [Upstream changes]
  
  For bind9 9.18.2-9.18.12, major changes include:
  
  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924
  
  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs
  
  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option
  
  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3200
  
  This will also fix bugs LP: #1258003, LP: #1970252, and LP: #2006972
  
  Full release notes for versions 9.18.2-9.18.12:
  https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-
  bind-9-18-12
  
  [Test Plan]
  
  DEP-8 Tests:
  
  simpletest - Confirms bind9 daemon starts successfully and dig can find
  127.0.0.1 through the default setup of bind9
  
  zonetest - Added in this update, currently in lunar. Confirms the
  functionality of named and bind9 by creating a local DNS zone and
  domain, and having dig look it up
  
  validation - This test is provided by Debian and consistently fails both
  before and after the update due to several issues. It is marked as
  flaky, and does not block autopkgtest passing overall
  
  Bug fix tests:
  
- Test for LP: #1258003 fix:
- # lxc launch images:ubuntu/{kinetic, jammy} test-bind9
- # lxc exec test-bind9
- # apt update && apt dist-upgrade -y
- # apt install dnsutils -y
- # dig google.com +nssearch +tcp
- - Before the update this leads to a crash ending 

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Sergio Durigan Junior]

** Merge proposal linked:
   
https://code.launchpad.net/~lvoytek/ubuntu/+source/bind-dyndb-ldap/+git/bind-dyndb-ldap/+merge/438637

** Merge proposal linked:
   
https://code.launchpad.net/~lvoytek/ubuntu/+source/bind-dyndb-ldap/+git/bind-dyndb-ldap/+merge/438564

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  In Progress
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  In Progress

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.12, major changes include:

  CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3200

  This will also fix bugs LP: #1258003, LP: #1970252, and LP: #2006972

  Full release notes for versions 

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Lena Voytek]

** Description changed:

  This bug tracks an update for the bind9 package, moving to versions:
  
  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36
  
  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.
  
  [Upstream changes]
  
- For bind9 9.18.2-9.18.11, major changes include:
+ For bind9 9.18.2-9.18.12, major changes include:
  
- CVE fixes:
+ CVE fixes (These already existed as patches but are now included as part of 
upstream):
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924
  
  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs
  
  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option
  
  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3248
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3142
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3200
  
  This will also fix bugs LP: #1258003, LP: #1970252, and LP: #2006972
  
- Full release notes for versions 9.18.2-9.18.11:
- https://bind9.readthedocs.io/en/v9_18_11/notes.html#notes-for-
- bind-9-18-11
+ Full release notes for versions 9.18.2-9.18.12:
+ https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-
+ bind-9-18-12
  
  [Test Plan]
  
  DEP-8 Tests:
  
  simpletest - Confirms bind9 daemon starts successfully and dig can find
  127.0.0.1 through the default setup of bind9
  
  zonetest - Added in this update, currently in lunar. Confirms the
  functionality of named and bind9 by creating a local DNS zone and
  domain, and having dig look it up
  
  validation - This test is provided by Debian and consistently fails both
  before and after the update due to several issues. It is marked as
  flaky, and does not block autopkgtest passing overall
  
  Bug fix tests:
  
  Test for LP: #1258003 fix:
  # lxc launch 

[Freeipa] [Bug 2003586] Re: MRE Updates 9.18.12 / 9.16.36

[Lena Voytek]

** Also affects: bind-dyndb-ldap (Ubuntu)
   Importance: Undecided
   Status: New

** Changed in: bind-dyndb-ldap (Ubuntu)
   Status: New => Fix Released

** Changed in: bind-dyndb-ldap (Ubuntu Kinetic)
   Status: New => In Progress

** Changed in: bind-dyndb-ldap (Ubuntu Jammy)
   Status: New => In Progress

** Changed in: bind-dyndb-ldap (Ubuntu Jammy)
 Assignee: (unassigned) => Lena Voytek (lvoytek)

** Changed in: bind-dyndb-ldap (Ubuntu Focal)
 Assignee: (unassigned) => Lena Voytek (lvoytek)

** Changed in: bind-dyndb-ldap (Ubuntu Kinetic)
 Assignee: (unassigned) => Lena Voytek (lvoytek)

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/2003586

Title:
  MRE Updates 9.18.12 / 9.16.36

Status in bind-dyndb-ldap package in Ubuntu:
  Fix Released
Status in bind9 package in Ubuntu:
  Fix Released
Status in bind-dyndb-ldap source package in Focal:
  New
Status in bind9 source package in Focal:
  New
Status in bind-dyndb-ldap source package in Jammy:
  In Progress
Status in bind9 source package in Jammy:
  In Progress
Status in bind-dyndb-ldap source package in Kinetic:
  In Progress
Status in bind9 source package in Kinetic:
  In Progress

Bug description:
  This bug tracks an update for the bind9 package, moving to versions:

  * Kinetic (22.10): bind9 9.18.12
  * Jammy (22.04): bind9 9.18.12
  * Focal (20.04): bind9 9.16.36

  These updates include bug fixes following the SRU policy exception
  defined at https://wiki.ubuntu.com/Bind9Updates.

  [Upstream changes]

  For bind9 9.18.2-9.18.11, major changes include:

  CVE fixes:
  CVE-2022-1183
  CVE-2022-2795
  CVE-2022-2881
  CVE-2022-2906
  CVE-2022-3080
  CVE-2022-38178
  CVE-2022-3094
  CVE-2022-3736
  CVE-2022-3924

  Features:
  update-quota option
  named -V shows supported cryptographic algorithms
  Additional info given for recursion not available and query (cache) '...' 
denied outputs

  Jammy only (Kinetic already has these):
  Catalog Zones schema version 2 support in named
  DNS error support Stale Answer and Stale NXDOMAIN Answer
  remote TLS certificate verification support
  reusereport option

  Bug Fixes:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3178
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3636
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3772
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3752
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3678
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3637
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3739
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3743
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3725
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3693
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3683
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3727
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3638
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3183
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3721
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3707
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3591
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3598
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3247
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3584
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3627
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3563
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3603
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3542
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3557
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2982
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3439
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3438
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2918
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3462
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3400
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3402
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3152
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3415
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2506
  Jammy only:
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3327
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3380
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3302
  https://gitlab.isc.org/isc-projects/bind9/-/issues/2931
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3242
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3128
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3145
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3184
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3205
  https://gitlab.isc.org/isc-projects/bind9/-/issues/3244