bind9 (1:9.10.3.dfsg.P4-1) experimental; urgency=medium [ ISC ] * New upstream: 9.10.3-P3 - Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396] - render_ecs errors were mishandled when printing out a OPT record resulting in a assertion failure. (CVE-2015-8705) [RT #41397] - Fixed a regression in resolver.c:possibly_mark() which caused known-bogus servers to be queried anyway. [RT #41321] * New upstream: 9.10.3-P4 - Malformed control messages can trigger assertions in named and rndc. (CVE-2016-1285) [RT #41666] - Fix resolver assertion failure due to improper DNAME handling when parsing fetch reply messages. (CVE-2016-1286) [RT #41753] - Duplicate EDNS COOKIE options in a response could trigger an assertion failure. (CVE-2016-2088) [RT #41809]
[LaMont Jones] * Do not build -export libs for libbind90 and liblwres. Relates in part to, and is the last fix to LP: #1551351 * update patches for 9.10.3.dfsg.P4. Drop 50_CVE_2015-8704.diff [ Stefan Bader ] * Do not modify signal handlers for external apps. LP: #1556175 Date: Thu, 17 Mar 2016 14:53:36 -0600 Changed-By: LaMont Jones <lam...@debian.org> https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 17 Mar 2016 14:53:36 -0600 Source: bind9 Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-140 libdns162 libirs141 libisc160 liblwres141 libisccc140 libisccfg140 dnsutils lwresd libbind-export-dev libdns-export162 libdns-export162-udeb libisc-export160 libisc-export160-udeb libisccfg-export140 libisccc-export140 libisccc-export140-udeb libisccfg-export140-udeb libirs-export141 libirs-export141-udeb Architecture: source Version: 1:9.10.3.dfsg.P4-1 Distribution: xenial Urgency: medium Maintainer: LaMont Jones <lam...@debian.org> Changed-By: LaMont Jones <lam...@debian.org> Description: bind9 - Internet Domain Name Server bind9-doc - Documentation for BIND bind9-host - Version of 'host' bundled with BIND 9.X bind9utils - Utilities for BIND dnsutils - Clients provided with BIND host - Transitional package libbind-dev - Static Libraries and Headers used by BIND libbind-export-dev - Development files for the exported BIND libraries libbind9-140 - BIND9 Shared Library used by BIND libdns-export162 - Exported DNS Shared Library libdns-export162-udeb - Exported DNS library for debian-installer (udeb) libdns162 - DNS Shared Library used by BIND libirs-export141 - Exported IRS Shared Library libirs-export141-udeb - Exported IRS library for debian-installer (udeb) libirs141 - DNS Shared Library used by BIND libisc-export160 - Exported ISC Shared Library libisc-export160-udeb - Exported ISC library for debian-installer (udeb) libisc160 - ISC Shared Library used by BIND libisccc-export140 - Command Channel Library used by BIND libisccc-export140-udeb - Command Channel Library used by BIND (udeb) libisccc140 - Command Channel Library used by BIND libisccfg-export140 - Exported ISC CFG Shared Library libisccfg-export140-udeb - Exported ISC CFG library for debian-installer (udeb) libisccfg140 - Config File Handling Library used by BIND liblwres141 - Lightweight Resolver Library used by BIND lwresd - Lightweight Resolver Daemon Changes: bind9 (1:9.10.3.dfsg.P4-1) experimental; urgency=medium . [ ISC ] * New upstream: 9.10.3-P3 - Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396] - render_ecs errors were mishandled when printing out a OPT record resulting in a assertion failure. (CVE-2015-8705) [RT #41397] - Fixed a regression in resolver.c:possibly_mark() which caused known-bogus servers to be queried anyway. [RT #41321] * New upstream: 9.10.3-P4 - Malformed control messages can trigger assertions in named and rndc. (CVE-2016-1285) [RT #41666] - Fix resolver assertion failure due to improper DNAME handling when parsing fetch reply messages. (CVE-2016-1286) [RT #41753] - Duplicate EDNS COOKIE options in a response could trigger an assertion failure. (CVE-2016-2088) [RT #41809] . [LaMont Jones] . * Do not build -export libs for libbind90 and liblwres. Relates in part to, and is the last fix to LP: #1551351 * update patches for 9.10.3.dfsg.P4. Drop 50_CVE_2015-8704.diff . [ Stefan Bader ] . * Do not modify signal handlers for external apps. LP: #1556175 Checksums-Sha1: 361d84ba92889e4c1037ed3909aaa854bbffaf6e 3699 bind9_9.10.3.dfsg.P4-1.dsc 36d20fd54a67b1fbcb65277887bf150070207210 8641072 bind9_9.10.3.dfsg.P4.orig.tar.gz beb6adfe8a5e3356ffd679f43850500ac87cf4d9 64080 bind9_9.10.3.dfsg.P4-1.debian.tar.xz Checksums-Sha256: 99ef223d5b9168c86b33c26e74e1d4d698c664e5bce53e051e3fea90d54fa9f4 3699 bind9_9.10.3.dfsg.P4-1.dsc 895077c868d06eea39c1526624f2278a3b51a3358b5aa50f48a0f1c16a7ab6e6 8641072 bind9_9.10.3.dfsg.P4.orig.tar.gz 136db01be75a2c2eb6c61451c804bc48fe32d471ce59b4582f5366d66f3e26dc 64080 bind9_9.10.3.dfsg.P4-1.debian.tar.xz Files: 871c335360465eca92ce5123a118a06b 3699 net optional bind9_9.10.3.dfsg.P4-1.dsc 909aa9f0c48b7c2d0d604ea78d9fc607 8641072 net optional bind9_9.10.3.dfsg.P4.orig.tar.gz 21710521a75495d20ce172009dd9083f 64080 net optional bind9_9.10.3.dfsg.P4-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBVusgK9VHlGMnADo/AQhGfA/+KbfZ2b7WeeDbOYlbiTI/R3l4/vT2L0J4 u80ztv4kNZWc8Xv2bUuTqBTDrYNJUh+BEUPIlnZ2MFujCosDE8/Is417k7YsKs+u 2ivGNXWV680epOC0A5dopAc4UDAZ/Clnhj0FS4x34Cl1Hh626Z3NWTa5t+aYpCHf PpZHlZvFe8FQb6dmucHFOoo5m9jOQoK27uS+HW4R/cBWqNmAjOH6oR3su344w9Az oMUlT9DaWlcl88tqMCCGtFH8M6K2zPhaKhvX/dF8hMIY2UCvnaqwL95wXwWoWf+Y 3Nx/FvpfdBueLnH/dPvDTkYS6p5zhpNsKoxEptGI4FW/D3ZnpcoyZRqePfizOA4n ofdtfvY9x6CmmHKL2pjWtyHKFP8fcCkbV5wjji9VmXFG7TkxSGBZ9zqcj+YBrHBK kQ0UmylzxP94Sl2Nl42Zpx/cQDT+oT6dAiaFTydIm+YYEepO4hxkkXl5+8wfARLE rH0jkWMSUgRP5giH2+NFSED6ae6TRABwf3JXYHBADyHosvg299lUlDshOUHOFA0Y iVqYxhFgf1JUElkpOHLMt1F/hImZDRJmRKXlvjBa4Nqgemoq1kdW+ACzoG8l4bTW srPt9BcHEXekaqTXg6YG7Rb6ZLkpNvuIh55VbY+oooA4i28aZ3nTiwPiix3OyUDJ nR5Edez8C/8= =PEdW -----END PGP SIGNATURE-----
-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes