[ubuntu/disco-proposed] bind9 1:9.11.5.P1+dfsg-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Feb 22 10:47:13 UTC 2019


bind9 (1:9.11.5.P1+dfsg-1ubuntu2) disco; urgency=medium

  * SECURITY UPDATE: memory leak via specially crafted packet
    - debian/patches/CVE-2018-5744.patch: silently drop additional keytag
      options in bin/named/client.c.
    - CVE-2018-5744
  * SECURITY UPDATE: assertion failure when a trust anchor rolls over to an
    unsupported key algorithm when using managed-keys
    - debian/patches/CVE-2018-5745.patch: properly handle situations when
      the key tag cannot be computed in lib/dns/include/dst/dst.h,
      lib/dns/zone.c.
    - CVE-2018-5745
  * SECURITY UPDATE: Controls for zone transfers may not be properly
    applied to Dynamically Loadable Zones (DLZs) if the zones are writable
    - debian/patches/CVE-2019-6465.patch: handle zone transfers marked in
      the zone table as a DLZ zone bin/named/xfrout.c.
    - CVE-2019-6465

Date: Fri, 22 Feb 2019 10:52:30 +0100
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.11.5.P1+dfsg-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 22 Feb 2019 10:52:30 +0100
Source: bind9
Architecture: source
Version: 1:9.11.5.P1+dfsg-1ubuntu2
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 bind9 (1:9.11.5.P1+dfsg-1ubuntu2) disco; urgency=medium
 .
   * SECURITY UPDATE: memory leak via specially crafted packet
     - debian/patches/CVE-2018-5744.patch: silently drop additional keytag
       options in bin/named/client.c.
     - CVE-2018-5744
   * SECURITY UPDATE: assertion failure when a trust anchor rolls over to an
     unsupported key algorithm when using managed-keys
     - debian/patches/CVE-2018-5745.patch: properly handle situations when
       the key tag cannot be computed in lib/dns/include/dst/dst.h,
       lib/dns/zone.c.
     - CVE-2018-5745
   * SECURITY UPDATE: Controls for zone transfers may not be properly
     applied to Dynamically Loadable Zones (DLZs) if the zones are writable
     - debian/patches/CVE-2019-6465.patch: handle zone transfers marked in
       the zone table as a DLZ zone bin/named/xfrout.c.
     - CVE-2019-6465
Checksums-Sha1:
 54666c1560389f69e7829ad62ffeb0eba8dedafd 3963 bind9_9.11.5.P1+dfsg-1ubuntu2.dsc
 b5bdc6f14dd26b6c8dd185007d12f34f4fcc4b96 82252 bind9_9.11.5.P1+dfsg-1ubuntu2.debian.tar.xz
 06e15b3f0510848bb12088f2465151b7c80bbe2b 8027 bind9_9.11.5.P1+dfsg-1ubuntu2_source.buildinfo
Checksums-Sha256:
 8e3b7b9ba4fc322025ab6e6ed19f275d678740a5c15c2254ec3b665d85228085 3963 bind9_9.11.5.P1+dfsg-1ubuntu2.dsc
 d53ae9d8681f3f211ea4c054bc06c78943c32c74c108a2c601434236d0b16e93 82252 bind9_9.11.5.P1+dfsg-1ubuntu2.debian.tar.xz
 e0c3635bf7fa02c39209bdaade556cb8cb288b421d51906175f92857075ca7ba 8027 bind9_9.11.5.P1+dfsg-1ubuntu2_source.buildinfo
Files:
 25496c5a2a727ba0a92a37a32ab321f3 3963 net optional bind9_9.11.5.P1+dfsg-1ubuntu2.dsc
 f8e0e6ed7b0c1ee9749fe22252b5b3ea 82252 net optional bind9_9.11.5.P1+dfsg-1ubuntu2.debian.tar.xz
 06c45dcee1d51dd385a5a8c008cd2dba 8027 net optional bind9_9.11.5.P1+dfsg-1ubuntu2_source.buildinfo
Original-Maintainer: Debian DNS Team <team+dns at tracker.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlxv0m4ACgkQZWnYVadE
vpN3LBAAp+dLH8yTeXhuhx1H/+9Npx3/lJtgcpugoSd8rXdZqHvV7phKqfXysJwS
Z16k4W9gG5PO5WCAZmv9iIpynBaR7BtY7GXdpKw7HWxzn6U8BUCUD6+Ge6OMJq6x
D3hhLG11X1TZxGGNUbz1TApYskRP72eLbtHjNzcBghAuPl8r2gy2B8QlplxMdOT2
GFQCyRxbUyksEZxn7Z0iYfKtv+Nl+BEqx4hWTtGIY+I/ZOUeNOPzgQribgS3nsQk
BCISDy7oDkngi1A4dcur1Hiv4AZqZLlDHW/VPtEN1LkKGy3m35Vt/AhWIBfjHwSj
GHriBTGCGIpOn9Qf/gcpxjSGynYByrSpVUfXwpTThNEMSarxLeAAWN5/N4XE9c4t
AW/TeR8rLibNhUZBSnMP/86kHsS6RV2SWXtBVLpLA8yl+9A9oVv/qSFuKj8zt4wS
bGBVpnLc/Un/lVFKE2gAa+Km4A8lC8zsAmGlNPocVn6qITkB2gF1UNQ4KZbymjck
3JV5kRbA1d5o8tbigDhzyfN2rIFkCvZrctNe/uRbaxm8WKjdGNJdm0uOlKKUV7Li
ZTEwhSdrN+aiiQteAaBheus+jGqqB1yIa+kRY+OOpTFHBQxSp1qUj/tLFJj2SJQW
wO/4KpmnIrFuaWZg+n91HGzNEvVqfDKej4XGbs/o39dVeJMeJsQ=
=XO09
-----END PGP SIGNATURE-----


More information about the Disco-changes mailing list