[ubuntu/groovy-proposed] bind9 1:9.16.4-1ubuntu1 (Accepted)

[Andreas Hasenack]

bind9 (1:9.16.4-1ubuntu1) groovy; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - Don't build dnstap as it depends on universe packages:
      + d/control: drop build-depends on libfstrm-dev, libprotobuf-c-dev and
        protobuf-c-compiler (universe packages)
      + d/dnsutils.install: don't install dnstap
      + d/libdns1104.symbols: don't include dnstap symbols
      + d/rules: don't build dnstap nor install dnstap.proto
    - Add back apport:
      + d/bind9.apport: add back old bind9 apport hook, but without calling
        attach_conffiles() since that is already done by apport itself, with
        confirmation from the user.
      + d/control, d/rules: buil-depends on dh-apport and use it
    - d/t/simpletest: drop the internetsociety.org test as it requires
      network egress access that is not available in the Ubuntu autopkgtest
      farm.
    - d/NEWS: mention some of the bigger changes in 9.16.0 packaging
    - d/t/control: change the dep8 test dependency to be on the real
      bind9-dnsutils package, and not the transitional one (LP #1864761)
    - d/rules: change deprecated --with-libjson-c configure argument to
      --with-json-c
  * Dropped:
    - SECURITY UPDATE: assertion when attempting to fill oversized TCP buffer
      + debian/patches/CVE-2020-8618.patch: add fix to lib/ns/client.c,
        lib/ns/include/ns/client.h, lib/ns/xfrout.c.
      + CVE-2020-8618
      [Fixed upstream]
    - SECURITY UPDATE: INSIST failure when a zone with an interior wildcard
      label was queried in a certain pattern
      + debian/patches/CVE-2020-8619.patch: add fix to lib/dns/rbtdb.c.
      + CVE-2020-8619
      [Fixed upstream]
  * Added changes:
    - d/not-installed: list dnstap-read.1 manpage, which is being
      installed by the makefile even when dnstap is disabled.

bind9 (1:9.16.4-1) unstable; urgency=medium

  * New upstream version 9.16.4
  * Update Debian packaging for sphinx-doc documentation

Date: Mon, 06 Jul 2020 15:22:36 -0300
Changed-By: Andreas Hasenack <andreas at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.16.4-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 06 Jul 2020 15:22:36 -0300
Source: bind9
Architecture: source
Version: 1:9.16.4-1ubuntu1
Distribution: groovy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Hasenack <andreas at canonical.com>
Changes:
 bind9 (1:9.16.4-1ubuntu1) groovy; urgency=medium
 .
   * Merge with Debian unstable. Remaining changes:
     - Don't build dnstap as it depends on universe packages:
       + d/control: drop build-depends on libfstrm-dev, libprotobuf-c-dev and
         protobuf-c-compiler (universe packages)
       + d/dnsutils.install: don't install dnstap
       + d/libdns1104.symbols: don't include dnstap symbols
       + d/rules: don't build dnstap nor install dnstap.proto
     - Add back apport:
       + d/bind9.apport: add back old bind9 apport hook, but without calling
         attach_conffiles() since that is already done by apport itself, with
         confirmation from the user.
       + d/control, d/rules: buil-depends on dh-apport and use it
     - d/t/simpletest: drop the internetsociety.org test as it requires
       network egress access that is not available in the Ubuntu autopkgtest
       farm.
     - d/NEWS: mention some of the bigger changes in 9.16.0 packaging
     - d/t/control: change the dep8 test dependency to be on the real
       bind9-dnsutils package, and not the transitional one (LP #1864761)
     - d/rules: change deprecated --with-libjson-c configure argument to
       --with-json-c
   * Dropped:
     - SECURITY UPDATE: assertion when attempting to fill oversized TCP buffer
       + debian/patches/CVE-2020-8618.patch: add fix to lib/ns/client.c,
         lib/ns/include/ns/client.h, lib/ns/xfrout.c.
       + CVE-2020-8618
       [Fixed upstream]
     - SECURITY UPDATE: INSIST failure when a zone with an interior wildcard
       label was queried in a certain pattern
       + debian/patches/CVE-2020-8619.patch: add fix to lib/dns/rbtdb.c.
       + CVE-2020-8619
       [Fixed upstream]
   * Added changes:
     - d/not-installed: list dnstap-read.1 manpage, which is being
       installed by the makefile even when dnstap is disabled.
 .
 bind9 (1:9.16.4-1) unstable; urgency=medium
 .
   * New upstream version 9.16.4
   * Update Debian packaging for sphinx-doc documentation
Checksums-Sha1:
 38f0efd63b45afbf884b5ecc94f0e772ed1fc9c5 2794 bind9_9.16.4-1ubuntu1.dsc
 e6cb05910a6bb9dbc36b3b6d88de7b28fa78c299 3465172 bind9_9.16.4.orig.tar.xz
 229e73dc3543a59687dee2c71a127e7dc984bdad 68040 bind9_9.16.4-1ubuntu1.debian.tar.xz
 0b3d2f015a41e6c258ef09f7e39d652fef5875b2 9380 bind9_9.16.4-1ubuntu1_source.buildinfo
Checksums-Sha256:
 6039a20448a05d66cc9b56ba609220dc2c08ddcb324c3b466c8de348fd6d7e2a 2794 bind9_9.16.4-1ubuntu1.dsc
 7522088d3daac8bcabaae37998178e09139ef5ccae6631cb1d8a625b770f370a 3465172 bind9_9.16.4.orig.tar.xz
 0dec0260692cf28b880b5e22773cdc426ef1997254c34b742b2a651d7caa2733 68040 bind9_9.16.4-1ubuntu1.debian.tar.xz
 79ba0d406ab524b67c875d23ad7ed31bbce1bd3abe497cede3fcbfc0d50aab74 9380 bind9_9.16.4-1ubuntu1_source.buildinfo
Files:
 770b30d839421411b8d4b4f6384e6ec0 2794 net optional bind9_9.16.4-1ubuntu1.dsc
 35c9ac52b75232e9e6b96265bebca616 3465172 net optional bind9_9.16.4.orig.tar.xz
 06b4d3c5d623240af704ecba2a739bcd 68040 net optional bind9_9.16.4-1ubuntu1.debian.tar.xz
 7e63be9a5b36ea4b3a271696e9628fd2 9380 net optional bind9_9.16.4-1ubuntu1_source.buildinfo
Original-Maintainer: Debian DNS Team <team+dns at tracker.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEiGZB1jWM2kalbBxyrJg+tb9ry6kFAl8F1lIACgkQrJg+tb9r
y6mscxAAlLZH/JP1PeMgkKfbXPLcudc8q9B9Zj+iQ7t1BpmG9SSDur0PN5/5J2q3
Ol5FRSOF6rCb+InlTajIpWeu/X3GV9/20iLU08slQ3slo4+G+0e9Cf8CFQvKV5E8
aeACj+xPMjQICfpWvKJDICLiVIDzwBZ0DihHC5oSHE0hKwafXD7B2AHsuU97zRo1
FIOsNuJ9CZuKmQXZWqlvQjuyOmGbj5BUikjvD7ogUdPLH5pgb8vthI8XPtPql9XW
uuOYBtR5InPg1t4tS3/pwO0Zcfl+/V/hzh5XDV1JBpXz+67DfFrY17P22k7pR7Af
/jtlTX3FigknIzIqg7+TYk/Jt1iYibV4KAgEteuOrvMZBQnPSyRKaLT2+KcfwO26
M1O7Vl/HmqVpEtMUozOZEdvfSrORkjB7aBcuvp9tUnVwIatkpE0dLdrdA8tJbBdD
MMfmc7X4qE63CX0d4YoHOTKqge/6RWQ06oP3NSnx2urybW4OZ70TTcM/b16PhvC7
9SO0kftMN3gVdQx3IfTIhwP6z6UY/7KA8bsTTLj922/fnukrIrDjismocoKNML1o
TksM++IKSuL7kcb8ueI0PcxWoAAqAe1i2aM/65cXBkWu3i82wu3lWkOKuGaaR9B/
WvaPeBFfx1U0/BKdXgg8CKqOqNWG7yi/eXSV9Gj6YqoQ8NpU4zg=
=EKVT
-----END PGP SIGNATURE-----