[ubuntu/jammy-proposed] bind9 1:9.18.0-2ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Mar 17 14:12:13 UTC 2022 

bind9 (1:9.18.0-2ubuntu3) jammy; urgency=medium

  * SECURITY UPDATE: cache poisoning via bogus NS records
    - debian/patches/CVE-2021-25220.patch: tighten rules for acceptance of
      records into the cache in lib/dns/resolver.c.
    - CVE-2021-25220
  * SECURITY UPDATE: DoS via specially crafted TCP stream
    - debian/patches/CVE-2022-0396.patch: ensure correct ordering in
      lib/isc/netmgr/netmgr.c.
    - CVE-2022-0396
  * SECURITY UPDATE: DNAME insist with synth-from-dnssec enabled
    - debian/patches/CVE-2022-0635.patch: fix logic in lib/dns/rbtdb.c.
    - CVE-2022-0635
  * SECURITY UPDATE: Assertion failure on delayed DS lookup
    - debian/patches/CVE-2022-0667.patch: fix logic in lib/dns/resolver.c.
    - CVE-2022-0667

Date: Thu, 17 Mar 2022 09:33:36 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.18.0-2ubuntu3
-------------- next part --------------
Format: 1.8
Date: Thu, 17 Mar 2022 09:33:36 -0400
Source: bind9
Built-For-Profiles: noudeb
Architecture: source
Version: 1:9.18.0-2ubuntu3
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 bind9 (1:9.18.0-2ubuntu3) jammy; urgency=medium
 .
   * SECURITY UPDATE: cache poisoning via bogus NS records
     - debian/patches/CVE-2021-25220.patch: tighten rules for acceptance of
       records into the cache in lib/dns/resolver.c.
     - CVE-2021-25220
   * SECURITY UPDATE: DoS via specially crafted TCP stream
     - debian/patches/CVE-2022-0396.patch: ensure correct ordering in
       lib/isc/netmgr/netmgr.c.
     - CVE-2022-0396
   * SECURITY UPDATE: DNAME insist with synth-from-dnssec enabled
     - debian/patches/CVE-2022-0635.patch: fix logic in lib/dns/rbtdb.c.
     - CVE-2022-0635
   * SECURITY UPDATE: Assertion failure on delayed DS lookup
     - debian/patches/CVE-2022-0667.patch: fix logic in lib/dns/resolver.c.
     - CVE-2022-0667
Checksums-Sha1:
 434e93e60aa7a0f9f840f4df8e3b150f619512df 2943 bind9_9.18.0-2ubuntu3.dsc
 b9e13fd1eb88b5d02aea07233b2d8e4922463794 92128 bind9_9.18.0-2ubuntu3.debian.tar.xz
 12f676b2ab7d55e8274a962ef5a7e98bc1069417 8383 bind9_9.18.0-2ubuntu3_source.buildinfo
Checksums-Sha256:
 3ee4dc6475ed176a1bb315bbd2f04ff8cbe4b322196ed3884965fdf1009ffb2e 2943 bind9_9.18.0-2ubuntu3.dsc
 314aafba83c903d3ea0d510e05d376c80754cd21e210668601605cc9a251e120 92128 bind9_9.18.0-2ubuntu3.debian.tar.xz
 c33785e21c27464546557f76f3f7c37982c4bea2d079f0ae5896434b4fa2658b 8383 bind9_9.18.0-2ubuntu3_source.buildinfo
Files:
 f440b69949c397922b79d80649d222e4 2943 net optional bind9_9.18.0-2ubuntu3.dsc
 7fa117a1c95d01176b49f096ebca1414 92128 net optional bind9_9.18.0-2ubuntu3.debian.tar.xz
 f88d3f6422e58273fde2a45a29f92775 8383 net optional bind9_9.18.0-2ubuntu3_source.buildinfo
Original-Maintainer: Debian DNS Team <team+dns at tracker.debian.org>

More information about the jammy-changes mailing list