[ubuntu/mantic-proposed] bind9 1:9.18.18-0ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Sat Sep 23 05:10:39 UTC 2023 

bind9 (1:9.18.18-0ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: DoS via recusive packet parsing
    - debian/patches/CVE-2023-3341.patch: add a max depth check to
      lib/isc/include/isc/result.h, lib/isc/result.c, lib/isccc/cc.c.
    - CVE-2023-3341
  * SECURITY UPDATE: Dos via DNS-over-TLS queries
    - debian/patches/CVE-2023-4236.patch: check return code in
      lib/isc/netmgr/tlsdns.c.
    - CVE-2023-4236

Date: Wed, 20 Sep 2023 12:45:21 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.18.18-0ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 20 Sep 2023 12:45:21 -0400
Source: bind9
Built-For-Profiles: noudeb
Architecture: source
Version: 1:9.18.18-0ubuntu2
Distribution: mantic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 bind9 (1:9.18.18-0ubuntu2) mantic; urgency=medium
 .
   * SECURITY UPDATE: DoS via recusive packet parsing
     - debian/patches/CVE-2023-3341.patch: add a max depth check to
       lib/isc/include/isc/result.h, lib/isc/result.c, lib/isccc/cc.c.
     - CVE-2023-3341
   * SECURITY UPDATE: Dos via DNS-over-TLS queries
     - debian/patches/CVE-2023-4236.patch: check return code in
       lib/isc/netmgr/tlsdns.c.
     - CVE-2023-4236
Checksums-Sha1:
 e1f9f415c393e13fcf3290064a36d82663d74c5b 3276 bind9_9.18.18-0ubuntu2.dsc
 f77dd27fdd3afec0e8af377833c334692475ae58 73484 bind9_9.18.18-0ubuntu2.debian.tar.xz
 e10788c8539dd6341c9dc5be76db1547a2145ae3 8092 bind9_9.18.18-0ubuntu2_source.buildinfo
Checksums-Sha256:
 8e6498eeb8a76d3246028b196637b1cbfddd40460e231345ec7d11d1c7d1867d 3276 bind9_9.18.18-0ubuntu2.dsc
 2f5eedd34b8adeded06ddc31259d22c6730eb238759581886c5c308f0a90b223 73484 bind9_9.18.18-0ubuntu2.debian.tar.xz
 ce7b9336b2efb28bb5f99b588ebf389c02f7b26f596d6af72851ce99733ed0fd 8092 bind9_9.18.18-0ubuntu2_source.buildinfo
Files:
 66d504337e7a6029df87af2e379ba67b 3276 net optional bind9_9.18.18-0ubuntu2.dsc
 0729658c1fcc27e0aec329591bd4318e 73484 net optional bind9_9.18.18-0ubuntu2.debian.tar.xz
 2f598683adb1160bca9ae8c940cb4d0e 8092 net optional bind9_9.18.18-0ubuntu2_source.buildinfo
Original-Maintainer: Debian DNS Team <team+dns at tracker.debian.org>

More information about the mantic-changes mailing list