[ubuntu/mantic-security] bind9 1:9.18.18-0ubuntu2.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Feb 13 15:23:11 UTC 2024


bind9 (1:9.18.18-0ubuntu2.1) mantic-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/0001-CVE-2023-4408.patch: Parsing large DNS messages
      may cause excessive CPU load.
    - debian/patches/0002-CVE-2023-5517.patch: Querying RFC 1918 reverse
      zones may cause an assertion failure when nxdomain-redirect is
      enabled.
    - debian/patches/0003-CVE-2023-5679.patch: Enabling both DNS64 and
      serve-stale may cause an assertion failure during recursive
      resolution.
    - debian/patches/0004-CVE-2023-50387-CVE-2023-50868.patch: Extreme CPU
      consumption in DNSSEC validator and Preparing an NSEC3 closest
      encloser proof can exhaust CPU resources.
    - CVE-2023-4408
    - CVE-2023-5517
    - CVE-2023-5679
    - CVE-2023-50387
    - CVE-2023-50868

Date: 2024-02-13 12:56:13.757865+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.18.18-0ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the mantic-changes mailing list