[ubuntu/mantic-security] bind9 1:9.18.18-0ubuntu2.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Feb 13 15:23:11 UTC 2024
bind9 (1:9.18.18-0ubuntu2.1) mantic-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- debian/patches/0001-CVE-2023-4408.patch: Parsing large DNS messages
may cause excessive CPU load.
- debian/patches/0002-CVE-2023-5517.patch: Querying RFC 1918 reverse
zones may cause an assertion failure when nxdomain-redirect is
enabled.
- debian/patches/0003-CVE-2023-5679.patch: Enabling both DNS64 and
serve-stale may cause an assertion failure during recursive
resolution.
- debian/patches/0004-CVE-2023-50387-CVE-2023-50868.patch: Extreme CPU
consumption in DNSSEC validator and Preparing an NSEC3 closest
encloser proof can exhaust CPU resources.
- CVE-2023-4408
- CVE-2023-5517
- CVE-2023-5679
- CVE-2023-50387
- CVE-2023-50868
Date: 2024-02-13 12:56:13.757865+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.18.18-0ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the mantic-changes
mailing list