[ubuntu/oracular-security] bind9 1:9.20.0-2ubuntu3.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jan 29 17:28:49 UTC 2025
bind9 (1:9.20.0-2ubuntu3.1) oracular-security; urgency=medium
* SECURITY UPDATE: Many records in the additional section cause CPU
exhaustion
- debian/patches/CVE-2024-11187.patch: limit the additional processing
for large RDATA sets in bin/tests/*, lib/dns/include/dns/rdataset.h,
lib/dns/qpzone.c, lib/dns/rbt-zonedb.c, lib/dns/rdataset.c,
lib/dns/resolver.c, lib/ns/query.c.
- CVE-2024-11187
* SECURITY UPDATE: DNS-over-HTTPS implementation suffers from multiple
issues under heavy query load
- debian/patches/CVE-2024-12705.patch: fix flooding issues in
lib/isc/netmgr/http.c, lib/isc/netmgr/netmgr-int.h,
lib/isc/netmgr/proxystream.c, lib/isc/netmgr/streamdns.c,
lib/isc/netmgr/tcp.c, lib/isc/netmgr/tlsstream.c,
- CVE-2024-12705
Date: 2025-01-28 14:53:11.214648+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.20.0-2ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list