[ubuntu/precise-security] bind9 1:9.8.1.dfsg.P1-4ubuntu0.22 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Mon Apr 17 17:00:23 UTC 2017
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.22) precise-security; urgency=medium
* SECURITY UPDATE: Denial of Service due to an error handling
synthesized records when using DNS64 with "break-dnssec yes;"
- bin/named/query.c: reset noqname if query_dns64() called.
- CVE-2017-3136
* SECURITY UPDATE: Denial of Service due to resolver terminating when
processing a response packet containing a CNAME or DNAME
- lib/dns/resolver.c: don't expect a specific
ordering of answer components
- lib/dns/name.c: remove part of assertion that triggers in
dns_name_split() (partial cherrypick of upstream
dc3912f3caac1104fef441fd18571b7a975708ea
- bin/tests/system/dname/ns2/example.db,
bin/tests/system/dname/tests.sh: add testcases.
- CVE-2017-3137
* SECURITY UPDATE: Denial of Service when receiving a null command on
the control channel
- lib/isc/lex.c, lib/isc/include/isc/lex.h: don't throw an assert if no
command token is given
- CVE-2017-3138
Date: 2017-04-13 10:17:13.336093+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4ubuntu0.22
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list