[ubuntu/yakkety-security] bind9 1:9.10.3.dfsg.P4-10.1ubuntu1.6 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Mon Apr 17 17:00:38 UTC 2017

bind9 (1:9.10.3.dfsg.P4-10.1ubuntu1.6) yakkety-security; urgency=medium

  * SECURITY UPDATE: Denial of Service due to an error handling
    synthesized records when using DNS64 with "break-dnssec yes;"
    - debian/patches/CVE-2017-3136.patch: reset noqname if query_dns64()
    - CVE-2017-3136
  * SECURITY UPDATE: Denial of Service due to resolver terminating when
    processing a response packet containing a CNAME or DNAME
    - debian/patches/CVE-2017-3137.patch: don't expect a specific
      ordering of answer components; add testcases.
    - CVE-2017-3137
  * SECURITY UPDATE: Denial of Service when receiving a null command on
    the control channel
    - debian/patches/CVE-2017-3138.patch: don't throw an assert if no
      command token is given; add testcase.
    - CVE-2017-3138

bind9 (1:9.10.3.dfsg.P4-10.1ubuntu1.4) yakkety; urgency=medium

  * Add RemainAfterExit to bind9-resolvconf unit configuration file
    (LP: #1536181).

Date: 2017-04-13 20:03:13.370159+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Yakkety-changes mailing list