[ubuntu/zesty-proposed] bind9 1:9.10.3.dfsg.P4-10.1ubuntu4 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Feb 16 19:38:15 UTC 2017


bind9 (1:9.10.3.dfsg.P4-10.1ubuntu4) zesty; urgency=medium

  * SECURITY UPDATE: Combining dns64 and rpz can result in dereferencing
    a NULL pointer
    - debian/patches/CVE-2017-3135.patch: properly handle dns64 and rpz
      combination in bin/named/query.c, lib/dns/message.c,
      lib/dns/rdataset.c.
    - CVE-2017-3135
  * SECURITY UPDATE: regression in CVE-2016-8864
    - debian/patches/rt44318.patch: synthesised CNAME before matching DNAME
      was still being cached when it should have been in lib/dns/resolver.c,
      added tests to bin/tests/system/dname/ans3/ans.pl,
      bin/tests/system/dname/ns1/root.db, bin/tests/system/dname/tests.sh.
    - No CVE number

Date: Wed, 15 Feb 2017 09:37:39 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-10.1ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 15 Feb 2017 09:37:39 -0500
Source: bind9
Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-140 libdns162 libirs141 libisc160 liblwres141 libisccc140 libisccfg140 dnsutils lwresd libbind-export-dev libdns-export162 libdns-export162-udeb libisc-export160 libisc-export160-udeb libisccfg-export140 libisccc-export140 libisccc-export140-udeb libisccfg-export140-udeb libirs-export141 libirs-export141-udeb
Architecture: source
Version: 1:9.10.3.dfsg.P4-10.1ubuntu4
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 bind9      - Internet Domain Name Server
 bind9-doc  - Documentation for BIND
 bind9-host - Version of 'host' bundled with BIND 9.X
 bind9utils - Utilities for BIND
 dnsutils   - Clients provided with BIND
 host       - Transitional package
 libbind-dev - Static Libraries and Headers used by BIND
 libbind-export-dev - Development files for the exported BIND libraries
 libbind9-140 - BIND9 Shared Library used by BIND
 libdns-export162 - Exported DNS Shared Library
 libdns-export162-udeb - Exported DNS library for debian-installer (udeb)
 libdns162  - DNS Shared Library used by BIND
 libirs-export141 - Exported IRS Shared Library
 libirs-export141-udeb - Exported IRS library for debian-installer (udeb)
 libirs141  - DNS Shared Library used by BIND
 libisc-export160 - Exported ISC Shared Library
 libisc-export160-udeb - Exported ISC library for debian-installer (udeb)
 libisc160  - ISC Shared Library used by BIND
 libisccc-export140 - Command Channel Library used by BIND
 libisccc-export140-udeb - Command Channel Library used by BIND (udeb)
 libisccc140 - Command Channel Library used by BIND
 libisccfg-export140 - Exported ISC CFG Shared Library
 libisccfg-export140-udeb - Exported ISC CFG library for debian-installer (udeb)
 libisccfg140 - Config File Handling Library used by BIND
 liblwres141 - Lightweight Resolver Library used by BIND
 lwresd     - Lightweight Resolver Daemon
Changes:
 bind9 (1:9.10.3.dfsg.P4-10.1ubuntu4) zesty; urgency=medium
 .
   * SECURITY UPDATE: Combining dns64 and rpz can result in dereferencing
     a NULL pointer
     - debian/patches/CVE-2017-3135.patch: properly handle dns64 and rpz
       combination in bin/named/query.c, lib/dns/message.c,
       lib/dns/rdataset.c.
     - CVE-2017-3135
   * SECURITY UPDATE: regression in CVE-2016-8864
     - debian/patches/rt44318.patch: synthesised CNAME before matching DNAME
       was still being cached when it should have been in lib/dns/resolver.c,
       added tests to bin/tests/system/dname/ans3/ans.pl,
       bin/tests/system/dname/ns1/root.db, bin/tests/system/dname/tests.sh.
     - No CVE number
Checksums-Sha1:
 849a1b3a31d27b0c8652485783ffc397959b74ae 3840 bind9_9.10.3.dfsg.P4-10.1ubuntu4.dsc
 1bff38d25a9c9d564b408285d1153fb3a091e410 77716 bind9_9.10.3.dfsg.P4-10.1ubuntu4.debian.tar.xz
Checksums-Sha256:
 52150053ab5b98e5d95272cff41c626b51597786f704559f75c5daec4dab5097 3840 bind9_9.10.3.dfsg.P4-10.1ubuntu4.dsc
 b992618fa0d951b213909a57ff8a106a4a7d2344a2fce77a9bb89fd87091c1f8 77716 bind9_9.10.3.dfsg.P4-10.1ubuntu4.debian.tar.xz
Files:
 cdbe76926eb2cd00f257434c94b23dbf 3840 net optional bind9_9.10.3.dfsg.P4-10.1ubuntu4.dsc
 ebfdf4cc89d60fe3779ca6a787e2a581 77716 net optional bind9_9.10.3.dfsg.P4-10.1ubuntu4.debian.tar.xz
Original-Maintainer: LaMont Jones <lamont at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJYpHNoAAoJEGVp2FWnRL6TTUUQALKRgbTqAM4cbcSH7Rt1M5mR
aC89VRwO6VfOR7NJZsh8H+/55GENwQj0q08bzNkL0xbqXTO+nkru3UY8O/N6oD4M
M7N735luGkrrkqKD/0KCmnzuorR42sy5mUK9IXIf4maQHJHKEnpSmBHsVlMg5P+M
IZM//pM94MNnJlEQhWRxzK2WoBXJO9sAizO/L7+UPUoz3pjiyHOe/FD2eteL2xXc
r0uEMHYBlVVewB5Obt7HFQi2RTuGf+fbe/6I+d/QRn025K891wPE1nY0mrRKTPFb
HXGLj/RMVi6FW5recqwbZgECiNHMXgS1rb+AVBT+femgR35Qrj8fyzoUulCnWyKp
j5LqLvFtItozceZ9sOAf90oPdRNmfS0FZpvaDcJVLejvavk+4PosMvoxfOpnv5mf
vx8m2PgrqrtAyX6zLK0nqvq/89xneL7TH8XzrEi/I9ohQhljyvkDbW+aN5TFBkPf
6VYtvlxKAG6RRnXXH8Vi+L3KU7rQE+/CW8c+z5+LzI/CKkgINfTekeom6VDa2Dp5
SXw20ooWkceC7W8V41pHiVV5FMd/XAoVB1IoJ6fppWogq5RXfNUcmSLvDkzJUvXS
MX2HZTF6Ge9JGrJF4dTmIwLVvJMUiY00QbOIVeTaevgQ0ZDaHKWFQLYh1P6NFTtC
H/9zRdLCzkM0N4fVBfof
=Ac9O
-----END PGP SIGNATURE-----


More information about the Zesty-changes mailing list