[ubuntu/zesty-proposed] bind9 1:9.10.3.dfsg.P4-10.1ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Jan 25 15:46:17 UTC 2017 

bind9 (1:9.10.3.dfsg.P4-10.1ubuntu3) zesty; urgency=medium

  * SECURITY UPDATE: assertion failure via class mismatch
    - debian/patches/CVE-2016-9131.patch: properly handle certain TKEY
      records in lib/dns/resolver.c.
    - CVE-2016-9131
  * SECURITY UPDATE: assertion failure via inconsistent DNSSEC information
    - debian/patches/CVE-2016-9147.patch: fix logic when records are
      returned without the requested data in lib/dns/resolver.c.
    - CVE-2016-9147
  * SECURITY UPDATE: assertion failure via unusually-formed DS record
    - debian/patches/CVE-2016-9444.patch: handle missing RRSIGs in
      lib/dns/message.c, lib/dns/resolver.c.
    - CVE-2016-9444
  * SECURITY UPDATE: regression in CVE-2016-8864
    - debian/patches/rt43779.patch: properly handle CNAME -> DNAME in
      responses in lib/dns/resolver.c, added tests to
      bin/tests/system/dname/ns2/example.db,
      bin/tests/system/dname/tests.sh.
    - No CVE number

Date: Wed, 25 Jan 2017 09:28:10 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-10.1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 25 Jan 2017 09:28:10 -0500
Source: bind9
Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-140 libdns162 libirs141 libisc160 liblwres141 libisccc140 libisccfg140 dnsutils lwresd libbind-export-dev libdns-export162 libdns-export162-udeb libisc-export160 libisc-export160-udeb libisccfg-export140 libisccc-export140 libisccc-export140-udeb libisccfg-export140-udeb libirs-export141 libirs-export141-udeb
Architecture: source
Version: 1:9.10.3.dfsg.P4-10.1ubuntu3
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 bind9      - Internet Domain Name Server
 bind9-doc  - Documentation for BIND
 bind9-host - Version of 'host' bundled with BIND 9.X
 bind9utils - Utilities for BIND
 dnsutils   - Clients provided with BIND
 host       - Transitional package
 libbind-dev - Static Libraries and Headers used by BIND
 libbind-export-dev - Development files for the exported BIND libraries
 libbind9-140 - BIND9 Shared Library used by BIND
 libdns-export162 - Exported DNS Shared Library
 libdns-export162-udeb - Exported DNS library for debian-installer (udeb)
 libdns162  - DNS Shared Library used by BIND
 libirs-export141 - Exported IRS Shared Library
 libirs-export141-udeb - Exported IRS library for debian-installer (udeb)
 libirs141  - DNS Shared Library used by BIND
 libisc-export160 - Exported ISC Shared Library
 libisc-export160-udeb - Exported ISC library for debian-installer (udeb)
 libisc160  - ISC Shared Library used by BIND
 libisccc-export140 - Command Channel Library used by BIND
 libisccc-export140-udeb - Command Channel Library used by BIND (udeb)
 libisccc140 - Command Channel Library used by BIND
 libisccfg-export140 - Exported ISC CFG Shared Library
 libisccfg-export140-udeb - Exported ISC CFG library for debian-installer (udeb)
 libisccfg140 - Config File Handling Library used by BIND
 liblwres141 - Lightweight Resolver Library used by BIND
 lwresd     - Lightweight Resolver Daemon
Changes:
 bind9 (1:9.10.3.dfsg.P4-10.1ubuntu3) zesty; urgency=medium
 .
   * SECURITY UPDATE: assertion failure via class mismatch
     - debian/patches/CVE-2016-9131.patch: properly handle certain TKEY
       records in lib/dns/resolver.c.
     - CVE-2016-9131
   * SECURITY UPDATE: assertion failure via inconsistent DNSSEC information
     - debian/patches/CVE-2016-9147.patch: fix logic when records are
       returned without the requested data in lib/dns/resolver.c.
     - CVE-2016-9147
   * SECURITY UPDATE: assertion failure via unusually-formed DS record
     - debian/patches/CVE-2016-9444.patch: handle missing RRSIGs in
       lib/dns/message.c, lib/dns/resolver.c.
     - CVE-2016-9444
   * SECURITY UPDATE: regression in CVE-2016-8864
     - debian/patches/rt43779.patch: properly handle CNAME -> DNAME in
       responses in lib/dns/resolver.c, added tests to
       bin/tests/system/dname/ns2/example.db,
       bin/tests/system/dname/tests.sh.
     - No CVE number
Checksums-Sha1:
 bd3fe1555ceccaa584aa283861abd8210c3f9366 3840 bind9_9.10.3.dfsg.P4-10.1ubuntu3.dsc
 d449bb7e870062434034a089f3965690f83565fd 73520 bind9_9.10.3.dfsg.P4-10.1ubuntu3.debian.tar.xz
Checksums-Sha256:
 ed29b898d38f8df925693f429157e35ad07ee8618dcdef13e6b3d4c52dbbdbc2 3840 bind9_9.10.3.dfsg.P4-10.1ubuntu3.dsc
 e203a703b4b2d33709409c647e964abca1d74cf886729be8f13bf98f8165a133 73520 bind9_9.10.3.dfsg.P4-10.1ubuntu3.debian.tar.xz
Files:
 c61d1a9379a844b3c059acd13db21434 3840 net optional bind9_9.10.3.dfsg.P4-10.1ubuntu3.dsc
 59625f0bdd162f0c6d65819c2512020c 73520 net optional bind9_9.10.3.dfsg.P4-10.1ubuntu3.debian.tar.xz
Original-Maintainer: LaMont Jones <lamont at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJYiLvoAAoJEGVp2FWnRL6T8QEP/3PnFv4/FDBd2cNeONPyygC2
DwS3QVevzNIzbIxRRWE8tyz7/rVU7090hNLELUn2Yd0+USyz0dZBPyr1IjYk6H2w
qWq48b3hPUn6ly7pOYljAukEu0xAU6rN9M5lSzjY/AnqsyG0/bCj0xum4xgn1Z/0
chhhm5Ydy2jzE+I5Jh1k0hZaQKDea3AiW//FZOaTWbPTGajUQfaBobfeaYrgTsY8
34DVzN+0KWCvoqIUOwJmXUWSjqztBStIX9LGiMLEwcXgkWsfx9w0drqAKGrVd19Q
sZTozg+4qQhV903rjyitoecz/R7n4mGQ+H581ZoQDO3jg0yUx8F0miOKIr57n+F1
s7ZHYUcXohqpU4RvqeroTrWnlNhhL/o+lqr+M6cfVaiCl8M5wN6ybKs1nymTL3vb
pYMlqx5jChSpfewsJeXGouMb4KS7lR45ZLZCXpxCbw8tBnL2Y124woaJ4peU+P1p
94BDEeO1wma4s7026oO+M4nFl2CHAlt9pkKW9CZHwPOJloOydM/TDgN8WAIXvtsy
tZF1TATIOpe/Mkjg8EyZDViW9fdoSxUEMgBjcixLQoTmVY6Ef187CPd7T2VQRRyy
HDsx+mBrv2VJ4vUNmuFsEPP18ZKOpC75miToaKBzFHBGLO2Jo1uK1CMSeA4e0jnu
6y3pZeIRsspPbOxmhRou
=rfb2
-----END PGP SIGNATURE-----

More information about the Zesty-changes mailing list