* Merge with Debian unstable (LP: #1971250)
Remaining changes:
- Don't build dnstap as it depends on universe packages:
+ d/control: drop build-depends on libfstrm-dev, libprotobuf-c-dev and protobuf-c-compiler (universe packages)
+ d/dnsutils.install: don't install dnstap
+ d/libdns1104.symbols: don't include dnstap symbols
+ d/rules: don't build dnstap nor install dnstap.proto
- Add back apport:
+ d/bind9.apport: add back old bind9 apport hook, but without calling attach_conffiles() since that is already done by apport itself, with confirmation from the user.
+ d/control, d/rules: build-depends on dh-apport and use it
- d/NEWS: mention some of the bigger changes in 9.16.0 packaging
- d/bind9.named.service: use systemd Type=forking to signal daemon init.
This fixes a regression of #900788 where services whose startup depend
on name resolutions may fail due to bind9 not being ready (LP #1899902).
- d/control: remove optional libjemalloc-dev Build-Depends as it is not in
main.
- d/NEWS: mention some of the relevant changes in 9.18.0 packaging
or functionality that may affect usability.
* Dropped changes:
- d/p/lp1964400-lp1964686-Add-digdelv-system-test-to-check-that-dig-tries-othe.patch,
d/p/lp1964400-lp1964686-Add-digdelv-system-test-to-check-timed-out-result-fo.patch,
d/p/lp1964400-lp1964686-Add-various-dig-host-tests-for-TCP-UDP-socket-error-.patch,
d/p/lp1964400-lp1964686-After-dig-request-errors-try-to-use-other-servers-wh.patch,
d/p/lp1964400-lp1964686-Fix-an-issue-in-dig-when-retrying-with-the-next-serv.patch,
d/p/lp1964400-lp1964686-Fix-dig-error-when-trying-the-next-server-after-a-TC.patch,
d/p/lp1964400-lp1964686-When-resending-a-UDP-request-insert-the-query-to-the.patch:
Fix dig error when trying the next server after a TCP connection
failure. This upstream patchset also fixes a crash when using
the "host" command for numeric lookups (LP #1964400) and an
infinite hang when passing a non-existent hostname to "host" (LP
#1964686).
[ Incorporated by upstream. ]
- SECURITY UPDATE: Destroying a TLS session early causes assertion
failure
+ debian/patches/CVE-2022-1183.patch: fix destroying logic in lib/isc/netmgr/netmgr-int.h, lib/isc/netmgr/tlsstream.c.
[ Incorporated by upstream. ]
This bug was fixed in the package bind9 - 1:9.18.4-2ubuntu1
---------------
bind9 (1:9.18.4-2ubuntu1) kinetic; urgency=medium
* Merge with Debian unstable (LP: #1971250)
protobuf- c-compiler (universe packages) symbols: don't include dnstap symbols
attach_ conffiles( ) since that is already done by apport itself, with
confirmation from the user. named.service: use systemd Type=forking to signal daemon init. lp1964686- Add-digdelv- system- test-to- check-that- dig-tries- othe.patch, p/lp1964400- lp1964686- Add-digdelv- system- test-to- check-timed- out-result- fo.patch, p/lp1964400- lp1964686- Add-various- dig-host- tests-for- TCP-UDP- socket- error-. patch, p/lp1964400- lp1964686- After-dig- request- errors- try-to- use-other- servers- wh.patch, p/lp1964400- lp1964686- Fix-an- issue-in- dig-when- retrying- with-the- next-serv. patch, p/lp1964400- lp1964686- Fix-dig- error-when- trying- the-next- server- after-a- TC.patch, p/lp1964400- lp1964686- When-resending- a-UDP-request- insert- the-query- to-the. patch: patches/ CVE-2022- 1183.patch: fix destroying logic in
lib/isc/ netmgr/ netmgr- int.h, lib/isc/ netmgr/ tlsstream. c.
Remaining changes:
- Don't build dnstap as it depends on universe packages:
+ d/control: drop build-depends on libfstrm-dev, libprotobuf-c-dev and
+ d/dnsutils.install: don't install dnstap
+ d/libdns1104.
+ d/rules: don't build dnstap nor install dnstap.proto
- Add back apport:
+ d/bind9.apport: add back old bind9 apport hook, but without calling
+ d/control, d/rules: build-depends on dh-apport and use it
- d/NEWS: mention some of the bigger changes in 9.16.0 packaging
- d/bind9.
This fixes a regression of #900788 where services whose startup depend
on name resolutions may fail due to bind9 not being ready (LP #1899902).
- d/control: remove optional libjemalloc-dev Build-Depends as it is not in
main.
- d/NEWS: mention some of the relevant changes in 9.18.0 packaging
or functionality that may affect usability.
* Dropped changes:
- d/p/lp1964400-
d/
d/
d/
d/
d/
d/
Fix dig error when trying the next server after a TCP connection
failure. This upstream patchset also fixes a crash when using
the "host" command for numeric lookups (LP #1964400) and an
infinite hang when passing a non-existent hostname to "host" (LP
#1964686).
[ Incorporated by upstream. ]
- SECURITY UPDATE: Destroying a TLS session early causes assertion
failure
+ debian/
[ Incorporated by upstream. ]
-- Sergio Durigan Junior <email address hidden> Wed, 20 Jul 2022 05:28:13 -0400