bind9 1:9.16.1-0ubuntu2.3 source package in Ubuntu
Changelog
bind9 (1:9.16.1-0ubuntu2.3) focal-security; urgency=medium
* SECURITY UPDATE: A specially crafted large TCP payload can trigger an
assertion failure
- debian/patches/CVE-2020-8620.patch: add extra checks to
lib/isc/netmgr/netmgr-int.h, lib/isc/netmgr/netmgr.c,
lib/isc/netmgr/tcp.c, lib/isc/netmgr/udp.c.
- CVE-2020-8620
* SECURITY UPDATE: Attempting QNAME minimization after forwarding can
lead to an assertion failure
- debian/patches/CVE-2020-8621.patch: disable QNAME minimization in
lib/dns/resolver.c.
- CVE-2020-8621
* SECURITY UPDATE: A truncated TSIG response can lead to an assertion
failure
- debian/patches/CVE-2020-8622.patch: move code in lib/dns/message.c.
- CVE-2020-8622
* SECURITY UPDATE: A flaw in native PKCS#11 code can lead to a remotely
triggerable assertion failure
- debian/patches/CVE-2020-8623.patch: add extra checks in
lib/dns/pkcs11rsa_link.c, lib/isc/include/pk11/internal.h,
lib/isc/pk11.c.
- CVE-2020-8623
* SECURITY UPDATE: update-policy rules of type subdomain were enforced
incorrectly
- debian/patches/CVE-2020-8624.patch: add extra check in
bin/named/zoneconf.c.
- CVE-2020-8624
-- Marc Deslauriers <email address hidden> Tue, 18 Aug 2020 07:38:53 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| bind9_9.16.1.orig.tar.xz | 4.3 MiB | a913d7e78135b9123d233215b58102fa0f18130fb1e158465a1c2b6f3bd75e91 |
| bind9_9.16.1-0ubuntu2.3.debian.tar.xz | 74.7 KiB | 6ec8f197d3d72d33f080002f48db29b54ad6db9e9b370281be3ee35ba5662173 |
| bind9_9.16.1-0ubuntu2.3.dsc | 2.7 KiB | 773d93a51623b3ae2dbf74cc30c69bf3cde010642117c5778b76b235970a2d2f |
Available diffs
Binary packages built by this source
- bind9: Internet Domain Name Server
The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
name server. BIND 9 is the most widely-used name server software on the
Internet, and is supported by the Internet Software Consortium, www.isc.org.
.
This package provides the server and related configuration files.
- bind9-dbgsym: debug symbols for bind9
- bind9-dnsutils: Clients provided with BIND 9
The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
name server. BIND 9 is the most widely-used name server software on the
Internet, and is supported by the Internet Software Consortium, www.isc.org.
.
This package delivers various client programs related to DNS that are
derived from the BIND 9 source tree.
.
- dig - query the DNS in various ways
- nslookup - the older way to do it
- nsupdate - perform dynamic updates (See RFC2136)
- bind9-dnsutils-dbgsym: debug symbols for bind9-dnsutils
- bind9-doc: Documentation for BIND 9
This package provides various documents that are useful for maintaining a
working BIND 9 installation.
- bind9-host: DNS Lookup Utility
This package provides the 'host' DNS lookup utility in the form that
is bundled with the BIND 9 sources.
- bind9-host-dbgsym: debug symbols for bind9-host
- bind9-libs: Shared Libraries used by BIND 9
The Berkeley Internet Name Domain (BIND 9) implements an Internet domain
name server. BIND 9 is the most widely-used name server software on the
Internet, and is supported by the Internet Software Consortium, www.isc.org.
.
This package contains a bundle of shared libraries used by BIND 9.
- bind9-libs-dbgsym: debug symbols for bind9-libs
- bind9-utils: Utilities for BIND 9
This package provides various utilities that are useful for maintaining a
working BIND 9 installation.
- bind9-utils-dbgsym: debug symbols for bind9-utils
- bind9utils: Transitional package for bind9-utils
This is a transitional package. It can safely be removed.
- dnsutils: Transitional package for bind9-dnsutils
This is a transitional package. It can safely be removed.
