-
bind9 (1:9.7.1.dfsg.P2-2ubuntu0.5) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via specially crafted packet
- debian/patches/CVE-2011-4313.patch: correctly handle cache lookups
that return RRSIG data associated with nonexistent records in
bin/named/query.c,lib/dns/rbtdb.c.
- CVE-2011-4313
-- Marc Deslauriers <email address hidden> Wed, 16 Nov 2011 14:27:21 -0500
-
bind9 (1:9.7.1.dfsg.P2-2ubuntu0.4) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via specially crafted packet
- debian/patches/CVE-2011-2464.patch: Use an rdataset attribute flag to
indicate negative-cache records rather than using rrtype 0 in
lib/dns/include/dns/rdataset.h, lib/dns/{masterdump,message,ncache,
nsec3,rbtdb,rdataset,resolver,validator}.c.
- CVE-2011-2464
-- Marc Deslauriers <email address hidden> Tue, 05 Jul 2011 09:07:19 -0400
-
bind9 (1:9.7.1.dfsg.P2-2ubuntu0.3) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via off-by-one
- debian/patches/CVE-2011-1910.patch: correctly validate length in
lib/dns/ncache.c.
- CVE-2011-1910
-- Marc Deslauriers <email address hidden> Fri, 27 May 2011 15:23:52 -0400
-
bind9 (1:9.7.1.dfsg.P2-2ubuntu0.2) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via IXFR or DDNS update
- debian/patches/CVE-2011-0414.patch: Use correct lock in
lib/dns/rbtdb.c.
- CVE-2011-0414
-- Marc Deslauriers <email address hidden> Wed, 23 Feb 2011 08:30:32 -0500
-
bind9 (1:9.7.1.dfsg.P2-2ubuntu0.1) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
same type
- debian/patches/CVE-2010-3613-3614.patch: properly mark existing RRSIG
records as stale in lib/dns/rbtdb.c. Added tests to
bin/tests/system/resolver/*.
- CVE-2010-3613
* SECURITY UPDATE: answers incorrectly marked as insecure during key
algorithm rollover
- debian/patches/CVE-2010-3613-3614.patch: improve logic in
lib/dns/validator.c. Added tests to bin/tests/system/dnssec/*.
- CVE-2010-3614
-- Marc Deslauriers <email address hidden> Tue, 30 Nov 2010 08:39:45 -0500
-
bind9 (1:9.7.1.dfsg.P2-2) unstable; urgency=low
* Correct conflicts for bind9-host
-- LaMont Jones <email address hidden> Wed, 04 Aug 2010 21:19:10 +0100
-
bind9 (1:9.7.1.dfsg.P2-2~build1) maverick; urgency=low
* direct maverick upload.
bind9 (1:9.7.1.dfsg.P2-2) unstable; urgency=low
* Correct conflicts for bind9-host
-- LaMont Jones <email address hidden> Fri, 16 Jul 2010 05:55:41 -0600
-
bind9 (1:9.7.1.dfsg.P2-1~build1) maverick; urgency=low
* ubuntu upload to speed things along
-- LaMont Jones <email address hidden> Thu, 15 Jul 2010 17:11:12 -0600
-
bind9 (1:9.7.1.dfsg-2) unstable; urgency=low
[Regid Ichira]
* explicitly add nsupdate to dynamic updates in README.Debian.
Closes: #577398
[LaMont Jones]
* Cleanup bind9-host description. Closes: #579421
* switch to 3.0 (quilt) source format, but not to quilt. Closes: #578210
[Stephen Gran]
* updated geoip patch for ipv6, based on work by John 'Warthog9' Hawley
<email address hidden>. Closes: #584603
bind9 (1:9.7.1.dfsg-1) unstable; urgency=low
[Internet Software Consortium, Inc]
* 9.7.1
[LaMont Jones]
* Add freebsd support. Closes: #578447
* soname changes
* freshen root cache. LP: #596363
-- LaMont Jones <email address hidden> Tue, 13 Jul 2010 18:52:30 +0100
-
bind9 (1:9.7.0.dfsg.P1-1) unstable; urgency=low
[Internet Software Consortium, Inc]
* 9.7.0-P1
- 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619]
-- LaMont Jones <email address hidden> Mon, 22 Mar 2010 18:18:27 +0000
