-
bind9 (1:9.9.2.dfsg.P1-2ubuntu2.2) raring-security; urgency=low
* SECURITY UPDATE: denial of service when processing NSEC3-signed zone
queries
- debian/patches/CVE-2014-0591.patch: don't call memcpy with
overlapping ranges in bin/named/query.c.
- patch backported from 9.9.4-P2.
- CVE-2014-0591
-- Marc Deslauriers <email address hidden> Fri, 10 Jan 2014 09:42:41 -0500
-
bind9 (1:9.9.2.dfsg.P1-2ubuntu2.1) raring-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect bounds checking on
private type 'keydata'
- lib/dns/rdata/generic/keydata_65533.c: check for correct length.
- Patch backported from 9.9.3-P2
- CVE-2013-4854
-- Marc Deslauriers <email address hidden> Fri, 26 Jul 2013 22:51:51 -0400
-
bind9 (1:9.9.2.dfsg.P1-2ubuntu2) raring; urgency=low
* configure.in: detect libxml 2.9 as well as 2.[678] (LP: #1164475).
* debian/control: add Build-Depends on dh-autoreconf.
* debian/rules: use dh_autoreconf and dh_autoreconf_clean.
-- Robie Basak <email address hidden> Wed, 10 Apr 2013 16:50:28 +0000
-
bind9 (1:9.9.2.dfsg.P1-2ubuntu1) raring; urgency=low
* SECURITY UPDATE: denial of service via regex syntax checking
- configure,configure.in,config.h.in: remove check for regex.h to
disable regex syntax checking.
- CVE-2013-2266
-- Marc Deslauriers <email address hidden> Thu, 28 Mar 2013 15:04:57 -0400
-
bind9 (1:9.9.2.dfsg.P1-2) experimental; urgency=low
[Michael Gilbert]
* Use /var/lib/bind for state file. Closes: #689332
[LaMont Jones]
* zone transfers now involve link(), update the apparmor profile
* Update db.root with new IP for D.root-servers.net. Closes: #697352
* re-drop dlzexternal test
* Reduce log level for "sucessfully validated after lower casing" dnssec
based on mail from Mark Andrews. Closes: #697681
* remove /var/lib/bind/bind9-default.md5sum in postrm
* remove /etc/bind/named.conf.options on purge. Closes: #668801
[Sebastian Wiesinger]
* Build and deliver dnssec-checkds and dnssec-verify in bind9utils
-- LaMont Jones <email address hidden> Wed, 09 Jan 2013 10:09:40 -0700
-
bind9 (1:9.8.4.dfsg-1ubuntu2) raring; urgency=low
* SECURITY UPDATE: denial of service via DNS64 and crafted query
- bin/named/query.c: init rdataset before cleanup.
- Patch backported from 9.8.4-P1
- CVE-2012-5688
-- Marc Deslauriers <email address hidden> Wed, 05 Dec 2012 15:42:08 -0500
-
bind9 (1:9.8.4.dfsg-1ubuntu1) raring; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/bind9.apport: Add AppArmor info and logs to apport hook.
bind9 (1:9.8.4.dfsg-1) unstable; urgency=low
[Matthew Grant]
* Turn off dlopen as it was causing test compile failures.
* Add missing library .postrm files for debhelper
[LaMont Jones]
* New upstream version
* soname fixup
* Ack NMUs
bind9 (1:9.8.1.dfsg.P1-4.3) unstable; urgency=medium
[ Philipp Kern ]
* Non-maintainer upload.
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via specific combinations of RDATA
- bin/named/query.c: fix logic
- Patch backported from 9.8.3-P4
- CVE-2012-5166
-- Marc Deslauriers <email address hidden> Fri, 23 Nov 2012 08:13:50 -0500
-
bind9 (1:9.8.1.dfsg.P1-4.2ubuntu3) quantal; urgency=low
* SECURITY UPDATE: denial of service via specific combinations of RDATA
- bin/named/query.c: fix logic
- Patch backported from 9.8.3-P4
- CVE-2012-5166
-- Marc Deslauriers <email address hidden> Fri, 05 Oct 2012 09:41:37 -0400