Superseded
by bind9 - 1:9.18.27-1+ubuntu24.04.1+deb.sury.org+1
Published
Changelog
bind9 (1:9.18.26-1+ubuntu24.04.1+deb.sury.org+1) noble; urgency=medium
* No-change backport to noble.
bind9 (1:9.18.26-1) unstable; urgency=medium
* New upstream version 9.18.26
bind9 (1:9.18.25-1) unstable; urgency=medium
* New upstream version 9.18.25
- A regression caused by CVE-2023-6516 fix could lead into
an out-of-memory condition when the server is under heavy
load.
bind9 (1:9.18.24-1) unstable; urgency=medium
* New upstream version 9.18.24
- CVE-2023-4408: Parsing large DNS messages may cause excessive CPU
load
- CVE-2023-5517: Querying RFC 1918 reverse zones may cause an assertion
failure when "nxdomain-redirect" is enabled
- CVE-2023-5679: Enabling both DNS64 and serve-stale may cause an
assertion failure during recursive resolution
- CVE-2023-6516: Specific recursive query patterns may lead to an
out-of-memory condition
- CVE-2023-50387: KeyTrap - Extreme CPU consumption in DNSSEC validator
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof can exhaust
CPU resources
-- Ondřej Surý <email address hidden> Wed, 17 Apr 2024 23:45:39 +0200