Format: 1.8 Date: Tue, 18 Aug 2020 07:38:53 -0400 Source: bind9 Binary: bind9 bind9-dnsutils bind9-host bind9-libs bind9-utils Architecture: i386 i386_translations Version: 1:9.16.1-0ubuntu2.3 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: bind9 - Internet Domain Name Server bind9-dnsutils - Clients provided with BIND 9 bind9-host - DNS Lookup Utility bind9-libs - Shared Libraries used by BIND 9 bind9-utils - Utilities for BIND 9 Changes: bind9 (1:9.16.1-0ubuntu2.3) focal-security; urgency=medium . * SECURITY UPDATE: A specially crafted large TCP payload can trigger an assertion failure - debian/patches/CVE-2020-8620.patch: add extra checks to lib/isc/netmgr/netmgr-int.h, lib/isc/netmgr/netmgr.c, lib/isc/netmgr/tcp.c, lib/isc/netmgr/udp.c. - CVE-2020-8620 * SECURITY UPDATE: Attempting QNAME minimization after forwarding can lead to an assertion failure - debian/patches/CVE-2020-8621.patch: disable QNAME minimization in lib/dns/resolver.c. - CVE-2020-8621 * SECURITY UPDATE: A truncated TSIG response can lead to an assertion failure - debian/patches/CVE-2020-8622.patch: move code in lib/dns/message.c. - CVE-2020-8622 * SECURITY UPDATE: A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure - debian/patches/CVE-2020-8623.patch: add extra checks in lib/dns/pkcs11rsa_link.c, lib/isc/include/pk11/internal.h, lib/isc/pk11.c. - CVE-2020-8623 * SECURITY UPDATE: update-policy rules of type subdomain were enforced incorrectly - debian/patches/CVE-2020-8624.patch: add extra check in bin/named/zoneconf.c. - CVE-2020-8624 Checksums-Sha1: a937e755096b4ff09fe16e5905379136ced858cf 477536 bind9-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 7be2213df94443364ed9c6ff4b24fe7f1fa0f041 272652 bind9-dnsutils-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb c5d39c01c448e263a1130179f374410eafad850b 140944 bind9-dnsutils_9.16.1-0ubuntu2.3_i386.deb 84044b0a4bb31ded43b5eeb537cb43c3b54cbc66 75000 bind9-host-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 9fff7a8b11d86345721965d2925fa725536a07c5 46292 bind9-host_9.16.1-0ubuntu2.3_i386.deb 9263cea87abdf85cdca26373616ed59b28974c95 2956040 bind9-libs-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 6ab299dcaee6bfe0deabd24f3d74342c6e0fa225 1194624 bind9-libs_9.16.1-0ubuntu2.3_i386.deb cab656c7da00e299b0bc0cb3da25db0349cfa225 256680 bind9-utils-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 3effee5b086e5ebd988cb66490561fa93d5a6978 178264 bind9-utils_9.16.1-0ubuntu2.3_i386.deb 3c9f524d53fd339f47dcaf8787ca71cc0bcb4fb2 10871 bind9_9.16.1-0ubuntu2.3_i386.buildinfo ebca02af4946ddb5dc2397a61b57cc5d1c4d1148 243296 bind9_9.16.1-0ubuntu2.3_i386.deb fb8565400bba091227e81d59b9edc36a14f9252a 12986 bind9_9.16.1-0ubuntu2.3_i386_translations.tar.gz Checksums-Sha256: 7a872c4b2d092e17ab0a0338b0db45cd426cf32d2f5bc6f66333280fd9aa93af 477536 bind9-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 60739fe3e3fcd24d17741649415bc979a6fb4a24110e2d2c33bb2b84654c836f 272652 bind9-dnsutils-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 738c5d63aa349421aa35322fbb09d434503f98ecf1309579af45796503bf8736 140944 bind9-dnsutils_9.16.1-0ubuntu2.3_i386.deb 6ce1e146a7f5697db6ea312441814e7e872e9890589d10b040f65ead9d923fb1 75000 bind9-host-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 1d65b5042626289531373c6710aa4f73fa1d3283ebbfe17102238305c11809ae 46292 bind9-host_9.16.1-0ubuntu2.3_i386.deb 3ab31594f08a41c49037e3bf592302da8a052365a82c41674825a3ca0f04d1bd 2956040 bind9-libs-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 3f0e26b99245f9fb6f401db8ba0a6627d033344edf61699eacc1491e06517adc 1194624 bind9-libs_9.16.1-0ubuntu2.3_i386.deb 6255c9cc45b4101f067fb57f7c88fc7bc33d58a09b3dcf27c0286441c6de2d31 256680 bind9-utils-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 8b2f1adc1842f981a96fb9f89b79499d389c979df5993cf19ab4ab368fd623e1 178264 bind9-utils_9.16.1-0ubuntu2.3_i386.deb aac2d3c6e6dacf2d66af179279f9cc6d0cfdce4ec6842a2929b35faf7ef2a55c 10871 bind9_9.16.1-0ubuntu2.3_i386.buildinfo fc89eace60feb92cc09816a115b3e38ef72ba398dcd938edc1fdfedcf321744f 243296 bind9_9.16.1-0ubuntu2.3_i386.deb 67f679de4f9836956613b4c0d52be4f02a6780a110edcae507714c0f684b7661 12986 bind9_9.16.1-0ubuntu2.3_i386_translations.tar.gz Files: 84a36923c1c8d798b8da8895a0d12bb2 477536 debug optional bind9-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 1724fa4a7f08352ea2ffae755343456d 272652 debug optional bind9-dnsutils-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 45e64f626c58e3488cb035a2bc546b6f 140944 net standard bind9-dnsutils_9.16.1-0ubuntu2.3_i386.deb 3503c233f6b139b341d3c48ca68d45c7 75000 debug optional bind9-host-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb c5224acde09bae1aaafd919ac2084a8c 46292 net standard bind9-host_9.16.1-0ubuntu2.3_i386.deb 7cbd989dd9fbc860484ef3d5365a1ac8 2956040 debug optional bind9-libs-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb b46c7e96cb6fe2b8899cbd9f35cf544e 1194624 libs standard bind9-libs_9.16.1-0ubuntu2.3_i386.deb 28bf10f1c2b2f5a5ab615ea5b5ed1e25 256680 debug optional bind9-utils-dbgsym_9.16.1-0ubuntu2.3_i386.ddeb 72d7749e0289db53a021856d9fdd0325 178264 net optional bind9-utils_9.16.1-0ubuntu2.3_i386.deb c3a5ea7f127da9e9f28ab014b3cc8ece 10871 net optional bind9_9.16.1-0ubuntu2.3_i386.buildinfo cd900ba8767bf0b6293fa1656bdda763 243296 net optional bind9_9.16.1-0ubuntu2.3_i386.deb 91a4ec9595d6e168d3ab230a8e245e6d 12986 raw-translations - bind9_9.16.1-0ubuntu2.3_i386_translations.tar.gz Original-Maintainer: Debian DNS Team