Format: 1.8 Date: Tue, 18 Aug 2020 07:38:53 -0400 Source: bind9 Binary: bind9 bind9-dnsutils bind9-host bind9-libs bind9-utils Architecture: riscv64 riscv64_translations Version: 1:9.16.1-0ubuntu2.3 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: bind9 - Internet Domain Name Server bind9-dnsutils - Clients provided with BIND 9 bind9-host - DNS Lookup Utility bind9-libs - Shared Libraries used by BIND 9 bind9-utils - Utilities for BIND 9 Changes: bind9 (1:9.16.1-0ubuntu2.3) focal-security; urgency=medium . * SECURITY UPDATE: A specially crafted large TCP payload can trigger an assertion failure - debian/patches/CVE-2020-8620.patch: add extra checks to lib/isc/netmgr/netmgr-int.h, lib/isc/netmgr/netmgr.c, lib/isc/netmgr/tcp.c, lib/isc/netmgr/udp.c. - CVE-2020-8620 * SECURITY UPDATE: Attempting QNAME minimization after forwarding can lead to an assertion failure - debian/patches/CVE-2020-8621.patch: disable QNAME minimization in lib/dns/resolver.c. - CVE-2020-8621 * SECURITY UPDATE: A truncated TSIG response can lead to an assertion failure - debian/patches/CVE-2020-8622.patch: move code in lib/dns/message.c. - CVE-2020-8622 * SECURITY UPDATE: A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure - debian/patches/CVE-2020-8623.patch: add extra checks in lib/dns/pkcs11rsa_link.c, lib/isc/include/pk11/internal.h, lib/isc/pk11.c. - CVE-2020-8623 * SECURITY UPDATE: update-policy rules of type subdomain were enforced incorrectly - debian/patches/CVE-2020-8624.patch: add extra check in bin/named/zoneconf.c. - CVE-2020-8624 Checksums-Sha1: a36eb3d09c6a00c7b8a59ccc90e597b6a55a3aef 524124 bind9-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 14dab44d3064421e848a68db126e7b272eeea8ad 297208 bind9-dnsutils-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb b9fcf713769cce4ec04518379de87ee88461d155 131032 bind9-dnsutils_9.16.1-0ubuntu2.3_riscv64.deb dd8a64bc6de84ef55e5d2f9b51f8e3b0395c9523 84752 bind9-host-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb fc467c56dd41edb88d0758184658622b877f5bd1 41664 bind9-host_9.16.1-0ubuntu2.3_riscv64.deb 460e696616c611aa841f23ef330f7820ba345966 3351188 bind9-libs-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 1dc437db6d8673142eb22fefe2894cf59eb305c1 1034352 bind9-libs_9.16.1-0ubuntu2.3_riscv64.deb 1296ee0a98c405e9736d139396b2ceddfcd58293 297956 bind9-utils-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 822fdf4f40765dd308bf796101a614beb3d3916f 168264 bind9-utils_9.16.1-0ubuntu2.3_riscv64.deb 21192bbe15a4bd3b6a5603cc80ed5bba7224cd70 10795 bind9_9.16.1-0ubuntu2.3_riscv64.buildinfo 63f648e44373f7a5ce8a4705c9bef102469ddcc3 218720 bind9_9.16.1-0ubuntu2.3_riscv64.deb 395ff562ec82b9a1e0386e707e9a28f9e5381a77 13148 bind9_9.16.1-0ubuntu2.3_riscv64_translations.tar.gz Checksums-Sha256: dbfa2112fabc52e783a29f7f69794894b005631072dd14e7c8368b6a19d52a0b 524124 bind9-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 2dee618c7ade91f3e8851c107cbea9834c03cfcc032781b2258474ed4dbc0a3b 297208 bind9-dnsutils-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb b9ad1f62e44f5d5b5ab897e6a1483635ba388c46a8fa400416709c759f94b932 131032 bind9-dnsutils_9.16.1-0ubuntu2.3_riscv64.deb 88227619cf01405edcec5b707372ad0304bd97c4f223ab3b322cdd1b4a5f697b 84752 bind9-host-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb c33f89c8e326a7b5fea10b610bfb054f05d41b45f9dba6ff449eea8e42f42044 41664 bind9-host_9.16.1-0ubuntu2.3_riscv64.deb f6576ac7b27c612a9a886d209fd0f925b80e1b3b3c281089e9ebceb4f528cfe5 3351188 bind9-libs-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 5a7d8b7a03ef4ae97ec2913875b74da7d58e795b114de7f3954907604b2e204b 1034352 bind9-libs_9.16.1-0ubuntu2.3_riscv64.deb ea456004caecc05add6e02d6d04314ad3cd5a158f72d0c85addbf6df5a1e8118 297956 bind9-utils-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 448efaf52d41af3e1867c3d92dbfc525855afbf5c5fa3cd41d2d7cfb7be23686 168264 bind9-utils_9.16.1-0ubuntu2.3_riscv64.deb e8f8f1a2369ce31b76de3963a28260b4c55d062e09d21ae0a47d2a03d5b7f0a5 10795 bind9_9.16.1-0ubuntu2.3_riscv64.buildinfo e0aaeb64861dfb31b93ffe9b7ad272127e51102b02ce41e3caa9b46b41bd42c1 218720 bind9_9.16.1-0ubuntu2.3_riscv64.deb d68110325e7f328bd9af3842856556180f18ee7e5c9051430c9aaa22b1e21cd3 13148 bind9_9.16.1-0ubuntu2.3_riscv64_translations.tar.gz Files: f34a00983b146f77b643614d202eb77e 524124 debug optional bind9-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb bee21ce00d7a05c7eb5fe9eebe7163ce 297208 debug optional bind9-dnsutils-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 2df9d5c90f36841a6d522e681be0fc54 131032 net standard bind9-dnsutils_9.16.1-0ubuntu2.3_riscv64.deb 3140577038c6546a311a0e3a77ac84a1 84752 debug optional bind9-host-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 8d85217de6b9b6070e2a943fd3a9329d 41664 net standard bind9-host_9.16.1-0ubuntu2.3_riscv64.deb 0f0442ae1db7bcdfc51f5f7c42ac12f7 3351188 debug optional bind9-libs-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb 5e8e35cbe9f7d8a70e46ee5205a14985 1034352 libs standard bind9-libs_9.16.1-0ubuntu2.3_riscv64.deb a5e87354e95b32561d8dd0be9c352d0c 297956 debug optional bind9-utils-dbgsym_9.16.1-0ubuntu2.3_riscv64.ddeb cc415e71b34edf5cc6dcdd2393239380 168264 net optional bind9-utils_9.16.1-0ubuntu2.3_riscv64.deb a64b1000e95d3e1506970d4c34f957cc 10795 net optional bind9_9.16.1-0ubuntu2.3_riscv64.buildinfo d96a73dd01a5bac0444da02eb279ab0d 218720 net optional bind9_9.16.1-0ubuntu2.3_riscv64.deb ef85ac9f94bf829ccdef4ddc5efa838f 13148 raw-translations - bind9_9.16.1-0ubuntu2.3_riscv64_translations.tar.gz Original-Maintainer: Debian DNS Team