[ubuntu/hirsute-proposed] bind9-libs 1:9.11.19+dfsg-2ubuntu1 (Accepted)
Gianfranco Costamagna
locutusofborg at debian.org
Fri Feb 19 09:21:14 UTC 2021
bind9-libs (1:9.11.19+dfsg-2ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/patches/0010-fix-1872118.patch: Check if pending_send
if set before calling dispatch_send. Fixes LP: #1872118.
bind9-libs (1:9.11.19+dfsg-2) unstable; urgency=high
* Although none of these CVEs affect the ISC DHCP, it's better to have
them all fixed just for the same the assumption proves false in the
future:
+ [CVE-2020-8625]: Fix off-by-one bug in ISC SPNEGO implementation.
+ [CVE-2020-8624]: "update-policy" rules of type "subdomain" were
incorrectly treated as "zonesub" rules, which allowed keys used in
"subdomain" rules to update names outside of the specified
subdomains. The problem was fixed by making sure "subdomain" rules
are again processed as described in the ARM.
+ [CVE-2020-8622]: It was possible to trigger an assertion failure
when verifying the response to a TSIG-signed request.
Date: Fri, 19 Feb 2021 10:20:37 +0100
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Maintainer: Debian DNS Team <team+dns at tracker.debian.org>
https://launchpad.net/ubuntu/+source/bind9-libs/1:9.11.19+dfsg-2ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 19 Feb 2021 10:20:37 +0100
Source: bind9-libs
Architecture: source
Version: 1:9.11.19+dfsg-2ubuntu1
Distribution: hirsute
Urgency: high
Maintainer: Debian DNS Team <team+dns at tracker.debian.org>
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Launchpad-Bugs-Fixed: 1872118
Changes:
bind9-libs (1:9.11.19+dfsg-2ubuntu1) hirsute; urgency=low
.
* Merge from Debian unstable. Remaining changes:
- debian/patches/0010-fix-1872118.patch: Check if pending_send
if set before calling dispatch_send. Fixes LP: #1872118.
.
bind9-libs (1:9.11.19+dfsg-2) unstable; urgency=high
.
* Although none of these CVEs affect the ISC DHCP, it's better to have
them all fixed just for the same the assumption proves false in the
future:
+ [CVE-2020-8625]: Fix off-by-one bug in ISC SPNEGO implementation.
+ [CVE-2020-8624]: "update-policy" rules of type "subdomain" were
incorrectly treated as "zonesub" rules, which allowed keys used in
"subdomain" rules to update names outside of the specified
subdomains. The problem was fixed by making sure "subdomain" rules
are again processed as described in the ARM.
+ [CVE-2020-8622]: It was possible to trigger an assertion failure
when verifying the response to a TSIG-signed request.
Checksums-Sha1:
08cabf7f3a663f7a556a5f0dd1003ecf07cf17bf 3414 bind9-libs_9.11.19+dfsg-2ubuntu1.dsc
8c4c91d0a369a318950bd431fc178a66d1bf98ff 75216 bind9-libs_9.11.19+dfsg-2ubuntu1.debian.tar.xz
89d8fff8232858fa5b50a821dd5a236d0c20559d 7714 bind9-libs_9.11.19+dfsg-2ubuntu1_source.buildinfo
Checksums-Sha256:
bccfea149efcf1e35b482bd314fe4894f76186bd79369f10a6c0ef23ea45b880 3414 bind9-libs_9.11.19+dfsg-2ubuntu1.dsc
9d3498a73d6c90d393322fc5e76434844915760d0a41023dfa0764e1e93ea409 75216 bind9-libs_9.11.19+dfsg-2ubuntu1.debian.tar.xz
0c5c2e360dec34b134d0df14507bb2b6c1e9265a475170a6fb020bc2bf91783a 7714 bind9-libs_9.11.19+dfsg-2ubuntu1_source.buildinfo
Files:
48c93b0a9f1d98a9ae3dd467bb6d398a 3414 net optional bind9-libs_9.11.19+dfsg-2ubuntu1.dsc
50641271134fee82725a5a43daf1b77b 75216 net optional bind9-libs_9.11.19+dfsg-2ubuntu1.debian.tar.xz
988a328e70307b34239ae5d85491aaef 7714 net optional bind9-libs_9.11.19+dfsg-2ubuntu1_source.buildinfo
More information about the Hirsute-changes
mailing list