[ubuntu/jammy-updates] bind9 1:9.18.39-0ubuntu0.22.04.3 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Mar 25 17:59:05 UTC 2026
bind9 (1:9.18.39-0ubuntu0.22.04.3) jammy-security; urgency=medium
* SECURITY UPDATE: Excessive NSEC3 iterations cause high CPU load during
insecure delegation validation
- debian/patches/CVE-2026-1519-1.patch: add reproducers to bin/tests/*.
- debian/patches/CVE-2026-1519-2.patch: check iterations in
isdelegation() in lib/dns/validator.c.
- debian/patches/CVE-2026-1519-3.patch: don't verify already trusted
rdatasets in lib/dns/include/dns/types.h, lib/dns/validator.c.
- debian/patches/CVE-2026-1519-4.patch: check RRset trust in
validate_neg_rrset() in lib/dns/validator.c.
- CVE-2026-1519
Date: 2026-03-24 17:53:46.860626+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.18.39-0ubuntu0.22.04.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list