bind9 (1:9.18.4-2ubuntu2) kinetic; urgency=medium
* SECURITY UPDATE: Processing large delegations may severely degrade
resolver performance
- debian/patches/CVE-2022-2795.patch: add limit to lib/dns/resolver.c.
- CVE-2022-2795
* SECURITY UPDATE: Buffer overread in statistics channel code
- debian/patches/CVE-2022-2881.patch: clear buffer in lib/isc/httpd.c.
- CVE-2022-2881
* SECURITY UPDATE: Memory leaks in code handling Diffie-Hellman key
exchange via TKEY RRs
- debian/patches/CVE-2022-2906.patch: adjust return code handling in
lib/dns/openssldh_link.c.
- CVE-2022-2906
* SECURITY UPDATE: resolvers configured to answer from cache with zero
stale-answer-timeout may terminate unexpectedly
- debian/patches/CVE-2022-3080.patch: refactor stale RRset handling in
lib/ns/include/ns/query.h, lib/ns/query.c.
- CVE-2022-3080
* SECURITY UPDATE: memory leaks in EdDSA DNSSEC verification code
- debian/patches/CVE-2022-38178.patch: fix return handling in
lib/dns/openssleddsa_link.c.
- CVE-2022-38178
Date: Wed, 21 Sep 2022 09:18:42 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.18.4-2ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 21 Sep 2022 09:18:42 -0400
Source: bind9
Built-For-Profiles: noudeb
Architecture: source
Version: 1:9.18.4-2ubuntu2
Distribution: kinetic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
bind9 (1:9.18.4-2ubuntu2) kinetic; urgency=medium
.
* SECURITY UPDATE: Processing large delegations may severely degrade
resolver performance
- debian/patches/CVE-2022-2795.patch: add limit to lib/dns/resolver.c.
- CVE-2022-2795
* SECURITY UPDATE: Buffer overread in statistics channel code
- debian/patches/CVE-2022-2881.patch: clear buffer in lib/isc/httpd.c.
- CVE-2022-2881
* SECURITY UPDATE: Memory leaks in code handling Diffie-Hellman key
exchange via TKEY RRs
- debian/patches/CVE-2022-2906.patch: adjust return code handling in
lib/dns/openssldh_link.c.
- CVE-2022-2906
* SECURITY UPDATE: resolvers configured to answer from cache with zero
stale-answer-timeout may terminate unexpectedly
- debian/patches/CVE-2022-3080.patch: refactor stale RRset handling in
lib/ns/include/ns/query.h, lib/ns/query.c.
- CVE-2022-3080
* SECURITY UPDATE: memory leaks in EdDSA DNSSEC verification code
- debian/patches/CVE-2022-38178.patch: fix return handling in
lib/dns/openssleddsa_link.c.
- CVE-2022-38178
Checksums-Sha1:
35e139b227acddcef711016900bbe112ff940434 3185 bind9_9.18.4-2ubuntu2.dsc
f01cc581c5b1c42a72b69416799e2e4140d25a05 90316 bind9_9.18.4-2ubuntu2.debian.tar.xz
8ccb6345bfaf4e3d9a68e53e30d22991b286292a 8606 bind9_9.18.4-2ubuntu2_source.buildinfo
Checksums-Sha256:
57d012d82c6c4fe0f1f6e74bf4c47023750296d35275237019a548879bfd87df 3185 bind9_9.18.4-2ubuntu2.dsc
9ce9aa5ed0d91ecd6c1add544947288ebb3b4d642a8650d0afe29d52b1d82abb 90316 bind9_9.18.4-2ubuntu2.debian.tar.xz
34c3dcd33dd28becd7d20d7f69f6a67bf8fa96a9ecfc8e0b6afde73a82d59d69 8606 bind9_9.18.4-2ubuntu2_source.buildinfo
Files:
411391e3c01d27acc2f631ddceefe7c0 3185 net optional bind9_9.18.4-2ubuntu2.dsc
9e55fc8b8beb236a67d3f711e82e5485 90316 net optional bind9_9.18.4-2ubuntu2.debian.tar.xz
ae68d4607e143f72d204d922b0bf00c8 8606 net optional bind9_9.18.4-2ubuntu2_source.buildinfo
Original-Maintainer: Debian DNS Team <team+dns at tracker.debian.org>