Package "bind9-doc"

Name:	bind9-doc
Description:	Documentation for BIND
Latest version:	1:9.11.3+dfsg-1ubuntu1.18
Release:	bionic (18.04)
Level:	security
Repository:	main
Head package:	bind9
Homepage:	https://www.isc.org/downloads/bind/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "bind9-doc"

All arch deb package

APT INSTALL

Other versions of "bind9-doc" in Bionic

Repository	Area	Version
base	main	1:9.11.3+dfsg-1ubuntu1
updates	main	1:9.11.3+dfsg-1ubuntu1.18
proposed	main	1:9.11.3+dfsg-1ubuntu1.19

Changelog

Version: 1:9.11.3+dfsg-1ubuntu1.13 2020-08-21 14:06:19 UTC

Version: 1:9.11.3+dfsg-1ubuntu1.13	2020-08-21 14:06:19 UTC
bind9 (1:9.11.3+dfsg-1ubuntu1.13) bionic-security; urgency=medium * SECURITY UPDATE: A truncated TSIG response can lead to an assertion failure - debian/patches/CVE-2020-8622.patch: move code in lib/dns/message.c. - CVE-2020-8622 * SECURITY UPDATE: A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure - debian/patches/CVE-2020-8623.patch: add extra checks in lib/dns/pkcs11dh_link.c, lib/dns/pkcs11dsa_link.c, lib/dns/pkcs11rsa_link.c, lib/isc/include/pk11/internal.h, lib/isc/pk11.c. - CVE-2020-8623 * SECURITY UPDATE: update-policy rules of type subdomain were enforced incorrectly - debian/patches/CVE-2020-8624.patch: add extra check in bin/named/zoneconf.c. - CVE-2020-8624 -- Marc Deslauriers <email address hidden> Tue, 18 Aug 2020 08:08:32 -0400
Source diff to previous version

bind9 (1:9.11.3+dfsg-1ubuntu1.13) bionic-security; urgency=medium * SECURITY UPDATE: A truncated TSIG response can lead to an assertion failure - debian/patches/CVE-2020-8622.patch: move code in lib/dns/message.c. - CVE-2020-8622 * SECURITY UPDATE: A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure - debian/patches/CVE-2020-8623.patch: add extra checks in lib/dns/pkcs11dh_link.c, lib/dns/pkcs11dsa_link.c, lib/dns/pkcs11rsa_link.c, lib/isc/include/pk11/internal.h, lib/isc/pk11.c. - CVE-2020-8623 * SECURITY UPDATE: update-policy rules of type subdomain were enforced incorrectly - debian/patches/CVE-2020-8624.patch: add extra check in bin/named/zoneconf.c. - CVE-2020-8624 -- Marc Deslauriers <email address hidden> Tue, 18 Aug 2020 08:08:32 -0400

Source diff to previous version

Version: 1:9.11.3+dfsg-1ubuntu1.12 2020-05-19 13:06:33 UTC

Version: 1:9.11.3+dfsg-1ubuntu1.12	2020-05-19 13:06:33 UTC
bind9 (1:9.11.3+dfsg-1ubuntu1.12) bionic-security; urgency=medium * SECURITY UPDATE: BIND does not sufficiently limit the number of fetches performed when processing referrals - debian/patches/CVE-2020-8616.patch: further limit the number of queries that can be triggered from a request in lib/dns/adb.c, lib/dns/include/dns/adb.h, lib/dns/resolver.c. - CVE-2020-8616 * SECURITY UPDATE: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c - debian/patches/CVE-2020-8617.patch: don't allow replaying a TSIG BADTIME response in lib/dns/tsig.c. - CVE-2020-8617 -- Marc Deslauriers <email address hidden> Fri, 15 May 2020 08:17:59 -0400
Source diff to previous version

bind9 (1:9.11.3+dfsg-1ubuntu1.12) bionic-security; urgency=medium * SECURITY UPDATE: BIND does not sufficiently limit the number of fetches performed when processing referrals - debian/patches/CVE-2020-8616.patch: further limit the number of queries that can be triggered from a request in lib/dns/adb.c, lib/dns/include/dns/adb.h, lib/dns/resolver.c. - CVE-2020-8616 * SECURITY UPDATE: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c - debian/patches/CVE-2020-8617.patch: don't allow replaying a TSIG BADTIME response in lib/dns/tsig.c. - CVE-2020-8617 -- Marc Deslauriers <email address hidden> Fri, 15 May 2020 08:17:59 -0400

Source diff to previous version

Version: 1:9.11.3+dfsg-1ubuntu1.11 2019-11-21 13:06:24 UTC

bind9 (1:9.11.3+dfsg-1ubuntu1.11) bionic-security; urgency=medium * SECURITY UPDATE: TCP Pipelining doesn't limit TCP clients on a single connection - debian/patches/CVE-2019-6477.patch: limit number of clients in bin/named/client.c, bin/named/include/named/client.h. - CVE-2019-6477 -- Marc Deslauriers <email address hidden> Mon, 18 Nov 2019 10:01:47 -0500

Source diff to previous version

CVE-2019-6477

TCP-pipelined queries can bypass tcp-clients limit

Version: 1:9.11.3+dfsg-1ubuntu1.8 2019-06-20 13:07:59 UTC

bind9 (1:9.11.3+dfsg-1ubuntu1.8) bionic-security; urgency=medium * SECURITY UPDATE: DoS via malformed packets - debian/patches/CVE-2019-6471.patch: fix race condition in lib/dns/dispatch.c. - CVE-2019-6471 -- Marc Deslauriers <email address hidden> Tue, 18 Jun 2019 18:55:08 -0400

Source diff to previous version

CVE-2019-6471

A race condition when discarding malformed packets can cause BIND to exit with an assertion failure

Version: 1:9.11.3+dfsg-1ubuntu1.7 2019-04-25 15:07:09 UTC

bind9 (1:9.11.3+dfsg-1ubuntu1.7) bionic-security; urgency=medium * SECURITY UPDATE: limiting simultaneous TCP clients is ineffective - debian/patches/CVE-2018-5743.patch: add reference counting in bin/named/client.c, bin/named/include/named/client.h, bin/named/include/named/interfacemgr.h, bin/named/interfacemgr.c, lib/isc/include/isc/quota.h, lib/isc/quota.c, lib/isc/win32/libisc.def.in. - debian/patches/CVE-2018-5743-atomic-fix.patch: replace atomic operations with isc_refcount reference counting in bin/named/client.c, bin/named/include/named/interfacemgr.h, bin/named/interfacemgr.c. - debian/libisc169.symbols: added new symbols. - CVE-2018-5743 -- Marc Deslauriers <email address hidden> Wed, 24 Apr 2019 06:04:51 -0400

CVE-2018-5743

Limiting simultaneous TCP clients is ineffective

About - Send Feedback to @ubuntu_updates

Package "bind9-doc"

Links

Download "bind9-doc"

Other versions of "bind9-doc" in Bionic

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

PPA updates