Package "libisccc160"

Name: libisccc160


Command Channel Library used by BIND

Latest version: 1:9.11.3+dfsg-1ubuntu1.13
Release: bionic (18.04)
Level: security
Repository: main
Head package: bind9
Homepage: https://www.isc.org/downloads/bind/


Download "libisccc160"

Other versions of "libisccc160" in Bionic

Repository Area Version
updates main 1:9.11.3+dfsg-1ubuntu1.13


Version: 1:9.11.3+dfsg-1ubuntu1.5 2019-02-22 09:06:41 UTC

  bind9 (1:9.11.3+dfsg-1ubuntu1.5) bionic-security; urgency=medium

  * SECURITY UPDATE: memory leak via specially crafted packet
    - debian/patches/CVE-2018-5744.patch: silently drop additional keytag
      options in bin/named/client.c.
    - CVE-2018-5744
  * SECURITY UPDATE: assertion failure when a trust anchor rolls over to an
    unsupported key algorithm when using managed-keys
    - debian/patches/CVE-2018-5745.patch: properly handle situations when
      the key tag cannot be computed in lib/dns/include/dst/dst.h,
    - CVE-2018-5745
  * SECURITY UPDATE: Controls for zone transfers may not be properly
    applied to Dynamically Loadable Zones (DLZs) if the zones are writable
    - debian/patches/CVE-2019-6465.patch: handle zone transfers marked in
      the zone table as a DLZ zone bin/named/xfrout.c.
    - CVE-2019-6465

 -- Marc Deslauriers <email address hidden> Wed, 20 Feb 2019 09:10:34 +0100

Source diff to previous version
CVE-2018-5744 A specially crafted packet can cause named to leak memory
CVE-2018-5745 An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys
CVE-2019-6465 Zone transfer controls for writable DLZ zones were not effective

Version: 1:9.11.3+dfsg-1ubuntu1.2 2018-09-20 09:06:57 UTC

  bind9 (1:9.11.3+dfsg-1ubuntu1.2) bionic-security; urgency=medium

  * SECURITY UPDATE: denial of service crash when deny-answer-aliases
    option is used
    - debian/patches/CVE-2018-5740-1.patch: explicit DNAME query could
      trigger a crash if deny-answer-aliases was set
    - debian/patches/CVE-2018-5740-2.patch: add tests
    - debian/patches/CVE-2018-5740-3.patch: caclulate nlabels and set
      *chainingp correctly, add test
    - CVE-2018-5740

 -- Steve Beattie <email address hidden> Thu, 09 Aug 2018 23:26:07 -0700

Source diff to previous version
CVE-2018-5740 A flaw in the "deny-answer-aliases" feature can cause an INSIST assertion failure in named

Version: 1:9.11.3+dfsg-1ubuntu1.1 2018-06-13 13:07:37 UTC

  bind9 (1:9.11.3+dfsg-1ubuntu1.1) bionic-security; urgency=medium

  * SECURITY UPDATE: improperly permits recursive query service
    - debian/patches/CVE-2018-5738.patch: fix configure_view_acl() handling
      in bin/named/server.c.
    - CVE-2018-5738

 -- Marc Deslauriers <email address hidden> Mon, 11 Jun 2018 09:41:51 -0400

CVE-2018-5738 Some versions of BIND can improperly permit recursive query service to unauthorized clients

About   -   Send Feedback to @ubuntu_updates