Package "bind9"

Name: bind9


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Transitional package for bind9-utils
  • Transitional package for bind9-dnsutils

Latest version: *DELETED*
Release: kinetic (22.10)
Level: proposed
Repository: universe


Other versions of "bind9" in Kinetic

Repository Area Version
base main 1:9.18.4-2ubuntu2
base universe 1:9.18.4-2ubuntu2
security universe 1:9.18.4-2ubuntu2.1
security main 1:9.18.4-2ubuntu2.1
updates main 1:9.18.12-0ubuntu0.22.10.1
updates universe 1:9.18.12-0ubuntu0.22.10.1

Packages in group

Deleted packages are displayed in grey.


Version: *DELETED* 2023-03-29 23:06:59 UTC
No changelog for deleted or moved packages.

Version: 1:9.18.12-0ubuntu0.22.10.1 2023-03-17 18:06:49 UTC

  bind9 (1:9.18.12-0ubuntu0.22.10.1) kinetic; urgency=medium

  * New upstream releases 9.18.5 - 9.18.12 (LP: #2003586)
    - Updates:
      + update-quota option
      + named -V shows supported cryptographic algorithms
    - Bug Fixes Include:
      + Fix crash when using dig with +nssearch and +tcp (LP: #1258003)
      + Fix incomplete results using dig with +nssearch (LP: #1970252)
      + CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080,
        CVE-2022-38178, CVE-2022-3094, CVE-2022-3736, CVE-2022-3924
      + Fix thread safety in dns_dispatch
      + Fix ADB quota management in resolver
      + Fix Prohibited DNS error on allow-recursion
      + Fix crash when restarting server with active statschannel connection
      + Fix use after free for catalog zone processing
      + Fix leak of dns_keyfileio_t objects
      + Fix nslookup failure to use port option when record type ANY is used
      + Fix crash on dnssec-policy zone with NSEC3 and inline-signing turned on
      + Fix inheritance when setting remote server port
      + Fix assertion error when accessing statistics channel
      + Fix rndc dumpdb -expired for stuck cache
      + Fix check for other name servers after receiving FORMERR
      + See https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-bind-9-18-12
        for additional bug fixes and information
  * Improve dep-8 test suite (LP: #2003584):
    - d/t/zonetest: Add dep8 test for checking the domain zone creation process
    - d/t/control: Add new test outline
  * d/bind9-doc.docs: Stop installing removed file doc/misc/options.active
  * d/p/0001-Disable-treat-warnings-as-errors-in-sphinx-build.patch: refresh to
    apply with version 9.18.8
  * Remove CVE patches fixed upstream:
    - debian/patches/CVE-2022-2795.patch
    - debian/patches/CVE-2022-2881.patch
    - debian/patches/CVE-2022-2906.patch
    - debian/patches/CVE-2022-3080.patch
    - debian/patches/CVE-2022-38178.patch
      [Included in upstream release 9.18.7]
    - debian/patches/CVE-2022-3094.patch
    - debian/patches/CVE-2022-3736.patch
    - debian/patches/CVE-2022-3924.patch
      [Included in upstream release 9.18.11]

 -- Lena Voytek <email address hidden> Wed, 08 Mar 2023 08:49:53 -0700

2003586 MRE Updates 9.18.12 / 9.16.36
1258003 DiG crashes on +nssearch with +tcp in bind9 9.18
1970252 The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04
2003584 Add better DEP-8 tests
CVE-2022-2795 Processing large delegations may severely degrade resolver performance
CVE-2022-2881 Buffer overread in statistics channel code
CVE-2022-2906 Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs
CVE-2022-3080 BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly
CVE-2022-38178 Memory leaks in EdDSA DNSSEC verification code
CVE-2022-3094 Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack
CVE-2022-3736 BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the
CVE-2022-3924 This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured wit

About   -   Send Feedback to @ubuntu_updates