Package "bind9"

Moved to lunar:main:updates

Name: bind9


Internet Domain Name Server

Latest version: *DELETED*
Release: lunar (23.04)
Level: proposed
Repository: main
Homepage: https://www.isc.org/downloads/bind/


Download "bind9"

Other versions of "bind9" in Lunar

Repository Area Version
base main 1:9.18.12-1ubuntu1
base universe 1:9.18.12-1ubuntu1
security main 1:9.18.12-1ubuntu1.2
security universe 1:9.18.12-1ubuntu1.2
updates main 1:9.18.18-0ubuntu0.23.04.1
updates universe 1:9.18.18-0ubuntu0.23.04.1

Packages in group

Deleted packages are displayed in grey.


Version: *DELETED* 2023-10-27 06:08:44 UTC
Moved to lunar:main:updates
No changelog for deleted or moved packages.

Version: 1:9.18.18-0ubuntu0.23.04.1 2023-09-29 23:06:55 UTC

  bind9 (1:9.18.18-0ubuntu0.23.04.1) lunar; urgency=medium

  * New upstream release 9.18.18 (LP: #2028413)
    - Updates:
      + Mark a primary server as temporarily unreachable when a TCP connection
        response to an SOA query times out, matching behavior of a refused TCP
      + Mark dialup and heartbeat-interval options as deprecated.
      + Retry DNS queries without an EDNS COOKIE when the first response is
        FORMERR with the EDNS COOKIE that was sent originally.
      + Use NS records for the relaxed QNAME minimization mode to reduce the
        number of queries from named.
      + Mark TKEY mode 2 as deprecated.
      + Mark delegation-only and root-delegation-only as deprecated.
      + Run RPZ and catalog zone updates on specialized offload threads to
        reduce blocked query processing time.
    - Bug Fixes:
      + Fix assertion failure from processing already-queued queries while
        server is being reconfigured or cache is being flushed.
      + Fix failure to load zones containing resource records with a TTL value
        larger than 86400 seconds when dnssec-policy is set to insecure.
      + Fix the ability to read HMAC-MD5 key files (LP: #2015176).
      + Fix stability issues with the catalog zone implementation.
      + Fix bind9 getting stuck when listen-on statement for HTTP is removed
        from configuration.
      + Do not return delegation from cache after stale-answer-client-timeout.
      + Fix failure to auto-tune clients-per-query limit in some situations.
      + Fix proper timeouts when using max-transfer-time-in and
        max-transfer-idle-in statements.
      + Bring rndc read timeout back to 60 seconds from 30.
      + Treat libuv returning ISC_R_INVALIDPROTO as a network error.
      + Clean up empty-non-terminal NSEC3 records.
      + Fix log file rotation cleanup for absolute file path destinations.
      + Fix various catalog zone processing crashes.
      + Fix transfer hang when downloading large zones over TLS.
      + Fix named crash when adding a new zone into the configuration file for
        a name which was already configured as member zone for a catalog zone.
      + Delay DNSSEC key queries until all zones have finished loading.
    - See https://bind9.readthedocs.io/en/v9.18.18/notes.html for additional
  * d/p/CVE-2023-2828.patch, CVE-2023-2911.patch: Remove - fixed upstream in
  * d/p/CVE-2023-3341.patch: Refresh, matching upstream, to apply in 9.18.18.
  * d/t/control, d/t/dyndb-ldap: add DEP8 test (LP: #2032650)

 -- Lena Voytek <email address hidden> Wed, 20 Sep 2023 14:52:27 -0700

2028413 MRE updates of bind9 for focal, jammy and lunar
2015176 Ubuntu 22.04.2, nsupdate stopped recognizing HMAC-MD5 key after update from 1:9.18.1-1ubuntu1.3 to 1:9.18.12-0ubuntu0.22.04.1
2032650 Add DEP8 tests for bind-dyndb-ldap integration
CVE-2023-2828 named's configured cache size limit can be significantly exceeded
CVE-2023-2911 Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0
CVE-2023-3341 A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly

About   -   Send Feedback to @ubuntu_updates