UbuntuUpdates.org

Package "bind9"

Name: bind9

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Transitional package
  • Lightweight Resolver Daemon

Latest version: 1:9.8.1.dfsg.P1-4ubuntu0.22
Release: precise (12.04)
Level: updates
Repository: universe

Links

Save this URL for the latest version of "bind9": https://www.ubuntuupdates.org/bind9



Other versions of "bind9" in Precise

Repository Area Version
base universe 1:9.8.1.dfsg.P1-4
base main 1:9.8.1.dfsg.P1-4
security universe 1:9.8.1.dfsg.P1-4ubuntu0.22
security main 1:9.8.1.dfsg.P1-4ubuntu0.22
updates main 1:9.8.1.dfsg.P1-4ubuntu0.22

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:9.8.1.dfsg.P1-4ubuntu0.17 2016-09-27 15:06:38 UTC

  bind9 (1:9.8.1.dfsg.P1-4ubuntu0.17) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via assertion failure
    - lib/dns/message.c: properly handle lengths.
    - backported from patch provided by upstream.
    - CVE-2016-2776

 -- Marc Deslauriers <email address hidden> Mon, 26 Sep 2016 14:42:15 -0400

Source diff to previous version
CVE-2016-2776 RESERVED

Version: 1:9.8.1.dfsg.P1-4ubuntu0.16 2016-03-10 10:06:27 UTC

  bind9 (1:9.8.1.dfsg.P1-4ubuntu0.16) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via rndc control channel input
    parsing error
    - properly check data in bin/named/control.c, bin/named/controlconf.c,
      bin/rndc/rndc.c, lib/isccc/cc.c.
    - CVE-2016-1285
  * SECURITY UPDATE: denial of service via resource record signatures
    parsing issue
    - fix improper DNAME handling in lib/dns/resolver.c.
    - CVE-2016-1286

 -- Marc Deslauriers <email address hidden> Tue, 08 Mar 2016 08:35:01 -0500

Source diff to previous version

Version: 1:9.8.1.dfsg.P1-4ubuntu0.15 2016-01-19 23:06:46 UTC

  bind9 (1:9.8.1.dfsg.P1-4ubuntu0.15) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via string formatting operations
    - lib/dns/rdata/in_1/apl_42.c: use correct length.
    - CVE-2015-8704

 -- Marc Deslauriers Mon, 18 Jan 2016 07:56:11 -0500

Source diff to previous version
CVE-2015-8704 Specific APL data could trigger an INSIST in apl_42.c

Version: 1:9.8.1.dfsg.P1-4ubuntu0.14 2015-12-15 23:06:38 UTC

  bind9 (1:9.8.1.dfsg.P1-4ubuntu0.14) precise-security; urgency=medium

  * SECURITY UPDATE: REQUIRE failure via incorrect class
    - properly handle class in lib/dns/include/dns/message.h,
      lib/dns/message.c, lib/dns/resolver.c, lib/dns/xfrin.c.
    - CVE-2015-8000

 -- Marc Deslauriers Mon, 14 Dec 2015 13:48:33 -0500

Source diff to previous version
CVE-2015-8000 Responses with a malformed class attribute can trigger an assertion failure in db.c

Version: 1:9.8.1.dfsg.P1-4ubuntu0.13 2015-09-02 22:07:02 UTC

  bind9 (1:9.8.1.dfsg.P1-4ubuntu0.13) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service in DNSSEC-signed record validation
    via malformed keys
    - fix validation inlib/dns/hmac_link.c, lib/dns/include/dst/dst.h,
      lib/dns/ncache.c, lib/dns/openssldh_link.c,
      lib/dns/openssldsa_link.c, lib/dns/opensslrsa_link.c,
      lib/dns/resolver.c.
    - CVE-2015-5722

 -- Marc Deslauriers Tue, 01 Sep 2015 14:07:19 -0400

CVE-2015-5722 RESERVED



About   -   Send Feedback to @ubuntu_updates