Ubuntu
bind9 package

~geoffrey-goldstraw/ubuntu/+source/bind9:ubuntu/jammy

  1. Git
  2. lp:~geoffrey-goldstraw/ubuntu/+source/bind9
  3. ubuntu/jammy
Last commit made on 2022-03-23
Get this branch:
git clone -b ubuntu/jammy https://git.launchpad.net/~geoffrey-goldstraw/ubuntu/+source/bind9
Only Geoffrey Goldstraw can upload to this branch. If you are Geoffrey Goldstraw please log in for upload directions.

Branch merges

Branch information

Name:
ubuntu/jammy
Repository:
lp:~geoffrey-goldstraw/ubuntu/+source/bind9

Recent commits

b9d932e... by Sergio Durigan Junior

update-maintainer

dde5051... by Sergio Durigan Junior

reconstruct-changelog

1830e57... by Sergio Durigan Junior

merge-changelogs

23d9b24... by Sergio Durigan Junior

  * Added changes:
    - d/p/lp1964400-lp1964686-Add-digdelv-system-test-to-check-that-dig-tries-othe.patch,
      d/p/lp1964400-lp1964686-Add-digdelv-system-test-to-check-timed-out-result-fo.patch,
      d/p/lp1964400-lp1964686-Add-various-dig-host-tests-for-TCP-UDP-socket-error-.patch,
      d/p/lp1964400-lp1964686-After-dig-request-errors-try-to-use-other-servers-wh.patch,
      d/p/lp1964400-lp1964686-Fix-an-issue-in-dig-when-retrying-with-the-next-serv.patch,
      d/p/lp1964400-lp1964686-Fix-dig-error-when-trying-the-next-server-after-a-TC.patch,
      d/p/lp1964400-lp1964686-When-resending-a-UDP-request-insert-the-query-to-the.patch:
      Fix dig error when trying the next server after a TCP connection
      failure. This upstream patchset also fixes a crash when using
      the "host" command for numeric lookups (LP: #1964400) and an
      infinite hang when passing a non-existent hostname to "host" (LP:
      #1964686).

9679321... by Sergio Durigan Junior

    - SECURITY UPDATE: cache poisoning via bogus NS records
      + debian/patches/CVE-2021-25220.patch: tighten rules for acceptance of
        records into the cache in lib/dns/resolver.c.
      + CVE-2021-25220
      [ Incorporated in 9.18.1. ]
    - SECURITY UPDATE: DoS via specially crafted TCP stream
      + debian/patches/CVE-2022-0396.patch: ensure correct ordering in
        lib/isc/netmgr/netmgr.c.
      + CVE-2022-0396
      [ Incorporated in 9.18.1. ]
    - SECURITY UPDATE: DNAME insist with synth-from-dnssec enabled
      + debian/patches/CVE-2022-0635.patch: fix logic in lib/dns/rbtdb.c.
      + CVE-2022-0635
      [ Incorporated in 9.18.1. ]
    - SECURITY UPDATE: Assertion failure on delayed DS lookup
      + debian/patches/CVE-2022-0667.patch: fix logic in lib/dns/resolver.c.
      + CVE-2022-0667
      [ Incorporated in 9.18.1. ]

6baaa61... by Sergio Durigan Junior

  * Dropped changes:
    - d/p/0003-Remove-spurious-debugging-true.patch: remove development leftover
      debugging flag from nslookup code (LP: #1961556).
      [ Incorporated in 9.18.1. ]

a5308e2... by Athos Ribeiro

    - d/NEWS: mention some of the relevant changes in 9.18.0 packaging
      or functionality that may affect usability.

6a70b4f... by Athos Ribeiro

    - d/control: remove optional libjemalloc-dev Build-Depends as it is not in
      main.

29306e3... by Athos Ribeiro

    - d/bind9.named.service: use systemd Type=forking to signal daemon init.
      This fixes a regression of #900788 where services whose startup depend
      on name resolutions may fail due to bind9 not being ready (LP #1899902).

8bf84e8... by Andreas Hasenack

    - d/NEWS: mention some of the bigger changes in 9.16.0 packaging