be71e7b...
by
Marc Deslauriers
on 2010-11-26
Import patches-applied version 1:9.6.1. dfsg.P1- 3ubuntu0. 4 to applied/ ubuntu/ karmic- security
Imported using usd-importer.
Publish parent: 558fb6e51db0d5e 3054099e4f441e3 b37619425b
Unapplied parent: 0f028fb97eed7a0 f70f86e832ac2bf ece85d9491
New changelog entries:
* SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
same type
- lib/dns/rbtdb.c: properly mark existing RRSIG records as stale.
- bin/tests/ system/ resolver/ *: added tests.
- CVE-2010-3613
* SECURITY UPDATE: answers incorrectly marked as insecure during key
algorithm rollover
- lib/dns/ include/ dns/types. h, lib/dns/ validator. c: improve logic.
- bin/tests/ system/ dnssec/ *: added tests.
- CVE-2010-3614
0f028fb...
by
Marc Deslauriers
on 2010-11-26
Import patches-unapplied version 1:9.6.1. dfsg.P1- 3ubuntu0. 4 to ubuntu/ karmic- security
Imported using usd-importer.
Publish parent: 1deaeda9d079c6f 93ddd6d8fbc99db 74a49a6d98
New changelog entries:
* SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
same type
- lib/dns/rbtdb.c: properly mark existing RRSIG records as stale.
- bin/tests/ system/ resolver/ *: added tests.
- CVE-2010-3613
* SECURITY UPDATE: answers incorrectly marked as insecure during key
algorithm rollover
- lib/dns/ include/ dns/types. h, lib/dns/ validator. c: improve logic.
- bin/tests/ system/ dnssec/ *: added tests.
- CVE-2010-3614
558fb6e...
by
Marc Deslauriers
on 2010-01-19
Import patches-applied version 1:9.6.1. dfsg.P1- 3ubuntu0. 3 to applied/ ubuntu/ karmic- security
Imported using usd-importer.
Publish parent: 9d5a8b10a1dc7fc a85c7ee223a96a2 c42a4347c2
Unapplied parent: 1deaeda9d079c6f 93ddd6d8fbc99db 74a49a6d98
New changelog entries:
* SECURITY UPDATE: incorrect cache update from additional section
- bin/named/query.c, lib/dns/ include/ dns/{db. h,types. h},
lib/ dns/{rbtdb. c,resolver. c,validator. c}: further fixes backported
from 9.6.1-P3
- CVE-2009-4022
* SECURITY UPDATE: incorrect caching of bogus NXDOMAIN responses
- bin/named/query.c, lib/dns/ include/ dns/{db. h,types. h},
lib/ dns/{rbtdb. c,resolver. c,validator. c}: fixes backported from
9.6.1-P3
- CVE-2010-0097
1deaeda...
by
Marc Deslauriers
on 2010-01-19
Import patches-unapplied version 1:9.6.1. dfsg.P1- 3ubuntu0. 3 to ubuntu/ karmic- security
Imported using usd-importer.
Publish parent: baf3a9f861c70b9 bbe95a0cc9a0b40 0c12e2f2c0
New changelog entries:
* SECURITY UPDATE: incorrect cache update from additional section
- bin/named/query.c, lib/dns/ include/ dns/{db. h,types. h},
lib/ dns/{rbtdb. c,resolver. c,validator. c}: further fixes backported
from 9.6.1-P3
- CVE-2009-4022
* SECURITY UPDATE: incorrect caching of bogus NXDOMAIN responses
- bin/named/query.c, lib/dns/ include/ dns/{db. h,types. h},
lib/ dns/{rbtdb. c,resolver. c,validator. c}: fixes backported from
9.6.1-P3
- CVE-2010-0097
9d5a8b1...
by
Marc Deslauriers
on 2009-12-04
Import patches-applied version 1:9.6.1. dfsg.P1- 3ubuntu0. 2 to applied/ ubuntu/ karmic- security
Imported using usd-importer.
Changelog parent: b24d1175e7b3dcf 276b5cf04ab44be 2bbdd1429a
Unapplied parent: baf3a9f861c70b9 bbe95a0cc9a0b40 0c12e2f2c0
New changelog entries:
* SECURITY UPDATE: incorrect cache update from additional section
- CHANGES, bin/named/query.c, lib/dns/ {include/ dns/types. h,
masterdum p.c,rbtdb. c,resolver. c,validator. c}: handle the additional
section properly. lib/dns/api, version: increment versions.
- debian/*: increment to libdns53, add libdns50 metapackage so
upgrade- manager won't hold the bind9 upgrade back.
- CVE-2009-4022
baf3a9f...
by
Marc Deslauriers
on 2009-12-04
Import patches-unapplied version 1:9.6.1. dfsg.P1- 3ubuntu0. 2 to ubuntu/ karmic- security
Imported using usd-importer.
Publish parent: a6d5c4f1aa06e66 8b466870d5aea89 2e063ba031
New changelog entries:
* SECURITY UPDATE: incorrect cache update from additional section
- CHANGES, bin/named/query.c, lib/dns/ {include/ dns/types. h,
masterdum p.c,rbtdb. c,resolver. c,validator. c}: handle the additional
section properly. lib/dns/api, version: increment versions.
- debian/*: increment to libdns53, add libdns50 metapackage so
upgrade- manager won't hold the bind9 upgrade back.
- CVE-2009-4022
a6d5c4f...
by
LaMont Jones
on 2009-08-17
Import patches-unapplied version 1:9.6.1.dfsg.P1-3 to ubuntu/karmic
Imported using usd-importer.
Publish parent: 14cfe759174f0b4 62498be066e3883 05262d820f
Changelog parent: c2775f4832b051b b9d6268d83fbb99 d87a3d229c
b24d117...
by
LaMont Jones
on 2009-08-17
Import patches-applied version 1:9.6.1.dfsg.P1-3 to applied/debian/sid
Imported using usd-importer.
Publish parent: 30e40fb34e3e9fa 016639c9441b883 bbc35ad36c
Unapplied parent: c2775f4832b051b b9d6268d83fbb99 d87a3d229c
New changelog entries:
* Build-Depend on the fixed libgeoip-dev. Closes: #540973
c2775f4...
by
LaMont Jones
on 2009-08-17
Import patches-unapplied version 1:9.6.1.dfsg.P1-3 to debian/sid
Imported using usd-importer.
Publish parent: a9c75a11201e0ea 26c87975fa85a6a 47a24c34dc
New changelog entries:
* Build-Depend on the fixed libgeoip-dev. Closes: #540973
30e40fb...
by
LaMont Jones
on 2009-08-14
Import patches-applied version 1:9.6.1.dfsg.P1-2 to applied/debian/sid
Imported using usd-importer.
Publish parent: 70b1bb090d813e8 4a124cd07342757 3ba55d05e8
Unapplied parent: a9c75a11201e0ea 26c87975fa85a6a 47a24c34dc
New changelog entries:
[Jamie Strandboge]
* reload individual named profile, not all of apparmor. LP: #412751
[Guillaume Delacour]
* bind9 did not purge cleanly. Closes: #497959
[LaMont Jones]
* postinst: do not append a blank line to /etc/default/bind9.
Closes: #541469
* init.d stop needs to not error out. LP: #398033
* meta: fix build-depends. Closes: #539230