Ubuntu
bind9 package

~nacc/ubuntu/+source/bind9:ubuntu/natty-security

  1. Git
  2. lp:~nacc/ubuntu/+source/bind9
  3. ubuntu/natty-security
Last commit made on 2012-10-10
Get this branch:
git clone -b ubuntu/natty-security https://git.launchpad.net/~nacc/ubuntu/+source/bind9
Only Nish Aravamudan can upload to this branch. If you are Nish Aravamudan please log in for upload directions.

Branch merges

Branch information

Name:
ubuntu/natty-security
Repository:
lp:~nacc/ubuntu/+source/bind9

Recent commits

d2d32d6... by Marc Deslauriers

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu2.7 to ubuntu/natty-security

Imported using usd-importer.

Publish parent: e8b719b8ea2c0f0b57b679952602076c3b40cc5e

New changelog entries:
  * SECURITY UPDATE: denial of service via specific combinations of RDATA
    - bin/named/query.c: fix logic
    - Patch backported from 9.8.3-P4
    - CVE-2012-5166

e8b719b... by Marc Deslauriers

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu2.6 to ubuntu/natty-security

Imported using usd-importer.

Publish parent: fea6c6d2995cb32ce729e71fdd69ec5c6346d99d

New changelog entries:
  * SECURITY UPDATE: denial of service via large crafted resource record
    - check length in lib/dns/include/dns/rdata.h,
      lib/dns/{master,rdata,rdataslab}.c.
    - Patch backported from 9.7.6-P3
    - CVE-2012-4244

fea6c6d... by Marc Deslauriers

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu2.5 to ubuntu/natty-security

Imported using usd-importer.

Publish parent: 136c0e3dde153c3d8921013f2eaa3a152e13fef5

New changelog entries:
  * SECURITY UPDATE: denial of service via dnssec validation load
    - lib/dns/resolver.c: don't use bad->expire before it has been set.
    - Patch backported from 9.7.6-P2.
    - CVE-2012-3817

136c0e3... by Marc Deslauriers

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu2.4 to ubuntu/natty-security

Imported using usd-importer.

Publish parent: 83d75033d10a105e246373d5b21782dd80916690

New changelog entries:
  * SECURITY UPDATE: ghost domain names attack
    - lib/dns/rbtdb.c: Restrict the TTL of NS RRset to no more than that
      of the old NS RRset when replacing it.
    - Patch backported from 9.7.5.
    - CVE-2012-1033
  * SECURITY UPDATE: denial of service via zero length rdata handling
    - lib/dns/rdata.c,lib/dns/rdataslab.c: use sentinel pointer for
      duplicate rdata.
    - Patch backported from 9.7.6-P1.
    - CVE-2012-1667

83d7503... by Marc Deslauriers

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu2.3 to ubuntu/natty-security

Imported using usd-importer.

Publish parent: 0aecf73902564c9381a3ffac1c33b8225f10395c

New changelog entries:
  * SECURITY UPDATE: denial of service via specially crafted packet
    - bin/named/query.c,lib/dns/rbtdb.c: correctly handle cache lookups
      that return RRSIG data associated with nonexistent records.
    - Patch backported from 9.7.4-P1.
    - CVE-2011-4313

0aecf73... by Marc Deslauriers

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu2.2 to ubuntu/natty-security

Imported using usd-importer.

Publish parent: 49ee28ae0fa1a9782fe074d4a6056bdce9ccf04d

New changelog entries:
  * SECURITY UPDATE: denial of service via specially crafted packet
    - lib/dns/include/dns/rdataset.h, lib/dns/{masterdump,message,ncache,
      nsec3,rbtdb,rdataset,resolver,validator}.c: Use an rdataset attribute
      flag to indicate negative-cache records rather than using rrtype 0.
    - Patch backported from 9.7.3-P3.
    - CVE-2011-2464

49ee28a... by Marc Deslauriers

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu2.1 to ubuntu/natty-security

Imported using usd-importer.

Publish parent: d930472a7dc0a0cd3dbe7a8331c4843ba0dffdc2
Changelog parent: 311533a74d4cbea38a745ddce638cb0197733061

New changelog entries:
  * SECURITY UPDATE: denial of service via off-by-one
    - lib/dns/ncache.c: correctly validate length.
    - Patch backported from 9.7.3-P1.
    - CVE-2011-1910

d930472... by Michael Vogt

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu1 to ubuntu/natty

Imported using usd-importer.

Publish parent: 311533a74d4cbea38a745ddce638cb0197733061
Changelog parent: 8ed23aa467b6891336592cc8de247590e4e6375b

New changelog entries:
  * debian/bind9-default.md5sum:
    - updated to reflect the default md5sum in maverick and natty, this
      avoids a bogus /etc/default/bind9.dpkg-dist file
      (LP: #556332)

311533a... by Marc Deslauriers

Import patches-unapplied version 1:9.7.3.dfsg-1ubuntu2 to ubuntu/natty

Imported using usd-importer.

Publish parent: e9fc6a0483f4db65b1a632f0c49e60f757fadee1

New changelog entries:
  * debian/rules, configure, contrib/dlz/config.dlz.in: use
    DEB_HOST_MULTIARCH so we can find multiarch libraries and fix FTBFS.
    (LP: #745642)
  * debian/bind9-default.md5sum:
    - updated to reflect the default md5sum in maverick and natty, this
      avoids a bogus /etc/default/bind9.dpkg-dist file
      (LP: #556332)

e9fc6a0... by LaMont Jones

Import patches-unapplied version 1:9.7.3.dfsg-1 to ubuntu/natty

Imported using usd-importer.

Publish parent: 47afc61e534b6b6a26944c84f6e83b5d70bad60c
Changelog parent: 8ed23aa467b6891336592cc8de247590e4e6375b