Aside from CVEs, I didn't look at what else is changed in the newer upstream versions, but .7 and .8 look fairly minor, and Debian has probably cherrypicked all the valuables from .6.
So, apart from the one outstanding CVE (which might be nice to include but perhaps ok to leave for followup), the package looks good, so I'll give it my +1.
* Verified all items in Remaining Changes still present in debdiff @@@@@@@ @@@@@@ summary
* Verified Maintainer
* No changes outside debian/
* In lxc tested installation, uninstallation, and purge
* Ran autopkgtests:
- - - - - - - - - - results - - - - - - - - - -
simpletest PASS
autopkgtest [02:15:41]: @@@@@@@
simpletest PASS
* Verified version matches what's in debian unstable, although newer version in debian new:
bind9 | 1:9.11.5.P4+dfsg-5 | testing | source, amd64, ...
bind9 | 1:9.11.5.P4+dfsg-5 | unstable | source, amd64, ...
bind9 | 1:9.11.6+dfsg-1 | new | source, amd64
* I verified we have the CVEs mentioned for 9.11.6 and 9.11.7:
9.11.6: /ftp.isc. org/isc/ bind/9. 11.6/RELEASE- NOTES-bind- 9.11.6. html /ftp-master. debian. org/new/ bind9_1: 9.11.6+ dfsg-1. html /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 923984 √
- https:/
- CVE-2018-5740 √
- CVE-2018-5738 √
- CVE-2018-5745 √
- CVE-2018-5744 √
- CVE-2019-6465 √
- https:/
- https:/
9.11.7: /ftp.isc. org/isc/ bind/9. 11.7/RELEASE- NOTES-bind- 9.11.7. html
- https:/
- Fixes CVE-2018-5743 √
Debian's CVE status is here: /security- tracker. debian. org/tracker/ source- package/ bind9
- https:/
* We're missing one CVE, that is provided in the latest upstream bind9: /ftp.isc. org/isc/ bind/9. 11.8/RELEASE- NOTES-bind- 9.11.8. html /gitlab. isc.org/ isc-projects/ bind9/commit/ 7dfef18b05bd5cc d5b17f841212caf 152b16c7d3
9.11.8:
- https:/
- https:/
- Fixes CVE-2019-6471
Aside from CVEs, I didn't look at what else is changed in the newer upstream versions, but .7 and .8 look fairly minor, and Debian has probably cherrypicked all the valuables from .6.
So, apart from the one outstanding CVE (which might be nice to include but perhaps ok to leave for followup), the package looks good, so I'll give it my +1.