lp:ubuntu/jaunty-security/bind9
- Get this branch:
- bzr branch lp:ubuntu/jaunty-security/bind9
Branch merges
Branch information
Recent revisions
- 42. By Marc Deslauriers
-
* SECURITY UPDATE: incorrect cache update from additional section
- bin/named/query.c, lib/dns/include/ dns/{db. h,types. h},
lib/dns/{rbtdb. c,resolver. c,validator. c}: further fixes backported
from 9.5.2-P2
- CVE-2009-4022
* SECURITY UPDATE: incorrect caching of bogus NXDOMAIN responses
- bin/named/query.c, lib/dns/include/ dns/{db. h,types. h},
lib/dns/{rbtdb. c,resolver. c,validator. c}: fixes backported from
9.5.2-P2
- CVE-2010-0097 - 41. By Marc Deslauriers
-
* SECURITY UPDATE: incorrect cache update from additional section
- bin/named/query.c, lib/dns/{include/ dns/types. h,masterdump. c,
rbtdb.c,resolver. c,validator. c}: handle the additional section
properly. lib/dns/api, version: increment versions.
- debian/*: increment to libdns46, add libdns45 metapackage so
upgrade-manager won't hold the bind9 upgrade back.
- CVE-2009-4022 - 40. By Kees Cook
-
* SECURITY UPDATE: server can exit on malicious update packet.
- bin/named/update.c: backported upstream fix.
- CVE-2009-0696 - 39. By LaMont Jones
-
[Internet Software Consortium, Inc]
* 9.5.1-P2
- DNSSEC lookaside validation failed to handle unknown algorithms. [RT #19479][LaMont Jones]
* meta: fix override disparity
[Sven Joachim]
* meta: pass host and build into configure for hybrid build machines.
Closes: #515110 - 38. By LaMont Jones
-
* New upstream patch release
- supportable version of fix from 9.5.0.dfsg.P2-5.1
- CVE-2009-0025: Closes: #511936
- 2475: Overly agressive cache entry removal. Closes: #511768
- other bug fixes worthy of patch-release inclusion - 37. By Jamie Strandboge
-
* SECURITY UPDATE: clients treat malformed signatures as good when verifying
server DSA and ECDSA certificates.
- update lib/dns/openssldsa_ link.c to properly check the return code of
DSA_do_verify()
- CVE-2009-0025 - 36. By LaMont Jones
-
[ISC]
* 2463: IPv6 Advanced Socket API broken on linux. LP: #249824
[Jamie Strandboge]
* apparmor: add capability sys_resource
* apparmor: add krb keytab access. LP: #277370[LaMont Jones]
* apparmor: allow proc/*/net/if_inet6 read access too. LP: #289060
* apparmor: add /var/log/named/* entries. LP: #294935[Ben Hutchings]
* meta: Add dependency of bind9 on net-tools (ifconfig used in init script)
* meta: Fix bind9utils Depends.
* meta: fix typo in package description[localization folks]
* l10n: add polish debconf translations. Closes: #506856 (L)
- 34. By Nicolas Valcarcel
-
* Add ufw integration:
- Created debian/bind9.ufw. profile
- debian/rules:
+ install profile
- debian/control
+ Suggest ufw
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/bind9