lp:ubuntu/natty-updates/bind9
- Get this branch:
- bzr branch lp:ubuntu/natty-updates/bind9
Branch merges
Branch information
Recent revisions
- 44. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via specific combinations of RDATA
- bin/named/query.c: fix logic
- Patch backported from 9.8.3-P4
- CVE-2012-5166 - 43. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via large crafted resource record
- check length in lib/dns/include/ dns/rdata. h,
lib/dns/{master, rdata,rdataslab }.c.
- Patch backported from 9.7.6-P3
- CVE-2012-4244 - 42. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via dnssec validation load
- lib/dns/resolver.c: don't use bad->expire before it has been set.
- Patch backported from 9.7.6-P2.
- CVE-2012-3817 - 41. By Marc Deslauriers
-
* SECURITY UPDATE: ghost domain names attack
- lib/dns/rbtdb.c: Restrict the TTL of NS RRset to no more than that
of the old NS RRset when replacing it.
- Patch backported from 9.7.5.
- CVE-2012-1033
* SECURITY UPDATE: denial of service via zero length rdata handling
- lib/dns/rdata.c, lib/dns/ rdataslab. c: use sentinel pointer for
duplicate rdata.
- Patch backported from 9.7.6-P1.
- CVE-2012-1667 - 40. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via specially crafted packet
- bin/named/query.c, lib/dns/ rbtdb.c: correctly handle cache lookups
that return RRSIG data associated with nonexistent records.
- Patch backported from 9.7.4-P1.
- CVE-2011-4313 - 39. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via specially crafted packet
- lib/dns/include/ dns/rdataset. h, lib/dns/ {masterdump, message, ncache,
nsec3,rbtdb,rdataset, resolver, validator} .c: Use an rdataset attribute
flag to indicate negative-cache records rather than using rrtype 0.
- Patch backported from 9.7.3-P3.
- CVE-2011-2464 - 38. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via off-by-one
- lib/dns/ncache.c: correctly validate length.
- Patch backported from 9.7.3-P1.
- CVE-2011-1910 - 37. By Marc Deslauriers
-
debian/rules, configure, contrib/
dlz/config. dlz.in: use
DEB_HOST_MULTIARCH so we can find multiarch libraries and fix FTBFS.
(LP: #745642) - 36. By Michael Vogt
-
* debian/
bind9-default. md5sum:
- updated to reflect the default md5sum in maverick and natty, this
avoids a bogus /etc/default/bind9.dpkg- dist file
(LP: #556332) - 35. By LaMont Jones
-
[Peter Palfrader]
* Add db-4.6 to bdb_libnames in dlz/config.dlz.in so that it finds the right
db.[Internet Systems Consortium, Inc]
* 9.7.3 - Closes: #612287
[Mahyuddin Susanto]
* Updated Indonesian debconf templates. Closes: #608559
[LaMont Jones]
* soname changes
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/oneiric/bind9