ubuntu/+source/bind9:applied/ubuntu/dapper-updates

Last commit made on 2010-12-01
Get this branch:
git clone -b applied/ubuntu/dapper-updates https://git.launchpad.net/ubuntu/+source/bind9
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/dapper-updates
Repository:
lp:ubuntu/+source/bind9

Recent commits

a0adcae... by Marc Deslauriers on 2010-11-26

Import patches-applied version 1:9.3.2-2ubuntu1.12 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 903a65793458f345b37d789a1bdb3bc7b62f5417
Unapplied parent: 1413ed8e3f0e148fb706f5914e19ae9f45bc7ed5

New changelog entries:
  * SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
    same type
    - lib/dns/rbtdb.c: properly mark existing RRSIG records as stale. Also
      required backport of change #1997.
    - CVE-2010-3613
  * SECURITY UPDATE: answers incorrectly marked as insecure during key
    algorithm rollover
    - lib/dns/include/dns/types.h, lib/dns/validator.c: improve logic.
    - CVE-2010-3614

1413ed8... by Marc Deslauriers on 2010-11-26

Import patches-unapplied version 1:9.3.2-2ubuntu1.12 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 5ae57cea65b70c4908b0e5fe951acaba7409e6da

New changelog entries:
  * SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
    same type
    - lib/dns/rbtdb.c: properly mark existing RRSIG records as stale. Also
      required backport of change #1997.
    - CVE-2010-3613
  * SECURITY UPDATE: answers incorrectly marked as insecure during key
    algorithm rollover
    - lib/dns/include/dns/types.h, lib/dns/validator.c: improve logic.
    - CVE-2010-3614

903a657... by Marc Deslauriers on 2010-01-20

Import patches-applied version 1:9.3.2-2ubuntu1.11 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 65dd2adce385d856d744f81c1bfb4a28b4c25c9c
Unapplied parent: 5ae57cea65b70c4908b0e5fe951acaba7409e6da

New changelog entries:
  * SECURITY UPDATE: incorrect cache update from additional section
    - bin/named/query.c, lib/dns/include/dns/types.h,
      lib/dns/{resolver.c,validator.c}: further fixes backported from
      9.4.3-P5
    - CVE-2009-4022
  * SECURITY UPDATE: incorrect caching of bogus NXDOMAIN responses
    - bin/named/query.c, lib/dns/include/dns/types.h,
      lib/dns/{resolver.c,validator.c}: fixes backported from 9.4.3-P5
    - CVE-2010-0097

5ae57ce... by Marc Deslauriers on 2010-01-20

Import patches-unapplied version 1:9.3.2-2ubuntu1.11 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: b269b2fc517d7cb86cc412598ac22523c3cda5da

New changelog entries:
  * SECURITY UPDATE: incorrect cache update from additional section
    - bin/named/query.c, lib/dns/include/dns/types.h,
      lib/dns/{resolver.c,validator.c}: further fixes backported from
      9.4.3-P5
    - CVE-2009-4022
  * SECURITY UPDATE: incorrect caching of bogus NXDOMAIN responses
    - bin/named/query.c, lib/dns/include/dns/types.h,
      lib/dns/{resolver.c,validator.c}: fixes backported from 9.4.3-P5
    - CVE-2010-0097

65dd2ad... by Marc Deslauriers on 2009-12-04

Import patches-applied version 1:9.3.2-2ubuntu1.9 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 57db58a8fe8bf26caeaf594f5dda0cc47632701c
Unapplied parent: b269b2fc517d7cb86cc412598ac22523c3cda5da

New changelog entries:
  * SECURITY UPDATE: incorrect cache update from additional section
    - bin/named/query.c, lib/dns/{include/dns/types.h,masterdump.c,
      rbtdb.c,resolver.c,validator.c}: handle the additional section
      properly. lib/dns/api, version: increment versions.
    - debian/*: increment to libdns23, add libdns21 metapackage so
      upgrade-manager won't hold the bind9 upgrade back.
    - CVE-2009-4022

b269b2f... by Marc Deslauriers on 2009-12-04

Import patches-unapplied version 1:9.3.2-2ubuntu1.9 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 269ab0c6d12068028b45431cf386d120891293f7

New changelog entries:
  * SECURITY UPDATE: incorrect cache update from additional section
    - bin/named/query.c, lib/dns/{include/dns/types.h,masterdump.c,
      rbtdb.c,resolver.c,validator.c}: handle the additional section
      properly. lib/dns/api, version: increment versions.
    - debian/*: increment to libdns23, add libdns21 metapackage so
      upgrade-manager won't hold the bind9 upgrade back.
    - CVE-2009-4022

57db58a... by Kees Cook on 2009-07-29

Import patches-applied version 1:9.3.2-2ubuntu1.7 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 7f1e47cb6c2ff3206b836864aa9af2ca46cc6d37
Unapplied parent: 269ab0c6d12068028b45431cf386d120891293f7

New changelog entries:
  * SECURITY UPDATE: server can exit on malicious update packet.
    - bin/named/update.c: backported upstream fix.
    - CVE-2009-0696

269ab0c... by Kees Cook on 2009-07-29

Import patches-unapplied version 1:9.3.2-2ubuntu1.7 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: b9ac6be4d7e9186a8676b84e996ab13d181dcb19

New changelog entries:
  * SECURITY UPDATE: server can exit on malicious update packet.
    - bin/named/update.c: backported upstream fix.
    - CVE-2009-0696

7f1e47c... by Jamie Strandboge on 2009-01-07

Import patches-applied version 1:9.3.2-2ubuntu1.6 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 177cd9d268c5e9fed213818ec9226b25a3fdcbf3
Unapplied parent: b9ac6be4d7e9186a8676b84e996ab13d181dcb19

New changelog entries:
  * SECURITY UPDATE: clients treat malformed signatures as good when verifying
    server DSA and ECDSA certificates.
    - update lib/dns/openssldsa_link.c to properly check the return code of
      DSA_do_verify()
    - CVE-2009-0025

b9ac6be... by Jamie Strandboge on 2009-01-07

Import patches-unapplied version 1:9.3.2-2ubuntu1.6 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: b721ff2dd3eb39e8ff11d7258bfe061da890f4f8

New changelog entries:
  * SECURITY UPDATE: clients treat malformed signatures as good when verifying
    server DSA and ECDSA certificates.
    - update lib/dns/openssldsa_link.c to properly check the return code of
      DSA_do_verify()
    - CVE-2009-0025