ubuntu/+source/bind9:applied/ubuntu/edgy-updates

Last commit made on 2008-01-11
Get this branch:
git clone -b applied/ubuntu/edgy-updates https://git.launchpad.net/ubuntu/+source/bind9
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/edgy-updates
Repository:
lp:ubuntu/+source/bind9

Recent commits

c77fa9d... by Soren Hansen on 2008-01-11

Import patches-applied version 1:9.3.2-2ubuntu3.3 to applied/ubuntu/edgy-proposed

Imported using git-ubuntu import.

Changelog parent: 8e0321087aa53d05debdaa69a4588f9376f36bb4
Unapplied parent: ce2faba9dc51ffacb24302166054808867c048e5

New changelog entries:
  * l.root-servers.net. got a new IP. (LP #160176)

ce2faba... by Soren Hansen on 2008-01-11

Import patches-unapplied version 1:9.3.2-2ubuntu3.3 to ubuntu/edgy-proposed

Imported using git-ubuntu import.

Changelog parent: cac5cdb2dc8f75106a4f1b0a26ee545537c84007

New changelog entries:
  * l.root-servers.net. got a new IP. (LP #160176)

8e03210... by Kees Cook on 2007-07-24

Import patches-applied version 1:9.3.2-2ubuntu3.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: d327bee0fc01efe40e9ba4f5cea39b61686cae2a
Unapplied parent: cac5cdb2dc8f75106a4f1b0a26ee545537c84007

New changelog entries:
  * SECURITY UPDATE: query responses could be forged remotely.
  * bin/named/client.c, lib/dispatch.c, lib/include/dispatch.h:
    upstream fixes back ported.
  * References
    CVE-2007-2926

cac5cdb... by Kees Cook on 2007-07-24

Import patches-unapplied version 1:9.3.2-2ubuntu3.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: b06721f35cf5c7d34efa37f0f5fa4a8c9283087c

New changelog entries:
  * SECURITY UPDATE: query responses could be forged remotely.
  * bin/named/client.c, lib/dispatch.c, lib/include/dispatch.h:
    upstream fixes back ported.
  * References
    CVE-2007-2926

d327bee... by Kees Cook on 2007-01-25

Import patches-applied version 1:9.3.2-2ubuntu3.1 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 3bffa7ac1e43343d08861f28234b37da7f2e8a95
Unapplied parent: b06721f35cf5c7d34efa37f0f5fa4a8c9283087c

New changelog entries:
  * SECURITY UPDATE: remote denial of service.
  * lib/dns/include/dns/validator.h, lib/dns/{validator,resolver}.c,
    lib/dns/api: fixes taken from upstream changes between bind 9.3.3 and
    9.3.4, applied inline.
  * References
    CVE-2007-0493 CVE-2007-0494

b06721f... by Kees Cook on 2007-01-25

Import patches-unapplied version 1:9.3.2-2ubuntu3.1 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 88a601502e2f81b386a3882ac1257a51a48fcb7a

New changelog entries:
  * SECURITY UPDATE: remote denial of service.
  * lib/dns/include/dns/validator.h, lib/dns/{validator,resolver}.c,
    lib/dns/api: fixes taken from upstream changes between bind 9.3.3 and
    9.3.4, applied inline.
  * References
    CVE-2007-0493 CVE-2007-0494

3bffa7a... by Kees Cook on 2006-09-28

Import patches-applied version 1:9.3.2-2ubuntu3 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: bcb60a1ccdb5520168ed7ff8d18f90385a56653e
Unapplied parent: 88a601502e2f81b386a3882ac1257a51a48fcb7a

New changelog entries:
  * SECURITY UPDATE: name servers accessible from the Internet could be
    used as an amplifier in DDoS attacks against other networks.
  * debian/named.conf.options: allow recursion only on localnets. This
    matches the default configuration of listening on all interfaces, and
    gives a reasonable balance between allowing local recursion, and
    protecting the server from being used in a DDoS attack.
  * References
    CVE-2006-0987
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=248899

88a6015... by Kees Cook on 2006-09-28

Import patches-unapplied version 1:9.3.2-2ubuntu3 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 025ef1a0a62f95a73eaeb9e3983fa98185fd38f0

New changelog entries:
  * SECURITY UPDATE: name servers accessible from the Internet could be
    used as an amplifier in DDoS attacks against other networks.
  * debian/named.conf.options: allow recursion only on localnets. This
    matches the default configuration of listening on all interfaces, and
    gives a reasonable balance between allowing local recursion, and
    protecting the server from being used in a DDoS attack.
  * References
    CVE-2006-0987
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=248899

bcb60a1... by Martin Pitt on 2006-09-07

Import patches-applied version 1:9.3.2-2ubuntu2 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 9d347ca7d39b9fca77285e0445b89de0665bb8dd
Unapplied parent: 025ef1a0a62f95a73eaeb9e3983fa98185fd38f0

New changelog entries:
  * SECURITY UPDATE:
  * bin/named/query.c, lib/dns/resolver.c: Apply upstream patch from 9.3.2-P1
    to fix the following flaws:
    - A remote user (DNS server) can send specially crafted RRset responses in
      return to a recursive SIG query to cause the requesting named service to
      crash [CVE-2006-4095].
    - A remote user can also send specially crafted queries to trigger an
      INSIST failure and cause the requesting service(s) to crash
      [CVE-2006-4096].

025ef1a... by Martin Pitt on 2006-09-07

Import patches-unapplied version 1:9.3.2-2ubuntu2 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 796403a9a7f5d778f4b0b7cabed56fc15859b94d

New changelog entries:
  * SECURITY UPDATE:
  * bin/named/query.c, lib/dns/resolver.c: Apply upstream patch from 9.3.2-P1
    to fix the following flaws:
    - A remote user (DNS server) can send specially crafted RRset responses in
      return to a recursive SIG query to cause the requesting named service to
      crash [CVE-2006-4095].
    - A remote user can also send specially crafted queries to trigger an
      INSIST failure and cause the requesting service(s) to crash
      [CVE-2006-4096].