ubuntu/+source/bind9:ubuntu/maverick-security

Last commit made on 2011-11-16
Get this branch:
git clone -b ubuntu/maverick-security https://git.launchpad.net/ubuntu/+source/bind9
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/maverick-security
Repository:
lp:ubuntu/+source/bind9

Recent commits

f33f28c... by Marc Deslauriers on 2011-11-16

Import patches-unapplied version 1:9.7.1.dfsg.P2-2ubuntu0.5 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 0c1d7ed7674ae44e935e2ed771b5332178dd0a52

New changelog entries:
  * SECURITY UPDATE: denial of service via specially crafted packet
    - debian/patches/CVE-2011-4313.patch: correctly handle cache lookups
      that return RRSIG data associated with nonexistent records in
      bin/named/query.c,lib/dns/rbtdb.c.
    - CVE-2011-4313

0c1d7ed... by Marc Deslauriers on 2011-07-05

Import patches-unapplied version 1:9.7.1.dfsg.P2-2ubuntu0.4 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 76763b85869b44aa77412dc09ada0f548c0cd46b

New changelog entries:
  * SECURITY UPDATE: denial of service via specially crafted packet
    - debian/patches/CVE-2011-2464.patch: Use an rdataset attribute flag to
      indicate negative-cache records rather than using rrtype 0 in
      lib/dns/include/dns/rdataset.h, lib/dns/{masterdump,message,ncache,
      nsec3,rbtdb,rdataset,resolver,validator}.c.
    - CVE-2011-2464

76763b8... by Marc Deslauriers on 2011-05-27

Import patches-unapplied version 1:9.7.1.dfsg.P2-2ubuntu0.3 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: b95021235d36f59e4170eb7abb6f75a2b4595129

New changelog entries:
  * SECURITY UPDATE: denial of service via off-by-one
    - debian/patches/CVE-2011-1910.patch: correctly validate length in
      lib/dns/ncache.c.
    - CVE-2011-1910

b950212... by Marc Deslauriers on 2011-02-23

Import patches-unapplied version 1:9.7.1.dfsg.P2-2ubuntu0.2 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 5ce428b445bf16edfbfae3dfffd10fbb00a57ad5

New changelog entries:
  * SECURITY UPDATE: denial of service via IXFR or DDNS update
    - debian/patches/CVE-2011-0414.patch: Use correct lock in
      lib/dns/rbtdb.c.
    - CVE-2011-0414

5ce428b... by Marc Deslauriers on 2010-11-30

Import patches-unapplied version 1:9.7.1.dfsg.P2-2ubuntu0.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 44a622d64abd3e9a51149737defb3ca92230aaca

New changelog entries:
  * SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
    same type
    - debian/patches/CVE-2010-3613-3614.patch: properly mark existing RRSIG
      records as stale in lib/dns/rbtdb.c. Added tests to
      bin/tests/system/resolver/*.
    - CVE-2010-3613
  * SECURITY UPDATE: answers incorrectly marked as insecure during key
    algorithm rollover
    - debian/patches/CVE-2010-3613-3614.patch: improve logic in
      lib/dns/validator.c. Added tests to bin/tests/system/dnssec/*.
    - CVE-2010-3614

44a622d... by LaMont Jones on 2010-07-16

Import patches-unapplied version 1:9.7.1.dfsg.P2-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c24c6d6052e59383332431683710231d9e82588a

New changelog entries:
  * Correct conflicts for bind9-host

c24c6d6... by LaMont Jones on 2010-07-15

Import patches-unapplied version 1:9.7.1.dfsg.P2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 84d7ad771ef9620317f4977141fe97cadb0eb267

New changelog entries:
  [Internet Software Consortium, Inc]
  * Temporarily and partially disable change 2864 because it would cause
    inifinite attempts of RRSIG queries. This is an urgent care fix; we'll
    revisit the issue and complete the fix later. [RT #21710]
  * Temporarially rollback change 2748. [RT #21594]
  * Named failed to accept uncachable negative responses from insecure zones.
    [RT# 21555]
  [LaMont Jones]
  * freshen copyright file
  * Repack to drop zkt/doc/{draft,rfc}* Closes: #588055

84d7ad7... by LaMont Jones on 2010-07-02

Import patches-unapplied version 1:9.7.1.dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6883fb1b35d108a42e6acc97c32833771e3c1819

New changelog entries:
  [Regid Ichira]
  * explicitly add nsupdate to dynamic updates in README.Debian.
    Closes: #577398
  [LaMont Jones]
  * Cleanup bind9-host description. Closes: #579421
  * switch to 3.0 (quilt) source format, but not to quilt. Closes: #578210
  [Stephen Gran]
  * updated geoip patch for ipv6, based on work by John 'Warthog9' Hawley
    <email address hidden>. Closes: #584603

6883fb1... by LaMont Jones on 2010-06-21

Import patches-unapplied version 1:9.7.1.dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 99dea2ca29a9efd6dff877525f72c5ce756e3da4

New changelog entries:
  [Internet Software Consortium, Inc]
  * 9.7.1
  [LaMont Jones]
  * Add freebsd support. Closes: #578447
  * soname changes
  * freshen root cache. LP: #596363

99dea2c... by LaMont Jones on 2010-03-17

Import patches-unapplied version 1:9.7.0.dfsg.P1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f0e5baff0e8546497610899d6d9dee646af38e0a

New changelog entries:
  [Internet Software Consortium, Inc]
  * 9.7.0-P1
    - 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619]