ubuntu/+source/bind9:ubuntu/trusty-proposed

Last commit made on 2017-02-03
Get this branch:
git clone -b ubuntu/trusty-proposed https://git.launchpad.net/ubuntu/+source/bind9
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/trusty-proposed
Repository:
lp:ubuntu/+source/bind9

Recent commits

31c49d9... by LaMont Jones on 2017-02-03

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.12 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: d20e8b51a77de15dc3b51937b4bee528da491ad3

New changelog entries:
  * Backport (70_precise_mtime.diff) 18b87b2a58d422fe4d3073540bf89b5a812ed2e5
    to trusty. LP: #1553176

d20e8b5... by Marc Deslauriers on 2017-01-09

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: e3d6a3ad185d0eb3d6a23f6a10c473ad22c9d1c3

New changelog entries:
  * SECURITY UPDATE: assertion failure via class mismatch
    - lib/dns/resolver.c: properly handle certain TKEY records.
    - CVE-2016-9131
  * SECURITY UPDATE: assertion failure via inconsistent DNSSEC information
    - lib/dns/resolver.c: fix logic when records are returned without the
      requested data.
    - CVE-2016-9147
  * SECURITY UPDATE: assertion failure via unusually-formed DS record
    - lib/dns/message.c, lib/dns/resolver.c: handle missing RRSIGs.
    - CVE-2016-9444
  * SECURITY UPDATE: regression in CVE-2016-8864
    - lib/dns/resolver.c: properly handle CNAME -> DNAME in responses,
      added tests to bin/tests/system/dname/ns2/example.db,
      bin/tests/system/dname/tests.sh.
    - No CVE number

e3d6a3a... by Marc Deslauriers on 2016-10-31

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.10 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: ef2709cf1c7da6fd5a5a7aed482398dd98ee3f23

New changelog entries:
  * SECURITY UPDATE: denial of service via responses containing a DNAME
    answer
    - lib/dns/resolver.c: remove assertion failure.
    - patch backported from 9.9.9-P4.
    - CVE-2016-8864

ef2709c... by Marc Deslauriers on 2016-09-26

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.9 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 0df1649508a11635fb236697212dc66db31b76e1

New changelog entries:
  * SECURITY UPDATE: denial of service via assertion failure
    - lib/dns/message.c: properly handle lengths.
    - backported from patch provided by upstream.
    - CVE-2016-2776

0df1649... by Marc Deslauriers on 2016-03-08

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.8 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2bb043c45aa1a361cf7068b3f2eb6e870993303b

New changelog entries:
  * SECURITY UPDATE: denial of service via rndc control channel input
    parsing error
    - properly check data in bin/named/control.c, bin/named/controlconf.c,
      bin/rndc/rndc.c, lib/isccc/cc.c.
    - CVE-2016-1285
  * SECURITY UPDATE: denial of service via resource record signatures
    parsing issue
    - fix improper DNAME handling in lib/dns/resolver.c.
    - CVE-2016-1286

2bb043c... by Marc Deslauriers on 2016-01-18

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.7 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: a3cc8768b33718c833c56927360236a693e6db36

New changelog entries:
  * SECURITY UPDATE: denial of service via string formatting operations
    - lib/dns/rdata/in_1/apl_42.c: use correct length.
    - CVE-2015-8704

a3cc876... by Marc Deslauriers on 2015-12-14

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.6 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 52cfe95cf4e9763f92f0095e63d734550687972f

New changelog entries:
  * SECURITY UPDATE: REQUIRE failure via incorrect class
    - properly handle class in lib/dns/include/dns/message.h,
      lib/dns/message.c, lib/dns/resolver.c, lib/dns/xfrin.c.
    - CVE-2015-8000

52cfe95... by Marc Deslauriers on 2015-09-01

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 8ea78144e7556986f5e5dd9e45199a5b999acbca

New changelog entries:
  * SECURITY UPDATE: denial of service in DNSSEC-signed record validation
    via malformed keys
    - fix validation inlib/dns/hmac_link.c, lib/dns/include/dst/dst.h,
      lib/dns/ncache.c, lib/dns/openssldh_link.c,
      lib/dns/openssldsa_link.c, lib/dns/opensslecdsa_link.c,
      lib/dns/opensslrsa_link.c, lib/dns/resolver.c.
    - CVE-2015-5722

8ea7814... by Marc Deslauriers on 2015-07-27

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.4 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 1f35bfe54652673609184a6cc4c52a1c4051e174

New changelog entries:
  * SECURITY UPDATE: denial of service in TKEY record query handling
    - lib/dns/tkey.c: clear out name before trying the answer section.
    - CVE-2015-5477

1f35bfe... by Marc Deslauriers on 2015-06-29

Import patches-unapplied version 1:9.9.5.dfsg-3ubuntu0.3 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 035405f3fad929231b6740fe588ebc697ed33a91

New changelog entries:
  * SECURITY UPDATE: resolver DoS via specially crafted zone data
    - lib/dns/validator.c: don't use uninitialized fixedname.
    - CVE-2015-4620