ubuntu/+source/bind9:ubuntu/zesty-proposed

Last commit made on 2017-11-08
Get this branch:
git clone -b ubuntu/zesty-proposed https://git.launchpad.net/ubuntu/+source/bind9
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/zesty-proposed
Repository:
lp:ubuntu/+source/bind9

Recent commits

7b7876a... by Andreas Hasenack on 2017-11-06

Import patches-unapplied version 1:9.10.3.dfsg.P4-10.1ubuntu5.3 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 19176b37b351392a87269486339b0e51a8d63d77
Upload parent: fc5d52626a3b568011dd9f9220da5cc6d2d99154

New changelog entries:
  * d/bind9.service: source the defaults file and start the daemon with the
    options set there (LP: #1565060).

fc5d526... by Andreas Hasenack on 2017-11-06

changelog

3ce981f... by Andreas Hasenack on 2017-11-06

  * d/bind9.service: source the defaults file and start the daemon with the
    options set there (LP: #1565060).

19176b3... by Marc Deslauriers on 2017-09-15

Import patches-unapplied version 1:9.10.3.dfsg.P4-10.1ubuntu5.2 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 8d068071ee6829d92c48dfbd6377785e867140d9

New changelog entries:
  * SECURITY REGRESSION: regression in last security update
    - debian/patches/CVE-2017-3142-regression.patch: fix verification of
      TSIG signed TCP message sequences where not all the messages contain
      TSIG records in lib/dns/tsig.c, aded test to
      lib/dns/tests/Makefile.in, lib/dns/tests/tsig_test.c.
  * debian/patches/update_keys.patch: Update the built in managed keys to
    include the upcoming root KSK in bind.keys, bind.keys.h.

55d7e1f... by Marc Deslauriers on 2017-09-15

Import patches-unapplied version 1:9.10.3.dfsg.P4-10.1ubuntu5.2 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 7fd571f4b8b38be7dd1791109c9495228a4fcf1b

New changelog entries:
  * SECURITY REGRESSION: regression in last security update
    - debian/patches/CVE-2017-3142-regression.patch: fix verification of
      TSIG signed TCP message sequences where not all the messages contain
      TSIG records in lib/dns/tsig.c, aded test to
      lib/dns/tests/Makefile.in, lib/dns/tests/tsig_test.c.
  * debian/patches/update_keys.patch: Update the built in managed keys to
    include the upcoming root KSK in bind.keys, bind.keys.h.

8d06807... by Marc Deslauriers on 2017-06-29

Import patches-unapplied version 1:9.10.3.dfsg.P4-10.1ubuntu5.1 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: f6ee8249d2a50858ecb1e1c6a9017baef158eb47

New changelog entries:
  * SECURITY UPDATE: TSIG authentication issues
    - debian/patches/CVE-2017-3042,3043.patch: fix TSIG logic in
      lib/dns/dnssec.c, lib/dns/message.c, lib/dns/tsig.c.
    - CVE-2017-3142
    - CVE-2017-3143

7fd571f... by Marc Deslauriers on 2017-06-29

Import patches-unapplied version 1:9.10.3.dfsg.P4-10.1ubuntu5.1 to ubuntu/zesty-security

Imported using git-ubuntu import.

Publish parent: 382083a78eee25afb1c541be03edb3aa9eb42021

New changelog entries:
  * SECURITY UPDATE: TSIG authentication issues
    - debian/patches/CVE-2017-3042,3043.patch: fix TSIG logic in
      lib/dns/dnssec.c, lib/dns/message.c, lib/dns/tsig.c.
    - CVE-2017-3142
    - CVE-2017-3143

f6ee824... by Steve Beattie on 2017-04-12

Import patches-unapplied version 1:9.10.3.dfsg.P4-10.1ubuntu5 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 4d3ea26ed3665844bd09c6ea01dd01c2c3823a70

New changelog entries:
  * SECURITY UPDATE: Denial of Service due to an error handling
    synthesized records when using DNS64 with "break-dnssec yes;"
    - debian/patches/CVE-2017-3136.patch: reset noqname if query_dns64()
      called.
    - CVE-2017-3136
  * SECURITY UPDATE: Denial of Service due to resolver terminating when
    processing a response packet containing a CNAME or DNAME
    - debian/patches/CVE-2017-3137.patch: don't expect a specific
      ordering of answer components; add testcases.
    - CVE-2017-3137
  * SECURITY UPDATE: Denial of Service when receiving a null command on
    the control channel
    - debian/patches/CVE-2017-3138.patch: don't throw an assert if no
      command token is given; add testcase.
    - CVE-2017-3138

382083a... by Steve Beattie on 2017-04-12

Import patches-unapplied version 1:9.10.3.dfsg.P4-10.1ubuntu5 to ubuntu/zesty-security

Imported using usd-importer.

Publish parent: aa443b07e7faaf45d13e6087fd0a6cb6548a526b

New changelog entries:
  * SECURITY UPDATE: Denial of Service due to an error handling
    synthesized records when using DNS64 with "break-dnssec yes;"
    - debian/patches/CVE-2017-3136.patch: reset noqname if query_dns64()
      called.
    - CVE-2017-3136
  * SECURITY UPDATE: Denial of Service due to resolver terminating when
    processing a response packet containing a CNAME or DNAME
    - debian/patches/CVE-2017-3137.patch: don't expect a specific
      ordering of answer components; add testcases.
    - CVE-2017-3137
  * SECURITY UPDATE: Denial of Service when receiving a null command on
    the control channel
    - debian/patches/CVE-2017-3138.patch: don't throw an assert if no
      command token is given; add testcase.
    - CVE-2017-3138

aa443b0... by Marc Deslauriers on 2017-02-15

Import patches-unapplied version 1:9.10.3.dfsg.P4-10.1ubuntu4 to ubuntu/zesty

Imported using usd-importer.

Publish parent: 854a8046e410832d4f86e2a395ffa7752f6410e4
Changelog parent: 3d6dcebf8f0c421361cb839eefad7a2370ba996d