-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 12 Feb 2024 17:25:59 +0100
Source: bind9
Architecture: source
Version: 1:9.16.48-1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian DNS Team <team+dns@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
bind9 (1:9.16.48-1) bullseye-security; urgency=high
.
* New upstream version 9.16.48
- CVE-2023-4408: Parsing large DNS messages may cause excessive CPU
load
- CVE-2023-5517: Querying RFC 1918 reverse zones may cause an assertion
failure when "nxdomain-redirect" is enabled
- CVE-2023-5679: Enabling both DNS64 and serve-stale may cause an
assertion failure during recursive resolution
- CVE-2023-6516: Specific recursive query patterns may lead to an
out-of-memory condition
- CVE-2023-50387: KeyTrap - Extreme CPU consumption in DNSSEC validator
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof can exhaust
CPU resources
* Update patches from debian/9.16 branch
- Disable treat-warnings-as-errors in sphinx-build
- Remove the reference to OPTIONS.md - it breaks build on Debian
stretch
Checksums-Sha1:
8e8e930160aca78dca05a3ba67a692e71e01cbdb 2990 bind9_9.16.48-1.dsc
248cd09553365f80ab8398e9ada7a6f9d46b7dce 5131176 bind9_9.16.48.orig.tar.xz
ff9c4bbaf956e3d96a589a7ce64fd91566a494af 58548 bind9_9.16.48-1.debian.tar.xz
97404e0e1accd34fbde2c7b6027fd5a2aac88858 14998 bind9_9.16.48-1_amd64.buildinfo
Checksums-Sha256:
8ba9866a778200d102516ef13b3551c88decbc92749a7b79d69a9f509a2267a9 2990 bind9_9.16.48-1.dsc
8d3814582348f90dead1ad410b1019094cd399d3d83930abebb2b3b1eb0b2bbb 5131176 bind9_9.16.48.orig.tar.xz
f9eab8ceebc70e0c4c21e89559119991df0b82f591e7e4b76e4eabcfc32e8725 58548 bind9_9.16.48-1.debian.tar.xz
0023aafd3ee00bae5c54529db561630bddba1327558baf0d5ab8b5b8a9a5d256 14998 bind9_9.16.48-1_amd64.buildinfo
Files:
ae104dc9fc00f82dca94731c41f0af19 2990 net optional bind9_9.16.48-1.dsc
c1872fb63248b757fe73b6a3cfcad601 5131176 net optional bind9_9.16.48.orig.tar.xz
cd2c35ce032b2b2cdff50b5e0f73caf4 58548 net optional bind9_9.16.48-1.debian.tar.xz
5d7e60b47e2dc8533131f6b7f4fdd62c 14998 net optional bind9_9.16.48-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmXKS7lfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcKk7A//ep0hoWK8b23Zr2XhZe3BjsiFIJ97THU0jcqwFh88kFc+fuWO0TSSYa0g
GNZE9pKso1eHLLLaiKfM4/V7suoCOpudlHb0CW1kiga+OMX1CF+R+KjGEjhEyEFS
X1OyIs9bQXxB2SH/dkqsB2gc8h1QKdgC+Qbn+vMki/hbkcLWC2tls8hTHdpHyfOh
e9oowdbmKwjQXpOkeHM8XglXPdFXALfCBfjIQgwS1XgiVqxiosNBJ764a73y5rnh
YnYg2PWw2XG/ONKj8Nj89LkY9ib8IB5cKkXmC0x0B2BBMnknpg4qlsi0sgOSFGMh
r+FQ6ALyOmOsQP1OKsWxK59DbYEyJz0D79EakX5x3OKgUkoyxyNJyHzYBlGqB470
Rx5nKMn8k79od9BJB33oK0DKW1pDrShpaC6J+4ezewZF/0iSab9dOMhM41PyRS17
LW4tzAv7SUxKSYPWPEBKRWn/m+kfvmOf/AFDdNwre8Pr0lpbXfzHswcdxwCpr/ml
dX5lKT2dGH5EwHK8ga4rIhCRm8+mivRNpVcZWEFMnL5evb9eFK9TAEhGGvGGsxbA
rzCbZb4fA4o5EhGA5pXgecTwnKssz3pAGjqcQbdNme86vwvLePuZZsTeUEvaua/U
qove/q2y319h8++gAO1JbbXNIm5ppj6H7E7hGNThYXqCV+pDWEE=
=FsTc
-----END PGP SIGNATURE-----
Attachment:
pgpGq9QDws0lJ.pgp
Description: PGP signature