Accepted bind9 1:9.18.16-1~deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted bind9 1:9.18.16-1~deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 26 Jun 2023 06:17:09 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: bind9_9.18.16-1~deb12u1_source.changes
- Debian-source: bind9
- Debian-suite: proposed-updates
- Debian-version: 1:9.18.16-1~deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=rSy19xoWJzJeT1oBRo3K1gxWI80NVVtmRYtImm14suA=; b=QI77XvyP79UmvgW8uJfHZ7F7BH HHbkfXPees1txM0ZYkiWSz71zebzqX/tg9XZNs/tXf7aw7RW6aF3WInYWmcf2pzpXfcXziTQGNGQI JzARBzfIEuBZUwRaWF8o4GEsnuJ+oheVWRm18pJORBsyqCvcknQ+3AUPDBtaFHpOzS7CYNm+VD4Wu pIGSuAsdCXOVUH+qTczJUgxxTFy0cgq7omnxfmYFfU6mT6t2jUk4j2tDNeBrJHm5bt3v8aS33uksB PN7jW5p5OdeXKyke9Y2eBk/fnWfWBLObnUxj+FJadizVa8jN35b/cSHl6RkCe7AxQI9nxidqPCGNo F9tcmyWA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qDfXB-00DR9H-D0@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 21 Jun 2023 20:48:44 +0200
Source: bind9
Architecture: source
Version: 1:9.18.16-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian DNS Team <team+dns@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
bind9 (1:9.18.16-1~deb12u1) bookworm-security; urgency=high
.
* New upstream version 9.18.16
- CVE-2023-2828: The overmem cleaning process has been improved,
to prevent the cache from significantly exceeding the configured
max-cache-size limit.
- CVE-2023-2911: A query that prioritizes stale data over lookup
triggers a fetch to refresh the stale data in cache. If the fetch
is aborted for exceeding the recursion quota, it was possible for
named to enter an infinite callback loop and crash due to stack
overflow. This has been fixed.
Checksums-Sha1:
64520df6aca0e5be3d4abafc5986d3528d5e6a14 3325 bind9_9.18.16-1~deb12u1.dsc
fd4d104b751c8962c4351ee7f9a51851c8c93307 5462456 bind9_9.18.16.orig.tar.xz
dc97925ecceeb1a333425bc733afa2b6d47b7fe7 833 bind9_9.18.16.orig.tar.xz.asc
c60827131c70004c36de0624a0dfa5f43f2336fd 60492 bind9_9.18.16-1~deb12u1.debian.tar.xz
96e53da123d3dde63d8030a5d39cb70571a60a5f 15031 bind9_9.18.16-1~deb12u1_amd64.buildinfo
Checksums-Sha256:
1bb629bb554b7b66c0303fd06500a98957a6c7a69447857826d3c9da42a1a1c6 3325 bind9_9.18.16-1~deb12u1.dsc
c88234fe07ee75c3c8a9e59152fee64b714643de8e22cf98da3db4d0b57e0775 5462456 bind9_9.18.16.orig.tar.xz
8053d23883adfe5711d6eeed4c37b91773579a9a4f4c7b7fdb258d8b2c715d4f 833 bind9_9.18.16.orig.tar.xz.asc
d7a1315831fb8263c06f6fdb5b2c1654ea040410843f336194370edde7e9cbf4 60492 bind9_9.18.16-1~deb12u1.debian.tar.xz
4e864efe270a449f9f36d8277606cf2623c59b84d83b8ff6f6d6bf10d0ebc799 15031 bind9_9.18.16-1~deb12u1_amd64.buildinfo
Files:
46d6223622fdf0b118f1320f46909bbb 3325 net optional bind9_9.18.16-1~deb12u1.dsc
c75648e02db965770fdf76fb828796a0 5462456 net optional bind9_9.18.16.orig.tar.xz
fd85495275fbce1e521b6e358126bbb6 833 net optional bind9_9.18.16.orig.tar.xz.asc
0aad2e0149deaeffa20151fb6d7ccb03 60492 net optional bind9_9.18.16-1~deb12u1.debian.tar.xz
7fadb30c51d1e1774f3f65981009607d 15031 net optional bind9_9.18.16-1~deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmSTTL5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcIdRRAAktXpED5XlMsXG1A1XmkSKdZI/OHTzPs8YepZ0JHnWAVvXLQY+GMRgaW6
9APmanPo212asp3pPdZEGCC/EA0Pg29Ohm3M5lGrwL+4G6eVq9QREcTj5rmoMcCp
ka/4ZwIn6gevAGXTpwL9vaQS65Kn0dl2ln5MO4hflAU0Wl5wt9jsh7BCecL1KLnm
o/6VXNunps/TppkZB3KT1XbWU4MoEDfODbrDs8GhiuFFjPSZoyuhu515tkyEhJJ+
m+4OY04yOpWcDKvtXvxgdPvm+lSiAvcn/KOana9wGE3CSs6IVrsu0s9tpzLugdRf
n/wvD4plch0WnGpl/Ur87b13/IZQ30blkJxIlS7c/zkwN9vAYMbtAT8niR4uVGXg
0lBO0bcVCQ8IvfWofIJk+FuqfkN2Mxco7B0BABC7kKQMa0kKReFbrJYSHsRHzL1d
q6B331aNs5AQL1ilFm33Y6kuAxGr10RRcEkBszBjfrkL0AWait64ciMV5KR/uN/+
+E+uWkEAT9mMDrra+105VbvOdfPsHHJXK8brgwsq3USEXKXEk06qbrk5ajURYZoV
exSntOZu8KTp8H0Bsk5huuDMMe3ijHA2c+9Iv2SN2lC7PZu+J2Zf5zySFsUhDDPJ
0Icjx6fwbNjgbUi3U5T2niDgwMJjEhAybx6LsPTXSzFwPet+IeA=
=lFYx
-----END PGP SIGNATURE-----