-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 12 Feb 2024 17:28:03 +0100
Source: bind9
Architecture: source
Version: 1:9.18.24-1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian DNS Team <team+dns@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
bind9 (1:9.18.24-1) bookworm-security; urgency=high
.
* New upstream version 9.18.24
- CVE-2023-4408: Parsing large DNS messages may cause excessive CPU
load
- CVE-2023-5517: Querying RFC 1918 reverse zones may cause an assertion
failure when "nxdomain-redirect" is enabled
- CVE-2023-5679: Enabling both DNS64 and serve-stale may cause an
assertion failure during recursive resolution
- CVE-2023-6516: Specific recursive query patterns may lead to an
out-of-memory condition
- CVE-2023-50387: KeyTrap - Extreme CPU consumption in DNSSEC validator
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof can exhaust
CPU resources
Checksums-Sha1:
578c72a7a38a5477963b101d9a2aa2070e0cc333 3049 bind9_9.18.24-1.dsc
e5bfeb64e3d118c5b4e21ae615f2b9c3ea5339ff 5515528 bind9_9.18.24.orig.tar.xz
2e43512483a99d9016ed856d99ea3cc0248e800b 60800 bind9_9.18.24-1.debian.tar.xz
bdb61ec3fa2bfc7b29b00912f1445ba07022baae 15031 bind9_9.18.24-1_amd64.buildinfo
Checksums-Sha256:
3e76d81e821e6c300f442b80918bff87bdf89851789ab621a8dbfe6d19f4f717 3049 bind9_9.18.24-1.dsc
709d73023c9115ddad3bab65b6c8c79a590196d0d114f5d0ca2533dbd52ddf66 5515528 bind9_9.18.24.orig.tar.xz
88d8b6b54bcb9302e70a8891c2fede7529f9ef3f61920952af9c79778c5c8f19 60800 bind9_9.18.24-1.debian.tar.xz
8c8c9d559b0bb25f34876e396ebf0067949a09e40a5b7e2e463d6a8c6431f28e 15031 bind9_9.18.24-1_amd64.buildinfo
Files:
cd6ae3fcc0d5657b3d8f85f554af3878 3049 net optional bind9_9.18.24-1.dsc
c791cb32069dbfb6d555ee682309ab09 5515528 net optional bind9_9.18.24.orig.tar.xz
ad347f2e87b072168d28faeb2d6d7dad 60800 net optional bind9_9.18.24-1.debian.tar.xz
e59713037cdbfd6b6c9a0e19db5b51b2 15031 net optional bind9_9.18.24-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmXKTHhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcKxMQ//V0PIilcZu2U82rT1g3bdlskFzejMuio58F5kGv/uQeMr19Bo5K5K5bMf
zuwH0Iws0pe/LvVJ/NCmp9YbRjAW3fPDJ3LV+Dt7JGE9OKoyBTOgogd4CizysXwG
SyH7ArwiVybP54UgZu/4VUIemjuP4QDSj2Awc4yf/7Th6CoEbHFkiUOKjIQGgPs7
lqkrYFc7MqunSilj4CzCeGVkIf7nmsx6hw4PQ73ioKbkMZP6Y7+DAifeHOzz2N3N
q5WKpJa7HPMrXHczSz4FOPYWcDKorwpBRU6+PnU0sa9TpeHioEfUfChMOknuPAUh
APgsXo0D8Mwrv+ytuERKOzgJWG7Z7T+Ec8UVIgMTHvYZu+TrV2n+CKUGtYOxepXi
hLJZDqAmH20NwDYaljF5DpkxC4c9nfsGanAag5l3TIxY/7fkq4pITMis033mvfmM
OImvhVE13+KCn/EtV0IzCfE43lKeGR5PzEYQjb5PkLDtqfe9xN+oMgPHPHWS3P0Z
vgX7cDSvuVdNuvjCVBxz7FiBMzj1JQqplr5xGZRKfUVCpopf950pJWrIxIAckI6d
4d40qPogifCjdaUzmfCFihi5Ue2pMVgWtcyMs5lJpZyY3H6dKhyAkaStvO/TO+Lr
gz9jEc8gSxPXD0WQx0Idi7tO35ZBz89uiJ3DoNfst6G4/sm2UJ8=
=Xgos
-----END PGP SIGNATURE-----
Attachment:
pgpHw3lDolw0m.pgp
Description: PGP signature