UbuntuUpdates.org

Package "bind9"

Name: bind9

Description:

Internet Domain Name Server

Latest version: 1:9.16.1-0ubuntu2.7
Release: focal (20.04)
Level: updates
Repository: main
Homepage: https://www.isc.org/downloads/bind/

Links


Download "bind9"


Other versions of "bind9" in Focal

Repository Area Version
base main 1:9.16.1-0ubuntu2
base universe 1:9.16.1-0ubuntu2
security main 1:9.16.1-0ubuntu2.6
security universe 1:9.16.1-0ubuntu2.6
updates universe 1:9.16.1-0ubuntu2.7

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:9.16.1-0ubuntu2.7 2021-03-01 13:06:24 UTC

  bind9 (1:9.16.1-0ubuntu2.7) focal; urgency=medium

  * Fix a race between deactivating socket handle and processing
    async callbacks, which can lead to sockets not being closed
    properly, exhausting TCP connection limits. (LP: #1909950)
    - d/p/lp-1909950-fix-race-between-deactivating-handle-async-callback.patch

 -- Matthew Ruffell <email address hidden> Thu, 18 Feb 2021 16:28:44 +1300

Source diff to previous version
1909950 named: TCP connections sometimes never close due to race in socket teardown

Version: 1:9.16.1-0ubuntu2.6 2021-02-18 15:06:22 UTC

  bind9 (1:9.16.1-0ubuntu2.6) focal-security; urgency=medium

  * SECURITY UPDATE: off-by-one bug in ISC SPNEGO implementation
    - debian/patches/CVE-2020-8625.patch: properly calculate length in
      lib/dns/spnego.c.
    - CVE-2020-8625
  * This update does _not_ contain the changes from 1:9.16.1-0ubuntu2.5 in
    focal-proposed.

 -- Marc Deslauriers <email address hidden> Tue, 16 Feb 2021 15:08:33 -0500

Source diff to previous version
CVE-2020-8625 BIND servers are vulnerable if they are running an affected version an ...

Version: 1:9.16.1-0ubuntu2.4 2020-10-26 11:06:19 UTC

  bind9 (1:9.16.1-0ubuntu2.4) focal; urgency=medium

  * Fix rare condition that can break bind9 with a crash (LP: #1896740)
    - 0003-Print-diagnostics-on-dns_name_issubdomain-failure-in.patch

 -- Christian Ehrhardt <email address hidden> Mon, 28 Sep 2020 12:30:22 +0200

Source diff to previous version
1896740 BIND crashes with failed assertion INSIST(dns_name_issubdomain(\u0026fctx-\u003ename, \u0026fctx-\u003edomain))

Version: 1:9.16.1-0ubuntu2.3 2020-08-21 14:06:23 UTC

  bind9 (1:9.16.1-0ubuntu2.3) focal-security; urgency=medium

  * SECURITY UPDATE: A specially crafted large TCP payload can trigger an
    assertion failure
    - debian/patches/CVE-2020-8620.patch: add extra checks to
      lib/isc/netmgr/netmgr-int.h, lib/isc/netmgr/netmgr.c,
      lib/isc/netmgr/tcp.c, lib/isc/netmgr/udp.c.
    - CVE-2020-8620
  * SECURITY UPDATE: Attempting QNAME minimization after forwarding can
    lead to an assertion failure
    - debian/patches/CVE-2020-8621.patch: disable QNAME minimization in
      lib/dns/resolver.c.
    - CVE-2020-8621
  * SECURITY UPDATE: A truncated TSIG response can lead to an assertion
    failure
    - debian/patches/CVE-2020-8622.patch: move code in lib/dns/message.c.
    - CVE-2020-8622
  * SECURITY UPDATE: A flaw in native PKCS#11 code can lead to a remotely
    triggerable assertion failure
    - debian/patches/CVE-2020-8623.patch: add extra checks in
      lib/dns/pkcs11rsa_link.c, lib/isc/include/pk11/internal.h,
      lib/isc/pk11.c.
    - CVE-2020-8623
  * SECURITY UPDATE: update-policy rules of type subdomain were enforced
    incorrectly
    - debian/patches/CVE-2020-8624.patch: add extra check in
      bin/named/zoneconf.c.
    - CVE-2020-8624

 -- Marc Deslauriers <email address hidden> Tue, 18 Aug 2020 07:38:53 -0400

Source diff to previous version

Version: 1:9.16.1-0ubuntu2.2 2020-06-17 23:07:12 UTC

  bind9 (1:9.16.1-0ubuntu2.2) focal-security; urgency=medium

  * SECURITY UPDATE: assertion when attempting to fill oversized TCP buffer
    - debian/patches/CVE-2020-8618.patch: add fix to lib/ns/client.c,
      lib/ns/include/ns/client.h, lib/ns/xfrout.c.
    - CVE-2020-8618
  * SECURITY UPDATE: INSIST failure when a zone with an interior wildcard
    label was queried in a certain pattern
    - debian/patches/CVE-2020-8619.patch: add fix to lib/dns/rbtdb.c.
    - CVE-2020-8619

 -- Marc Deslauriers <email address hidden> Tue, 16 Jun 2020 09:29:41 -0400

CVE-2020-8618 RESERVED
CVE-2020-8619 RESERVED



About   -   Send Feedback to @ubuntu_updates