Package "bind9"
Name: |
bind9
|
Description: |
Internet Domain Name Server
|
Latest version: |
1:9.18.30-0ubuntu0.22.04.1 |
Release: |
jammy (22.04) |
Level: |
proposed |
Repository: |
main |
Homepage: |
https://www.isc.org/downloads/bind/ |
Links
Download "bind9"
Other versions of "bind9" in Jammy
Packages in group
Deleted packages are displayed in grey.
Changelog
bind9 (1:9.18.12-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream releases 9.18.2 - 9.18.12 (LP: #2003586)
- Updates:
+ update-quota option
+ named -V shows supported cryptographic algorithms
+ Catalog Zones schema version 2 support in named
+ DNS error support Stale Answer and Stale NXDOMAIN Answer
+ Remote TLS certificate verification support
+ reusereport option
- Bug Fixes Include:
+ Fix crash when using dig with +nssearch and +tcp (LP: #1258003)
+ Fix incomplete results using dig with +nssearch (LP: #1970252)
+ Fix loading of preinstalled plugins (LP: #2006972)
+ CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080,
CVE-2022-38178, CVE-2022-3094, CVE-2022-3736, CVE-2022-3924,
CVE-2022-1183
+ Fix thread safety in dns_dispatch
+ Fix ADB quota management in resolver
+ Fix Prohibited DNS error on allow-recursion
+ Fix crash when restarting server with active statschannel connection
+ Fix use after free for catalog zone processing
+ Fix leak of dns_keyfileio_t objects
+ Fix nslookup failure to use port option when record type ANY is used
+ Fix crash on dnssec-policy zone with NSEC3 and inline-signing turned on
+ Fix inheritance when setting remote server port
+ Fix assertion error when accessing statistics channel
+ Fix rndc dumpdb -expired for stuck cache
+ Fix check for other name servers after receiving FORMERR
+ Fix deletion of CDS after zone sign
+ Fix dighost query context management
+ Fix dig hanging due to IPv4 mapped IPv6 address
+ See https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-bind-9-18-12
for additional bug fixes and information
* Improve dep-8 test suite (LP: #2003584):
- d/t/zonetest: Add dep8 test for checking the domain zone creation process
- d/t/control: Add new test outline
* d/bind9-doc.docs: Stop installing removed file doc/misc/options.active
* Remove patches for bugs LP #1964400 and LP #1964686 fixed upstream:
- lp1964400-lp1964686-Fix-an-issue-in-dig-when-retrying-with-the-next-serv
- lp1964400-lp1964686-When-resending-a-UDP-request-insert-the-query-to-the
- lp1964400-lp1964686-Add-digdelv-system-test-to-check-timed-out-result-fo
- lp1964400-lp1964686-After-dig-request-errors-try-to-use-other-servers-wh
- lp1964400-lp1964686-Add-digdelv-system-test-to-check-that-dig-tries-othe
- lp1964400-lp1964686-Fix-dig-error-when-trying-the-next-server-after-a-TC
- lp1964400-lp1964686-Add-various-dig-host-tests-for-TCP-UDP-socket-error-
* Remove CVE patches fixed upstream:
- debian/patches/CVE-2022-1183.patch
[Included in upstream release 9.18.3]
- debian/patches/CVE-2022-2795.patch
- debian/patches/CVE-2022-2881.patch
- debian/patches/CVE-2022-2906.patch
- debian/patches/CVE-2022-3080.patch
- debian/patches/CVE-2022-38178.patch
[Included in upstream release 9.18.7]
- debian/patches/CVE-2022-3094.patch
- debian/patches/CVE-2022-3736.patch
- debian/patches/CVE-2022-3924.patch
[Included in upstream release 9.18.11]
-- Lena Voytek <email address hidden> Wed, 08 Mar 2023 12:08:55 -0700
|
2003586 |
MRE Updates 9.18.12 / 9.16.36 |
1258003 |
DiG crashes on +nssearch with +tcp in bind9 9.18 |
1970252 |
The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04 |
2006972 |
bind9 can't load preinstalled plugins |
2003584 |
Add better DEP-8 tests |
1964400 |
host crashes with SIGABRT in isc_assertion_failed() |
1964686 |
Command \ |
CVE-2022-2795 |
Processing large delegations may severely degrade resolver performance |
CVE-2022-2881 |
Buffer overread in statistics channel code |
CVE-2022-2906 |
Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs |
CVE-2022-3080 |
BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly |
CVE-2022-38178 |
Memory leaks in EdDSA DNSSEC verification code |
CVE-2022-3094 |
Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack |
CVE-2022-3736 |
BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the |
CVE-2022-3924 |
This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured wit |
CVE-2022-1183 |
RESERVED |
|
About
-
Send Feedback to @ubuntu_updates