UbuntuUpdates.org

Package "bind9"




Name: bind9

Description:

Internet Domain Name Server
Latest version: *DELETED*
Release: jammy (22.04)
Level: proposed
Repository: main
Homepage: https://www.isc.org/downloads/bind/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "bind9"

APT INSTALL

Other versions of "bind9" in Jammy

Repository Area Version
base main 1:9.18.1-1ubuntu1
base universe 1:9.18.1-1ubuntu1
security main 1:9.18.18-0ubuntu0.22.04.2
security universe 1:9.18.18-0ubuntu0.22.04.2
updates main 1:9.18.24-0ubuntu0.22.04.1
updates universe 1:9.18.24-0ubuntu0.22.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:9.18.12-0ubuntu0.22.04.1 2023-03-17 20:07:04 UTC

  bind9 (1:9.18.12-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream releases 9.18.2 - 9.18.12 (LP: #2003586)
    - Updates:
      + update-quota option
      + named -V shows supported cryptographic algorithms
      + Catalog Zones schema version 2 support in named
      + DNS error support Stale Answer and Stale NXDOMAIN Answer
      + Remote TLS certificate verification support
      + reusereport option
    - Bug Fixes Include:
      + Fix crash when using dig with +nssearch and +tcp (LP: #1258003)
      + Fix incomplete results using dig with +nssearch (LP: #1970252)
      + Fix loading of preinstalled plugins (LP: #2006972)
      + CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080,
        CVE-2022-38178, CVE-2022-3094, CVE-2022-3736, CVE-2022-3924,
        CVE-2022-1183
      + Fix thread safety in dns_dispatch
      + Fix ADB quota management in resolver
      + Fix Prohibited DNS error on allow-recursion
      + Fix crash when restarting server with active statschannel connection
      + Fix use after free for catalog zone processing
      + Fix leak of dns_keyfileio_t objects
      + Fix nslookup failure to use port option when record type ANY is used
      + Fix crash on dnssec-policy zone with NSEC3 and inline-signing turned on
      + Fix inheritance when setting remote server port
      + Fix assertion error when accessing statistics channel
      + Fix rndc dumpdb -expired for stuck cache
      + Fix check for other name servers after receiving FORMERR
      + Fix deletion of CDS after zone sign
      + Fix dighost query context management
      + Fix dig hanging due to IPv4 mapped IPv6 address
      + See https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-bind-9-18-12
        for additional bug fixes and information
  * Improve dep-8 test suite (LP: #2003584):
    - d/t/zonetest: Add dep8 test for checking the domain zone creation process
    - d/t/control: Add new test outline
  * d/bind9-doc.docs: Stop installing removed file doc/misc/options.active
  * Remove patches for bugs LP #1964400 and LP #1964686 fixed upstream:
    - lp1964400-lp1964686-Fix-an-issue-in-dig-when-retrying-with-the-next-serv
    - lp1964400-lp1964686-When-resending-a-UDP-request-insert-the-query-to-the
    - lp1964400-lp1964686-Add-digdelv-system-test-to-check-timed-out-result-fo
    - lp1964400-lp1964686-After-dig-request-errors-try-to-use-other-servers-wh
    - lp1964400-lp1964686-Add-digdelv-system-test-to-check-that-dig-tries-othe
    - lp1964400-lp1964686-Fix-dig-error-when-trying-the-next-server-after-a-TC
    - lp1964400-lp1964686-Add-various-dig-host-tests-for-TCP-UDP-socket-error-
  * Remove CVE patches fixed upstream:
    - debian/patches/CVE-2022-1183.patch
      [Included in upstream release 9.18.3]
    - debian/patches/CVE-2022-2795.patch
    - debian/patches/CVE-2022-2881.patch
    - debian/patches/CVE-2022-2906.patch
    - debian/patches/CVE-2022-3080.patch
    - debian/patches/CVE-2022-38178.patch
      [Included in upstream release 9.18.7]
    - debian/patches/CVE-2022-3094.patch
    - debian/patches/CVE-2022-3736.patch
    - debian/patches/CVE-2022-3924.patch
      [Included in upstream release 9.18.11]

 -- Lena Voytek <email address hidden> Wed, 08 Mar 2023 12:08:55 -0700
2003586 MRE Updates 9.18.12 / 9.16.36
1258003 DiG crashes on +nssearch with +tcp in bind9 9.18
1970252 The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04
2006972 bind9 can't load preinstalled plugins
2003584 Add better DEP-8 tests
1964400 host crashes with SIGABRT in isc_assertion_failed()
1964686 Command \
CVE-2022-2795 Processing large delegations may severely degrade resolver performance
CVE-2022-2881 Buffer overread in statistics channel code
CVE-2022-2906 Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs
CVE-2022-3080 BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly
CVE-2022-38178 Memory leaks in EdDSA DNSSEC verification code
CVE-2022-3094 Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack
CVE-2022-3736 BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the
CVE-2022-3924 This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured wit
CVE-2022-1183 RESERVED


About   -   Send Feedback to @ubuntu_updates