Package "bind9-libs"

Name:	bind9-libs
Description:	Shared Libraries used by BIND 9
Latest version:	1:9.18.30-0ubuntu0.24.04.2
Release:	noble (24.04)
Level:	security
Repository:	main
Head package:	bind9
Homepage:	https://www.isc.org/downloads/bind/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "bind9-libs"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "bind9-libs" in Noble

Repository	Area	Version
base	main	1:9.18.24-0ubuntu5
updates	main	1:9.18.30-0ubuntu0.24.04.2

Changelog

Version: 1:9.18.30-0ubuntu0.24.04.2 2025-01-29 20:07:00 UTC

bind9 (1:9.18.30-0ubuntu0.24.04.2) noble-security; urgency=medium * SECURITY UPDATE: Many records in the additional section cause CPU exhaustion - debian/patches/CVE-2024-11187.patch: limit the additional processing for large RDATA sets in bin/tests/*, lib/dns/include/dns/rdataset.h, lib/dns/rbtdb.c, lib/dns/rdataset.c, lib/dns/resolver.c, lib/ns/query.c. - CVE-2024-11187 * SECURITY UPDATE: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load - debian/patches/CVE-2024-12705.patch: fix flooding issues in lib/isc/netmgr/http.c, lib/isc/netmgr/netmgr-int.h, lib/isc/netmgr/netmgr.c, lib/isc/netmgr/tcp.c, lib/isc/netmgr/tlsstream.c. - CVE-2024-12705 -- Marc Deslauriers <email address hidden> Tue, 28 Jan 2025 09:26:30 -0500

Source diff to previous version

CVE-2024-11187	Many records in the additional section cause CPU exhaustion
CVE-2024-12705	DNS-over-HTTPS implementation suffers from multiple issues under heavy query load

Version: 1:9.18.28-0ubuntu0.24.04.1 2024-07-23 16:07:08 UTC

Version: 1:9.18.28-0ubuntu0.24.04.1	2024-07-23 16:07:08 UTC
bind9 (1:9.18.28-0ubuntu0.24.04.1) noble-security; urgency=medium * Updated to 9.18.28 to fix multiple security issues. - CVE-2024-0760: A flood of DNS messages over TCP may make the server unstable - CVE-2024-1737: BIND's database will be slow if a very large number of RRs exist at the same name - CVE-2024-1975: SIG(0) can be used to exhaust CPU resources - CVE-2024-4076: Assertion failure when serving both stale cache data and authoritative zone content -- Marc Deslauriers <email address hidden> Tue, 16 Jul 2024 14:16:20 -0400

bind9 (1:9.18.28-0ubuntu0.24.04.1) noble-security; urgency=medium * Updated to 9.18.28 to fix multiple security issues. - CVE-2024-0760: A flood of DNS messages over TCP may make the server unstable - CVE-2024-1737: BIND's database will be slow if a very large number of RRs exist at the same name - CVE-2024-1975: SIG(0) can be used to exhaust CPU resources - CVE-2024-4076: Assertion failure when serving both stale cache data and authoritative zone content -- Marc Deslauriers <email address hidden> Tue, 16 Jul 2024 14:16:20 -0400

About - Send Feedback to @ubuntu_updates

Package "bind9-libs"

Links

Download "bind9-libs"

Other versions of "bind9-libs" in Noble

Changelog

Share this page

Bookmarks

Latest updates

proposed

security

updates

PPA updates