Package "libisc83"
Name: |
libisc83
|
Description: |
ISC Shared Library used by BIND
|
Latest version: |
1:9.8.1.dfsg.P1-4ubuntu0.32 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
main |
Head package: |
bind9 |
Links
Download "libisc83"
Other versions of "libisc83" in Precise
Changelog
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.32) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: off-by-one bug in ISC SPNEGO implementation
- properly calculate length in lib/dns/spnego.c.
- CVE-2020-8625
-- Avital Ostromich <email address hidden> Tue, 23 Feb 2021 18:56:07 -0500
|
Source diff to previous version |
CVE-2020-8625 |
BIND servers are vulnerable if they are running an affected version an ... |
|
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.22) precise-security; urgency=medium
* SECURITY UPDATE: Denial of Service due to an error handling
synthesized records when using DNS64 with "break-dnssec yes;"
- bin/named/query.c: reset noqname if query_dns64() called.
- CVE-2017-3136
* SECURITY UPDATE: Denial of Service due to resolver terminating when
processing a response packet containing a CNAME or DNAME
- lib/dns/resolver.c: don't expect a specific
ordering of answer components
- lib/dns/name.c: remove part of assertion that triggers in
dns_name_split() (partial cherrypick of upstream
dc3912f3caac1104fef441fd18571b7a975708ea
- bin/tests/system/dname/ns2/example.db,
bin/tests/system/dname/tests.sh: add testcases.
- CVE-2017-3137
* SECURITY UPDATE: Denial of Service when receiving a null command on
the control channel
- lib/isc/lex.c, lib/isc/include/isc/lex.h: don't throw an assert if no
command token is given
- CVE-2017-3138
-- Steve Beattie <email address hidden> Thu, 13 Apr 2017 00:02:24 -0700
|
Source diff to previous version |
CVE-2017-3136 |
An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" |
CVE-2017-3137 |
A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME |
CVE-2017-3138 |
named exits with a REQUIRE assertion failure if it receives a null command string on its control channel |
|
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.21) precise-security; urgency=medium
* SECURITY UPDATE: Combining dns64 and rpz can result in dereferencing
a NULL pointer
- bin/named/query.c, lib/dns/message.c, lib/dns/rdataset.c: properly
handle dns64 and rpz combination.
- CVE-2017-3135
* SECURITY UPDATE: regression in CVE-2016-8864
- lib/dns/resolver.c: synthesised CNAME before matching DNAME was still
being cached when it should have been,
- bin/tests/system/dname/ans3/ans.pl,
bin/tests/system/dname/ns1/root.db, bin/tests/system/dname/tests.sh:
added tests.
- No CVE number
-- Marc Deslauriers <email address hidden> Wed, 15 Feb 2017 10:36:42 -0500
|
Source diff to previous version |
CVE-2016-8864 |
A problem handling responses containing a DNAME answer can lead to an assertion failure |
|
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.20) precise-security; urgency=medium
* SECURITY UPDATE: assertion failure via class mismatch
- lib/dns/resolver.c: properly handle certain TKEY records.
- CVE-2016-9131
* SECURITY UPDATE: assertion failure via inconsistent DNSSEC information
- lib/dns/resolver.c: fix logic when records are returned without the
requested data.
- CVE-2016-9147
* SECURITY UPDATE: regression in CVE-2016-8864
- lib/dns/resolver.c: properly handle CNAME -> DNAME in responses,
added tests to bin/tests/system/dname/ns2/example.db,
bin/tests/system/dname/tests.sh.
- No CVE number
-- Marc Deslauriers <email address hidden> Mon, 09 Jan 2017 10:47:06 -0500
|
Source diff to previous version |
CVE-2016-9131 |
A malformed response to an ANY query can cause an assertion failure during recursion |
CVE-2016-9147 |
An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure |
CVE-2016-8864 |
A problem handling responses containing a DNAME answer can lead to an assertion failure |
|
bind9 (1:9.8.1.dfsg.P1-4ubuntu0.19) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via responses containing a DNAME
answer
- lib/dns/resolver.c: remove assertion failure.
- patch backported from 9.9.9-P4.
- CVE-2016-8864
-- Marc Deslauriers <email address hidden> Mon, 31 Oct 2016 09:00:00 -0400
|
CVE-2016-8864 |
A problem handling responses containing a DNAME answer can lead to an assertion failure |
|
About
-
Send Feedback to @ubuntu_updates