Ubuntu
bind9 package

lp://staging/ubuntu/precise-security/bind9

Precise (12.04)
precise-security

Created by Ubuntu Package Importer on 2012-06-05 and last modified on 2015-09-01

Get this branch:: bzr branch lp://staging/ubuntu/precise-security/bind9

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

59. By Marc Deslauriers on 2015-09-01: * SECURITY UPDATE: denial of service in DNSSEC-signed record validation
  via malformed keys
  - fix validation inlib/dns/hmac_link.c, lib/dns/include/dst/dst.h,
    lib/dns/ncache.c, lib/dns/openssldh_link.c,
    lib/dns/openssldsa_link.c, lib/dns/opensslrsa_link.c,
    lib/dns/resolver.c.
  - CVE-2015-5722
58. By Marc Deslauriers on 2015-07-27: * SECURITY UPDATE: denial of service in TKEY record query handling
  - lib/dns/tkey.c: clear out name before trying the answer section.
  - CVE-2015-5477
* SECURITY UPDATE: denial of service via AAAA record query
  - bin/named/query.c: arrange for RPZ rewriting of any A records.
  - CVE-2012-5689
57. By Marc Deslauriers on 2015-06-29: * SECURITY UPDATE: resolver DoS via specially crafted zone data
- lib/dns/validator.c: don't use uninitialized fixedname.
- CVE-2015-4620
56. By Marc Deslauriers on 2015-02-18: * SECURITY UPDATE: denial of service via revoking a managed trust anchor
  and supplying an untrusted replacement
  - lib/dns/zone.c: avoid crash due to managed-key rollover
  - Based on patch supplied by Evan Hunt <email address hidden>
  - CVE-2015-1349
55. By Marc Deslauriers on 2014-12-09: * SECURITY UPDATE: denial of service via delegation handling defect
  - limit max recursion in bin/named/config.c, bin/named/query.c,
    bin/named/server.c, lib/dns/adb.c, lib/dns/include/dns/adb.h,
    lib/dns/include/dns/resolver.h, lib/dns/resolver.c,
    lib/export/isc/Makefile.in, lib/isc/Makefile.in, lib/isc/counter.c,
    lib/isc/include/isc/counter.h, lib/isc/include/isc/Makefile.in,
    lib/isc/include/isc/types.h, lib/isc/tests/counter_test.c,
    lib/isccfg/namedconf.c.
  - Patch provided by upstream.
  - CVE-2014-8500
54. By Marc Deslauriers on 2014-01-10: * SECURITY UPDATE: denial of service when processing NSEC3-signed zone
  queries
  - debian/patches/CVE-2014-0591.patch: don't call memcpy with
    overlapping ranges in bin/named/query.c.
  - patch backported from 9.8.6-P2.
  - CVE-2014-0591
53. By Marc Deslauriers on 2013-07-26: * SECURITY UPDATE: denial of service via incorrect bounds checking on
  private type 'keydata'
  - lib/dns/rdata/generic/keydata_65533.c: check for correct length.
  - Patch backported from 9.8.5-P2
  - CVE-2013-4854
52. By Marc Deslauriers on 2013-03-28: * SECURITY UPDATE: denial of service via regex syntax checking
  - configure,configure.in,config.h.in: remove check for regex.h to
    disable regex syntax checking.
  - CVE-2013-2266
51. By Marc Deslauriers on 2012-12-05: * SECURITY UPDATE: denial of service via DNS64 and crafted query
  - bin/named/query.c: init rdataset before cleanup.
  - Patch backported from 9.8.4-P1
  - CVE-2012-5688
50. By Marc Deslauriers on 2012-10-05: * SECURITY UPDATE: denial of service via specific combinations of RDATA
  - bin/named/query.c: fix logic
  - Patch backported from 9.8.3-P4
  - CVE-2012-5166

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp://staging/ubuntu/quantal/bind9

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntubind9 package