Public bug reported: Upstream: 9.20.3 Debian: 1:9.20.2-1 1:9.21.1-1 Ubuntu: 1:9.20.0-2ubuntu3
Debian new has 1:9.21.1-1, which may be available for merge soon. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Jammy Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### bind9 (1:9.20.2-1) unstable; urgency=medium * New upstream version 9.20.2 -- Ondřej Surý <[email protected]> Fri, 20 Sep 2024 14:35:10 +0200 bind9 (1:9.20.1-1) unstable; urgency=medium * New upstream version 9.20.1 -- Ondřej Surý <[email protected]> Wed, 21 Aug 2024 15:07:52 +0200 bind9 (1:9.20.0-2) unstable; urgency=medium * Fix the assertion failure in samba-libs DLZ module. (Closes: #1074378) -- Ondřej Surý <[email protected]> Sat, 27 Jul 2024 05:02:39 +0200 bind9 (1:9.20.0-1) unstable; urgency=high * New upstream version 9.20.0 - CVE-2024-0760: A flood of DNS messages over TCP may make the server unstable - CVE-2024-1737: BIND's database will be slow if a very large number of RRs exist at the same name - CVE-2024-1975: SIG(0) can be used to exhaust CPU resources - CVE-2024-4076: Assertion failure when serving both stale cache data and authoritative zone content -- Ondřej Surý <[email protected]> Tue, 16 Jul 2024 17:26:47 +0200 bind9 (1:9.19.24-185-g392e7199df2-1) unstable; urgency=medium * New upstream version 9.19.24-185-g392e7199df2 -- Ondřej Surý <[email protected]> Thu, 20 Jun 2024 15:11:56 +0200 bind9 (1:9.19.24-2) unstable; urgency=medium * Add dnssec-ksr tool to bind9-utils package -- Ondřej Surý <[email protected]> Wed, 15 May 2024 20:59:35 +0200 bind9 (1:9.19.24-1) unstable; urgency=medium * New upstream version 9.19.24 -- Ondřej Surý <[email protected]> Wed, 15 May 2024 19:55:59 +0200 bind9 (1:9.19.23-1) unstable; urgency=medium * New upstream version 9.19.23 -- Ondřej Surý <[email protected]> Wed, 17 Apr 2024 23:48:03 +0200 bind9 (1:9.19.22-1) unstable; urgency=medium * New upstream version 9.19.22 - A regression caused by CVE-2023-6516 fix could lead into an out-of-memory condition when the server is under heavy load. -- Ondřej Surý <[email protected]> Wed, 20 Mar 2024 14:17:43 +0100 bind9 (1:9.19.21-1) unstable; urgency=high [ Helmut Grohne ] * Drop unused Build-Depends: python3. (Closes: #1063448) [ Ondřej Surý ] * New upstream version 9.19.21 - CVE-2023-4408: Parsing large DNS messages may cause excessive CPU load - CVE-2023-5517: Querying RFC 1918 reverse zones may cause an assertion failure when 'nxdomain-redirect' is enabled - CVE-2023-5679: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution - CVE-2023-6516: Specific recursive query patterns may lead to an out-of-memory condition - CVE-2023-50387: KeyTrap - Extreme CPU consumption in DNSSEC validator - CVE-2023-50868: Preparing an NSEC3 closest encloser proof can exhaust CPU resources -- Ondřej Surý <[email protected]> Mon, 12 Feb 2024 17:04:19 +0100 bind9 (1:9.19.19-1) unstable; urgency=medium [ Ondřej Surý ] * New upstream version 9.19.19 [ Bernhard Schmidt ] * Sync 9.18 to 9.19 (Closes: #1056984) -- Ondřej Surý <[email protected]> Wed, 20 Dec 2023 17:01:32 +0100 bind9 (1:9.19.18-1) unstable; urgency=medium * New upstream version 9.19.18 -- Ondřej Surý <[email protected]> Wed, 15 Nov 2023 17:51:18 +0100 ### Old Ubuntu Delta ### bind9 (1:9.20.0-2ubuntu3) oracular; urgency=medium * d/t/control: Disable dyndb-ldap test as bind-dyndb-ldap has been removed from Ubuntu for now (LP: #2078003). -- Lena Voytek <[email protected]> Wed, 28 Aug 2024 07:52:29 -0700 bind9 (1:9.20.0-2ubuntu2) oracular; urgency=medium * d/p/stop-using-malloc_usable_size.patch: Fix buffer overflows by removing memory size check implementations based on malloc_usable_size and malloc_size (LP: #2077327). -- Lena Voytek <[email protected]> Mon, 26 Aug 2024 11:23:58 -0700 bind9 (1:9.20.0-2ubuntu1) oracular; urgency=medium * Merge with Debian unstable to update to new 9.20 LTS Upstream release info: https://www.isc.org/blogs/2024-bind920/ * Remaining changes: - Don't build dnstap as it depends on universe packages: + d/control: drop build-depends on libfstrm-dev, libprotobuf-c-dev and protobuf-c-compiler (universe packages) + d/dnsutils.install: don't install dnstap + d/rules: don't build dnstap nor install dnstap.proto - Add back apport: + d/bind9.apport: add back old bind9 apport hook, but without calling attach_conffiles() since that is already done by apport itself, with confirmation from the user. + d/control, d/rules: build-depends on dh-apport and use it - d/control: remove optional libjemalloc-dev Build-Depends as it is not in main. - d/NEWS: mention relevant packaging changes - Improve dep-8 test suite (LP #2003584): + d/t/zonetest: Add dep8 test for checking the domain zone creation process + d/t/control: Add new test outline - d/po/de.po: Fix German UTF-8 encoding - d/copyright: Fix lintian warnings + Remove the entry for lib/isc/hp.c lib/isc/include/isc/hp.h as they were deleted in 9.18.2 + Remove the entry for lib/isc/include/pkcs11/pkcs11.h as it is no longer bundled as of 9.17.19 + Update the location of random_test.c and add info about its public domain section + Add wildcards to folders as needed + Note that m4/ uses the FSFAP license - d/control: Remove lsb-base dependency as it is no longer needed + See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019851 - d/t/control, d/t/dyndb-ldap: add DEP8 test (LP #2032650) - bind9-libs: Hard-code libuv1t64 instead of libuv1. * Dropped Changes: - d/p/always-use-standard-library-stdatomic.patch: Fixed upstream -- Lena Voytek <[email protected]> Mon, 12 Aug 2024 11:47:50 -0700 ** Affects: bind9 (Ubuntu) Importance: Undecided Status: Invalid ** Tags: needs-merge upgrade-software-version ** Changed in: bind9 (Ubuntu) Milestone: None => ubuntu-24.12 ** Changed in: bind9 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2110409 Title: Merge bind9 from Debian unstable for jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/2110409/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
