Ubuntu
bind9 package

lp:ubuntu/oneiric-updates/bind9

Oneiric (11.10)
oneiric-updates

Created by Ubuntu Package Importer on 2011-11-17 and last modified on 2013-03-28

Get this branch:: bzr branch lp:ubuntu/oneiric-updates/bind9

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

46. By Marc Deslauriers on 2013-03-28: * SECURITY UPDATE: denial of service via regex syntax checking
  - configure,configure.in,config.h.in: remove check for regex.h to
    disable regex syntax checking.
  - CVE-2013-2266
45. By Marc Deslauriers on 2012-10-05: * SECURITY UPDATE: denial of service via specific combinations of RDATA
  - bin/named/query.c: fix logic
  - Patch backported from 9.8.3-P4
  - CVE-2012-5166
44. By Marc Deslauriers on 2012-09-12: * SECURITY UPDATE: denial of service via large crafted resource record
  - check length in lib/dns/include/dns/rdata.h,
    lib/dns/{master,rdata,rdataslab}.c.
  - Patch backported from 9.7.6-P3
  - CVE-2012-4244
43. By Marc Deslauriers on 2012-07-25: * SECURITY UPDATE: denial of service via dnssec validation load
  - lib/dns/resolver.c: don't use bad->expire before it has been set.
  - Patch backported from 9.7.6-P2.
  - CVE-2012-3817
42. By Marc Deslauriers on 2012-06-04: * SECURITY UPDATE: ghost domain names attack
  - lib/dns/rbtdb.c: Restrict the TTL of NS RRset to no more than that
    of the old NS RRset when replacing it.
  - Patch backported from 9.7.5.
  - CVE-2012-1033
* SECURITY UPDATE: denial of service via zero length rdata handling
  - lib/dns/rdata.c,lib/dns/rdataslab.c: use sentinel pointer for
    duplicate rdata.
  - Patch backported from 9.7.6-P1.
  - CVE-2012-1667
41. By Marc Deslauriers on 2011-11-16: * SECURITY UPDATE: denial of service via specially crafted packet
  - bin/named/query.c,lib/dns/rbtdb.c: correctly handle cache lookups
    that return RRSIG data associated with nonexistent records.
  - Patch backported from 9.7.4-P1.
  - CVE-2011-4313
40. By Martin Pitt on 2011-07-14: debian/apparmor-profile: Allow /var/run and /run. (LP: #810270)
39. By Marc Deslauriers on 2011-07-05: * SECURITY UPDATE: denial of service via specially crafted packet
  - lib/dns/include/dns/rdataset.h, lib/dns/{masterdump,message,ncache,
    nsec3,rbtdb,rdataset,resolver,validator}.c: Use an rdataset attribute
    flag to indicate negative-cache records rather than using rrtype 0.
  - Patch backported from 9.7.3-P3.
  - CVE-2011-2464
38. By Marc Deslauriers on 2011-05-27: * SECURITY UPDATE: denial of service via off-by-one
  - lib/dns/ncache.c: correctly validate length.
  - Patch backported from 9.7.3-P1.
  - CVE-2011-1910
37. By Marc Deslauriers on 2011-03-30: debian/rules, configure, contrib/dlz/config.dlz.in: use
DEB_HOST_MULTIARCH so we can find multiarch libraries and fix FTBFS.
(LP: #745642)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/precise/bind9

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntubind9 package