-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 15 May 2019 16:32:55 +0200 Source: bind9 Architecture: source Version: 1:9.11.5.P4+dfsg-5~bpo9+1 Distribution: stretch-backports Urgency: medium Maintainer: Debian DNS Team <team+dns@tracker.debian.org> Changed-By: Bernhard Schmidt <berni@debian.org> Closes: 905177 920530 923984 927827 927932 927962 928398 Changes: bind9 (1:9.11.5.P4+dfsg-5~bpo9+1) stretch-backports; urgency=medium . * Rebuild for stretch-backports. . bind9 (1:9.11.5.P4+dfsg-5) unstable; urgency=medium . * AppArmor: Allow /var/tmp/krb5_* (owner-only) for Samba AD DLZ. Thanks to Steven Monai (Closes: 928398) . bind9 (1:9.11.5.P4+dfsg-4) unstable; urgency=medium . [ Bernhard Schmidt ] * AppArmor: Also add /var/lib/samba/bind-dns/dns/** (Closes: #927827) . [ Ondřej Surý ] * [CVE-2018-5743]: Limiting simultaneous TCP clients is ineffective (Closes: #927932) * Update symbols file for new symbol in libisc * Enable EDDSA again, but disable broken Ed448 support (Closes: #927962) . bind9 (1:9.11.5.P4+dfsg-3) unstable; urgency=medium . * More fixes to the AppArmor policy for Samba AD DLZ - allow access to /dev/urandom - allow locking for dns.keytab - fix path to smb.conf . bind9 (1:9.11.5.P4+dfsg-2) unstable; urgency=medium . [ Ondřej Surý ] * Update d/gbp.conf for Debian Buster . [ Bernhard Schmidt ] * Cherry-Pick upstream commit to prevent dnssec-keymgr from immediately expiring and deleting old DNSSEC keys when being run for the first time (Closes: #923984) * Update AppArmor policy for Samba AD DLZ - Add changed default location for named.conf - Allow read/mmap on some Samba libraries Thanks to Steven Monai (Closes: #920530) . [ Andreas Beckmann ] * bind9.preinst: cope with ancient conffile named.conf.options (Closes: #905177) Checksums-Sha1: 8d4c98ebed707f902dd37ff1d1d6ba7bd4f3a15e 3960 bind9_9.11.5.P4+dfsg-5~bpo9+1.dsc 5f3c14b760a987b5353c04d939fa0f91533a0c57 3956484 bind9_9.11.5.P4+dfsg.orig.tar.xz 7d9d14154210dacdc67f4c289e604de7114b1f59 103536 bind9_9.11.5.P4+dfsg-5~bpo9+1.debian.tar.xz 1c47e02c2c0a67a677e2316d5e1ee670c43c5d65 6260 bind9_9.11.5.P4+dfsg-5~bpo9+1_source.buildinfo Checksums-Sha256: a0abc0100fb66ab8cc26b9291fe1bf6cdeb3e2b6b251429238b323fdc201e42b 3960 bind9_9.11.5.P4+dfsg-5~bpo9+1.dsc 34b20e4e17875d5c4280d52264bae08f527e38eb6bcfca431432b0cafcd03c6d 3956484 bind9_9.11.5.P4+dfsg.orig.tar.xz 30517615c5b24b3c345ea4173b4c2ee826492fbefc8009452eeb908e1cb4af07 103536 bind9_9.11.5.P4+dfsg-5~bpo9+1.debian.tar.xz 047924cc39ae0c0e0ae2acf4f8285a55a1f010efd1d47c5691655e072040555a 6260 bind9_9.11.5.P4+dfsg-5~bpo9+1_source.buildinfo Files: 50b48c483dda5ebdccd473a69c33e51a 3960 net optional bind9_9.11.5.P4+dfsg-5~bpo9+1.dsc b59921f04a722b0a30fab88dcf256449 3956484 net optional bind9_9.11.5.P4+dfsg.orig.tar.xz 66724e732014f670a24994fe7ffd92b9 103536 net optional bind9_9.11.5.P4+dfsg-5~bpo9+1.debian.tar.xz 6136784c5892640350a154fadbe99076 6260 net optional bind9_9.11.5.P4+dfsg-5~bpo9+1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAlzcKAcRHGJlcm5pQGRl Ymlhbi5vcmcACgkQd1B55bhQvJNv/w//TNopgKUXUZP5GU1kfBwQk+JMlfzovVQJ Klt7vTItD1sreS9ihF/ZLiVlTKudUU1ZTKLDUdG7moZUeET1NGFyx6VQOyAr67xh xkTdkVptUMo8EM3fznk9m/261lTwN4y7omYJYZhpITHl89ExIKUPO2PY04pLPtD/ E5Aqr4mEmpr+nQ5OLQWFGIBRapw6EuguO+R5f3XWWnKvueWw+WLraST5Rcfh1P99 rvp50GperBHUygHUGRMliNpi7up6Mr6qfAE0vft21hyDxjUc9o7VAnXmp2QNziX/ fm5gM8jS5+C3olnja7S00Z/POCkztZUQiFQ/sb/qsI6/9pyChrX18T5nRAIMYoln wNkVPibTY5QavTIrvqXs6y6p/IfXyVglpYBxbudlezl7PmF7rW5q1piKoe1DvoMq G5VpLs0WVpJdDdMR1p/Xjq1EWtYPDVUbt3nmsAgZmuJiOpDfrvtoPnsomo1/HEmx lZwxlZVpNihh5EQ0IrtExUBwQmDhJ2Tq5LlXgM3IFBSPshNoxQUCyCve9WfLn1nm zP2pX42LH2RpllNmldz991s+tONhch8ilLPUEl3D2oYU4KFKCUzGQbD1Jpj2xjLi k9TfW9wXhNhb9qTKEyxoAOXnmoua5uFvgN81TP6EpYPftv5EhOlB4TiQr5iuiluM IamJw3+V/VI= =7h46 -----END PGP SIGNATURE-----
