-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 25 Oct 2021 13:29:14 +0200 Source: bind9 Architecture: source Version: 1:9.16.22-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian DNS Team <team+dns@tracker.debian.org> Changed-By: Ondřej Surý <ondrej@debian.org> Changes: bind9 (1:9.16.22-1~deb11u1) bullseye-security; urgency=high . * New upstream version 9.16.22 + CVE-2021-25219: The "lame-ttl" option is now forcibly set to 0. This effectively disables the lame server cache, as it could previously be abused by an attacker to significantly degrade resolver performance. Checksums-Sha1: 522cc08a5e32ae10ca033796c7ffe4bcc5c6634e 3024 bind9_9.16.22-1~deb11u1.dsc 0d56f6a88532363757534566598c48a9f7072bfa 5059000 bind9_9.16.22.orig.tar.xz 5b5d8d4984f7392d8cf7ab9823e0306c94873c0d 78052 bind9_9.16.22-1~deb11u1.debian.tar.xz dc0672e15c5badaec384750cc06d4dc17829c27c 15195 bind9_9.16.22-1~deb11u1_amd64.buildinfo Checksums-Sha256: 0a094f1f5159fc2aa0d7c8552dc3d4ae55a3c3187ab5b1c51ee4d99df299c74b 3024 bind9_9.16.22-1~deb11u1.dsc 65e7b2af6479db346e2fc99bcfb6ec3240066468e09dbec575ebc7c57d994061 5059000 bind9_9.16.22.orig.tar.xz 19c381ca044a92b469b17344052f8c17d000dd07ca462694d56a86dde38abb58 78052 bind9_9.16.22-1~deb11u1.debian.tar.xz 8aebe45220b33f971c38784836b8ac8effd08d23e42d95a0cdbeb3011f3656e5 15195 bind9_9.16.22-1~deb11u1_amd64.buildinfo Files: 13aba6dadeb140f267751763ee01bae9 3024 net optional bind9_9.16.22-1~deb11u1.dsc 6a45478b33c04c830d4263635d8cd137 5059000 net optional bind9_9.16.22.orig.tar.xz 11efa6482d2b266ee8050feac0deb480 78052 net optional bind9_9.16.22-1~deb11u1.debian.tar.xz c22db222ddf7eaaa7296a04db83a237f 15195 net optional bind9_9.16.22-1~deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmF5r7hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcJ6EA//a02oVVJzVL5tA7Xjh61L8uYkLK7nl/tLOgOnuPOp9TOw++YWbhBMuN/f gL60Q5JiKp+U+uLdGaDVoIeJxp2e4QEpArZWNMKPksZ403fRir56S6+cYTQiMVVO /qMmGUFX2lh/7qbXFpy0UokTq+xtUu6MWWEh47umCqLNFfUfvj2d/SPg/wBqllur o4XEOffQCKuQNOOt11rSq6wdg25mWxEBlUAuFLOkkkdDOTeHggXkmXalMvFQieGs UKHtpkQpCZRuyOku/7BwUql9Ge0o34zUXB6mPwGDUUGhnOVOungMSlf/7CmChhyr R3XAcT4w0JVPcqZ3PXAPn611A0GOsyb9OBeqYg6DG3eJFJ2FS2oXfOjzq9fyZjb2 nuhLFkCOYRnA1zFFcpNBP7reyBQppuuFPYLNuJG8TxGp5XPxLxZL4MxZ+Mxcegz0 QX3qAmCaAPwhJhXDFVZWfFfxSlTWV7yWb8ksaA9NwpSxtgYpAojBQVo7DFQjCQIq GDG9LLnJY/TsEGiQU65+3C0FFZ8KgfDM7gR6qLQrrcMGpZIExmg2hlXn7lqUHykx ujEbpRqW2F164tmjorCP6DIpXe9RKzRFF9t8njF9mBurVKW2kYNt5AvvJI6MJNec cKZiUQQG2Sl+qpfv9i0KaHMH/h14nJoWR7+28SAFpQd9MPlckAw= =yN6n -----END PGP SIGNATURE-----