-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 20 Mar 2022 16:37:51 +0100 Source: bind9 Architecture: source Version: 1:9.16.27-1~deb11u1~bpo10+1 Distribution: buster-backports Urgency: high Maintainer: Debian DNS Team <team+dns@tracker.debian.org> Changed-By: Bernhard Schmidt <berni@debian.org> Changes: bind9 (1:9.16.27-1~deb11u1~bpo10+1) buster-backports; urgency=high . * Rebuild for bullseye-backports. . bind9 (1:9.16.27-1~deb11u1) bullseye-security; urgency=high . * New upstream version 9.16.27 * CVE-2022-0396: A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer() to be called recursively, which in turn left TCP connections hanging in the CLOSE_WAIT state blocking indefinitely when out-of-order processing was disabled. * CVE-2021-25220: The rules for acceptance of records into the cache have been tightened to prevent the possibility of poisoning if forwarders send records outside the configured bailiwick * Remove patch to fix sphinx-build failure (fixed upstream) Checksums-Sha1: a4905e69715f09ac4ae7d016b13b6f3d8a972ed5 3195 bind9_9.16.27-1~deb11u1~bpo10+1.dsc 29cfd63b5229bc95022d0e13f551d6bce4ef4dd1 5084340 bind9_9.16.27.orig.tar.xz 3b7b13ef8ad7a340afa1751c8c606207ade8f72c 874 bind9_9.16.27.orig.tar.xz.asc c10dbac11a5f57dccb85e53416b612cc744b8b26 78096 bind9_9.16.27-1~deb11u1~bpo10+1.debian.tar.xz 3faee446c9bcb6f55b77c2b8a93c1e85df1d6226 6469 bind9_9.16.27-1~deb11u1~bpo10+1_source.buildinfo Checksums-Sha256: 961d64fdbd1793823ecc0359bdcbc80989ca4d81091aa65bdc49fd3e02e03d9f 3195 bind9_9.16.27-1~deb11u1~bpo10+1.dsc 90902aaf104c81019d75d6f8b2f7ec40fcd249406f894b44e4a9c6b5e08bf566 5084340 bind9_9.16.27.orig.tar.xz 54bef52d67a123d19b7df8be52237215ae26c2a27193d5cea0d8dc403272606b 874 bind9_9.16.27.orig.tar.xz.asc 5fb263cb96bd3df94704a53c01284057cc5b4dde307978f227e1f06a1bbc8fa5 78096 bind9_9.16.27-1~deb11u1~bpo10+1.debian.tar.xz 8e1789cd700fb62a69cb23474dfa3c04811a1915cf36b2cd5b644848fa506d62 6469 bind9_9.16.27-1~deb11u1~bpo10+1_source.buildinfo Files: db6296e797469c7d6212e75941a2916c 3195 net optional bind9_9.16.27-1~deb11u1~bpo10+1.dsc db71eecaf698660da37581c42ce9f904 5084340 net optional bind9_9.16.27.orig.tar.xz 46d3f2d80e2d027220fb30a846061761 874 net optional bind9_9.16.27.orig.tar.xz.asc 39a60d3ab21840020b87329d4fcb6a9f 78096 net optional bind9_9.16.27-1~deb11u1~bpo10+1.debian.tar.xz 6c5c94457a4dcc7aae3428194247fcbd 6469 net optional bind9_9.16.27-1~deb11u1~bpo10+1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAmI3j94RHGJlcm5pQGRl Ymlhbi5vcmcACgkQd1B55bhQvJP6hhAApnAf5Va+F1yusTRs1RqHOl3dpaUSj7HR sXr/eAgTR6lksnVwqhmrPF7MXnKwx3ZHKjzzcVD+Wfnh4hr/WFmtRUpRu6kVvp2l fzpMBo/y2t9MXWW6zSdwB2TRQwLHL8fcZY3FsVzn9QpBGMyCEPxsjRJfwJL9radl 0SV88/d8VB0MsOs9khde7yf6g0y/ifUOM9BFXC0G2CHYlv2zj3DmbW+gYzey+1Ix hAsPU7Clw4CsOWSF5SqSsrYdjjf60zNrr2uC3rJdfpNRHIGZoyM7dB7Db7I8PmhS 0eO82bt/8Z7izVP/bwktCVt+6t8VRlXK/8KWvjxo4wDjFCMmA6x2E3CjupjXcPzb qHS0oGaxDVzEaC6d7HLQl1pXJ6lc3OaypdQ/oUxQ0/EZFyNQ92nKkStXrkmaKldd KWRw8o0toGsEiNtBaS6G7iltaNtgA+LtScOtEhuOuNO//WDNPBQGxacT4gNDFi5b GxoeWuP+wuOT676zcbvASMSBIyFDO3XpLakAGuQCNcLydceAX6eXTUemFCoQKvrw AO7rKtWpeu6h6lgKvi60fXTEkIOdn4YykbU1GL7ieTYKKXTxJ4ra14YA1n8ZW1Ip ZMxnRI1lKZd4+ovlCScQBnFAxCWsKnVGXq558sDSKvYeh6gOCw8NTbmdVzbljcgB nqBXksNb0AM= =hSpL -----END PGP SIGNATURE-----