-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 21 Sep 2022 12:48:36 +0200 Source: bind9 Architecture: source Version: 1:9.18.7-1 Distribution: unstable Urgency: medium Maintainer: Debian DNS Team <team+dns@tracker.debian.org> Changed-By: Ondřej Surý <ondrej@debian.org> Changes: bind9 (1:9.18.7-1) unstable; urgency=medium . * New upstream version 9.18.7 - CVE-2022-2795: Processing large delegations may severely degrade resolver performance - CVE-2022-2881: Buffer overread in statistics channel code - CVE-2022-2906: Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only) - CVE-2022-3080: BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly - CVE-2022-38177: Memory leak in ECDSA DNSSEC verification code - CVE-2022-38178: Memory leaks in EdDSA DNSSEC verification code Checksums-Sha1: b65f5e5eb517a61d6d61fbc2ba865dd7a4d0be70 3268 bind9_9.18.7-1.dsc 18a648d21f399220dfd3d95dfd359fca58a3b548 5626820 bind9_9.18.7.orig.tar.xz 31afba84d3fd9608db3270989608d62caf8c2f91 833 bind9_9.18.7.orig.tar.xz.asc cecfc9efdecc240800f5914a14ae4da7431f9b65 79456 bind9_9.18.7-1.debian.tar.xz 00e78456bd5ec95ac9901ba84732dbfb3eacc5b4 15316 bind9_9.18.7-1_amd64.buildinfo Checksums-Sha256: 9011d9c82efdd9e5d201ba0a5979ba89d705849f8cf711cb2ec9399e26044a11 3268 bind9_9.18.7-1.dsc 9e2acf1698f49d70ad12ffbad39ec6716a7da524e9ebd98429c7c70ba1262981 5626820 bind9_9.18.7.orig.tar.xz b2a3f2f4df04a715efa13da4837ff4f29aa01700d341ce8078fafe9747b62246 833 bind9_9.18.7.orig.tar.xz.asc f1a1aba86ac49ee94d03f66e0c84e64420c06959a645e6fa2de0ca61d7794e21 79456 bind9_9.18.7-1.debian.tar.xz 1a6d47a483e30115a978f2e31f3e90d1ceee2dc39d41a57e90a09b7681b95169 15316 bind9_9.18.7-1_amd64.buildinfo Files: 4420165870472146e35a3845a88b7c49 3268 net optional bind9_9.18.7-1.dsc 50424bcd9c2c1a84ac32b400bc70cf3a 5626820 net optional bind9_9.18.7.orig.tar.xz 65ce615b9785e2f5d52d1e8f4b1ecb37 833 net optional bind9_9.18.7.orig.tar.xz.asc 90a77937feb962e2592807a6dfefd877 79456 net optional bind9_9.18.7-1.debian.tar.xz 20d644705196f7abb0a25a5382caed64 15316 net optional bind9_9.18.7-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKSBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmMq7mZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcKT4g/4pxr1TjHKaJmV+2oZZKBb8Ef+V+gzuuf06POzqS+vCFpq5BF9dWEXytPY 9OToaZEov0gRu812iTWdhE00gLUpSKYQB1IVCGxSIJwDfanDl7bkIfhRjl17AkTf PkBJ877fAo+qEMkcrASuNby5SQJRvKqeFyydnVBElMWGJvLVjELTyg3EFV4Uggk0 NqTEDboB5p6nLNPrb/U9irLWggopA1+Akfu/E8mbGmx7w8OAfCGYYRqZZqCxO3VE 6NxJO153TSqBgLYlM5+v82oJtIzvhIz0Q9RqrOT+9RUsFrmruX5T6BuXELbCEYzm xSW1B6wf1/pm6urYWUWogA37f3nv8KYwHR6bllM15HYEJs0/VTKlC56mdJOH0Awl 3JJaezw0HFinO93R/JguJV0ejtFgZ1QHD2i30PRjPt0wY1hnaprp49UnTR4Gzh4N VuDG51FHQTAiO44DeWCedUcP1TllwqdFcxuBSxCsKBmbP51pxxE2KXjbDIx4lm9i TaGSCqm9Or5am3uIWzFuZThrLgN2egKoh4opVSrqvKG6FPnuCmnzGfjg3h2TqpX0 J1BBEMSRfYV7qCpAbcwAIdfUvXJXE2qmzO3tB4XBO8vAxk5pdP4APlq1bB/Khtuc 9+1hGnHysEIb1l+5NDPyts9Nfo5MTruL0pJ+isZQeQeCegsmkA== =O+CK -----END PGP SIGNATURE-----