-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 25 Jan 2023 16:22:22 +0100 Source: bind9 Architecture: source Version: 1:9.16.37-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian DNS Team <team+dns@tracker.debian.org> Changed-By: Ondřej Surý <ondrej@debian.org> Changes: bind9 (1:9.16.37-1~deb11u1) bullseye-security; urgency=high . * New upstream version 9.16.37 - CVE-2022-3094: An UPDATE message flood could cause named to exhaust all available memory. - CVE-2022-3736: named could crash with an assertion failure when an RRSIG query was received and stale-answer-client-timeout was set to a non-zero value. - CVE-2022-3924: named running as a resolver with the stale-answer-client-timeout option set to any value greater than 0 could crash with an assertion failure, when the recursive-clients soft quota was reached. Checksums-Sha1: a3b3d9fd5d801b9749607bee98855f4e90717591 3266 bind9_9.16.37-1~deb11u1.dsc 936f561ac991fbd909715fb2b2b1e1d178c9f898 5109440 bind9_9.16.37.orig.tar.xz 2942e250ac73bd67c92ee0962674cc3044d0ae52 833 bind9_9.16.37.orig.tar.xz.asc 9520a278d8d8c1d52bc5b6ed034d5413f8c2ab56 78716 bind9_9.16.37-1~deb11u1.debian.tar.xz 142a9f10c1c1ccc20d58c5d4cda861b2dd402c3d 15148 bind9_9.16.37-1~deb11u1_amd64.buildinfo Checksums-Sha256: bfd43568de7509289938f07a4bd2a162ded1292353b522fa1b2a63d71de08aa9 3266 bind9_9.16.37-1~deb11u1.dsc 0e4661d522a2fe1f111c1f0685e7d6993d657f81dae24e7a75dbd8db3ef2e2ab 5109440 bind9_9.16.37.orig.tar.xz 983358adca456af4c07378ce955063da8ed31f1d98062902ac24598ff90edc5f 833 bind9_9.16.37.orig.tar.xz.asc 850ff72527d0437fb648911199a52b33148d4a5d812e4c1f4af92ba01356972a 78716 bind9_9.16.37-1~deb11u1.debian.tar.xz d26d1a2763d79202796281df02add7286e748c5d761c738ff23a7f49cc102643 15148 bind9_9.16.37-1~deb11u1_amd64.buildinfo Files: dd2202bb8286de9765ac51437a443cbd 3266 net optional bind9_9.16.37-1~deb11u1.dsc 72c43e029f68a724005efe64cd18651e 5109440 net optional bind9_9.16.37.orig.tar.xz 58eb80efb1a42db81dcc258f76f9b6d1 833 net optional bind9_9.16.37.orig.tar.xz.asc d4cc55381b182847be9eaab02e76ed62 78716 net optional bind9_9.16.37-1~deb11u1.debian.tar.xz c780ca6dba51c0b230f15605a3645082 15148 net optional bind9_9.16.37-1~deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmPRS7xfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcK11w/9HPshLCdpRzyWiaPIy7hGuaQvIQ5Q35Nxalc3KjA/MQhRwI31VfItSB7h N0fxqinfGFGR3M0J7TdT1NJymPyMXHP2+BqUYes1HYK00Em4NHwmY4lcSr0x/Por dv84QQwxr3vRYIlzq6WYOsbHtYOSuBg7qd7sIl2dOm7qnKVdDcXAZ8jr3kGtDmsy 8VRqJ8dk0ZJXLhco/U0euxyjxjc2/8vhZdy9Jbmu6j88BAuK9tJ9UKPqMGptLWeW y1nZTS83yJBStgZRuXV7yyyBky9xNFyC6SJSt1i5Ca/FTpZeADOPWBg85TbBob7G byx5Zxd/DhIXPJB40t6CHQ6Cu9ywvD8Zr6CWkFzzVNk/4+0Dm1tMFCayH9aCdjnX 2j16Eh4qyO/s2KncnK7W/U6GnC/MZEikLdt3i8a5O9Zeut9SE21Q/pfRjrNtqwKI f3dwibIm68ORhSueWjMfUI3DWKa7vdZMqvE7bLJwFIyac2fQgOPN6sl956E5w6Xz zI+gQizk/I6ymhP9uFGJh1IrBgTX9msApjgxYJ5QbS/MFdSwKVDI8EdpY5bofDwU zS9NYajnqAIBtrhB6KxpukjYCkCr8ykyNVnECyrzOjRtdTpUdp7+7vSDUk2UR3Yv HGJaHi2E/TDYW2xY76Le2wmn01m2YT+FZ7XjWkHhzUAsr0IFrK4= =1GXO -----END PGP SIGNATURE-----