-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 16 Jul 2024 17:22:50 +0200 Source: bind9 Architecture: source Version: 1:9.18.28-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian DNS Team <team+dns@tracker.debian.org> Changed-By: Ondřej Surý <ondrej@debian.org> Changes: bind9 (1:9.18.28-1~deb12u1) bookworm-security; urgency=high . * New upstream version 9.18.28 - CVE-2024-0760: A flood of DNS messages over TCP may make the server unstable - CVE-2024-1737: BIND's database will be slow if a very large number of RRs exist at the same name - CVE-2024-1975: SIG(0) can be used to exhaust CPU resources - CVE-2024-4076: Assertion failure when serving both stale cache data and authoritative zone content Checksums-Sha1: aa2e2891678a85d9715218b50ba59ecc09c14c93 3081 bind9_9.18.28-1~deb12u1.dsc 409ea591b16c93e9518bc3b33b76f29f20498abb 5533340 bind9_9.18.28.orig.tar.xz 7e0b5f8062b0a16afc1eef8646216684da3744ee 60940 bind9_9.18.28-1~deb12u1.debian.tar.xz ebd5c752522c85f1587cfedb95bce51705019cbf 15532 bind9_9.18.28-1~deb12u1_amd64.buildinfo Checksums-Sha256: b38547c57d926d01d02277f72b034e2bb5cf301f9f60706096c3e2ea86d85c77 3081 bind9_9.18.28-1~deb12u1.dsc e7cce9a165f7b619eefc4832f0a8dc16b005d29e3890aed6008c506ea286a5e7 5533340 bind9_9.18.28.orig.tar.xz db1e53306698c913ea28dafd75ca82b0c714fb3df37bd56d9c6db3ec08e69dea 60940 bind9_9.18.28-1~deb12u1.debian.tar.xz 82ca30bbb206254c436f3639396c6ab3ab1aca4475e7b9090609d0a0f9e8e97e 15532 bind9_9.18.28-1~deb12u1_amd64.buildinfo Files: 381fa605480992fc332d0251e72516f5 3081 net optional bind9_9.18.28-1~deb12u1.dsc 8fc27fb04e6760aee166a05c6ffd19d5 5533340 net optional bind9_9.18.28.orig.tar.xz 3c60c59fff7f4eca343760d1604f28bc 60940 net optional bind9_9.18.28-1~deb12u1.debian.tar.xz ed5e47fd695c58ee04f7d519c9bd8d17 15532 net optional bind9_9.18.28-1~deb12u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmaf5RlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcIOVRAArLg0dqhGRCwevmjW/kXN1NShqrcQ2NsfZMblN7PqgphUprquknfuyWiR mtv0bVAYOPeKTgu+XBPgvdXi5KAeFpk66LWc/HGQQk4grTpgc0II0lggAVC8Ih4X dW+ErOpeQHcfz/LpoRTqP32+BOKCjrewVaTmdlv6pTDSsd6s+kNrmcZUJUv7FUfj RJrMWztvfKbRw0Z+lDSWxpMbz7wn4xHT9wW24lExSSXxFWxwGJRlN2YQQcRBQKOs hswv5nDQ99Tqyrz6RCV1/6tw8HFj7U61uviinx1L0BUolD+9uramQ3wLzJ9NJAdM sHPm1YUhGW6z/xFyJdyJkSdngJ3HlFzS1UTC7JprNtH8BQZM/bSQe1QRHU/EJeRw brBxm9gfXuKksZAzxNUaqm+gngzqHfJsVm5R1slXh6jJrt+Y0cFbAGmMIMqNkAP8 cMz9kJPXiu9p1puFZ6CCO/ln0J4Km5gm+NcBurFxJ8f2XZEClBgw75b1z6ICHtvl kS6PKGKl2Nx8lFDRZ6LIRfZYX0zR+uNtMwAua5G7dSelbfgwP2k83DCJH6YvmsoY 5YIu1aEDwK49VBIAfZmdEJLzeE+KnwNDswG6XW5WJu1vNuF5ZttfV6zbKAeWzszv VwFDWg1+hCl/aq8Vs9o/5BfXI4v0m+1BSvjkbHVPdaWuh7IQjWo= =Qr/E -----END PGP SIGNATURE-----