-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 19 Jan 2017 04:03:28 +0000 Source: bind9 Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-140 libdns162 libirs141 libisc160 liblwres141 libisccc140 libisccfg140 dnsutils lwresd libbind-export-dev libdns-export162 libdns-export162-udeb libisc-export160 libisc-export160-udeb libisccfg-export140 libisccc-export140 libisccc-export140-udeb libisccfg-export140-udeb libirs-export141 libirs-export141-udeb Architecture: source Version: 1:9.10.3.dfsg.P4-11 Distribution: unstable Urgency: medium Maintainer: LaMont Jones <lamont@debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: bind9 - Internet Domain Name Server bind9-doc - Documentation for BIND bind9-host - Version of 'host' bundled with BIND 9.X bind9utils - Utilities for BIND dnsutils - Clients provided with BIND host - Transitional package libbind-dev - Static Libraries and Headers used by BIND libbind-export-dev - Development files for the exported BIND libraries libbind9-140 - BIND9 Shared Library used by BIND libdns-export162 - Exported DNS Shared Library libdns-export162-udeb - Exported DNS library for debian-installer (udeb) libdns162 - DNS Shared Library used by BIND libirs-export141 - Exported IRS Shared Library libirs-export141-udeb - Exported IRS library for debian-installer (udeb) libirs141 - DNS Shared Library used by BIND libisc-export160 - Exported ISC Shared Library libisc-export160-udeb - Exported ISC library for debian-installer (udeb) libisc160 - ISC Shared Library used by BIND libisccc-export140 - Command Channel Library used by BIND libisccc-export140-udeb - Command Channel Library used by BIND (udeb) libisccc140 - Command Channel Library used by BIND libisccfg-export140 - Exported ISC CFG Shared Library libisccfg-export140-udeb - Exported ISC CFG library for debian-installer (udeb) libisccfg140 - Config File Handling Library used by BIND liblwres141 - Lightweight Resolver Library used by BIND lwresd - Lightweight Resolver Daemon Closes: 828082 831796 839010 842858 848519 851062 851063 851065 Changes: bind9 (1:9.10.3.dfsg.P4-11) unstable; urgency=medium . * Fix some lintian warnings. * Add lsb-base dependency to lwresd (closes: #848519). * Fix CVE-2016-2775: crash in lwresd due to a long query name (closes: #831796). * Fix CVE-2016-2776: maliciously crafted query can cause named to crash (closes: #839010). * Fix CVE-2016-8864: incorrect handling of a DNAME record can cause named to crash (closes: #842858). * Fix CVE-2016-9131: maliciously crafted response to an ANY query can cause named to crash (closes: #851065). * Fix CVE-2016-9147: query with contradictory DNSSEC information can cause named to crash (closes: #851063). * Fix CVE-2016-9444: maliciously formed DNSSEC Delegation Signer (DS) record can cause named to crash (closes: #851062). * Openssl 1.1 is not yet supported, so build with openssl 1.0 for now (closes: #828082). . [ LaMont Jones ] * Update VCS fields in control. * -DDIG_SIGCHASE got dropped by the change in hardening. . [ Stefan Bader ] * Use the defaults file in systemd. Checksums-Sha1: ab07401804633455b7306f1e1339ba5ea4fd3e49 4445 bind9_9.10.3.dfsg.P4-11.dsc 4b7a849cd74c4fe16a10086c5bf20851f1929e2f 72400 bind9_9.10.3.dfsg.P4-11.debian.tar.xz Checksums-Sha256: 1b88dbe9dadc24cc929cd918a800d5d459f46cac6cbdb4d27e4d79c04ab04cec 4445 bind9_9.10.3.dfsg.P4-11.dsc 057d64b8e6c6461186cba1aaae20ffe48d38642d2dedd08973055051e2cd823c 72400 bind9_9.10.3.dfsg.P4-11.debian.tar.xz Files: f46552b04e1d0f460ca47311eb7630f7 4445 net optional bind9_9.10.3.dfsg.P4-11.dsc 8922bc6f78cac01f0eb01bff879e5bac 72400 net optional bind9_9.10.3.dfsg.P4-11.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAliEXHQACgkQuNayzQLW 9HNQ8yAAgoz2iojLTstzL0j6cV5SYchsP4kgrMRzYmtZNo6B08g0gQYvtW8DTZqK fELXm7owiA2Becw5fup28bMHWh/LtscPRlZtLp+43RoiulLSpFideGbvMAgbUMWc +okm5x842vZ36SQvPUA3T163dLL4DzIOWQI41aJC2B0+0oScghJhmRwpQQNXuup5 ZHbgR7nHn1aex37gLsckuHrqRbZ8U9FmF/vZIzKr8zqR5Uga8S1BneTQpkW8HBv3 8AMCmgxeKk7PY0lrBiEAfEL+r39x/vP0DIP6huJ/QaIpH7S/WbK7xXx2AsZG2p+h fuSppUMxfcb07cBNB+zJ+QII+S9I2eNJFFqe+qH8eSkh3DdXoe8EmXnLf7FF/Cew 2NfGHzfz/2WQPkdkkO0Z+m+BrGNeqM9nD2m16StV6wK4/7u8Mwi/d4eJ+0hJ7D7S SafFK83IZbgJoHg5xyqHOM9j8q0VL52/As+VLtbUd5qaF3B8sgzrITp/Dkn2ZYvW VkAsGyuN8l+VQktNIP6h1AsW5UzHTv/o7O55hjzydJDGYL1ROt17ewB9RetnvTDi 9r6SwtRnxIyawR1+23z3VwwU3iPahKaBJKDUf1fclPXdYibNPS9Oqon1I1FtrNzI d5iYEs9R31aaBpDdqgiUBotZCeMgAU+s9O552cVMVPyaTnyY8eeFZePyOQAgWV+2 siLPGqlX7HTcASAxvmi5XRWvNwwPPs21RG3LPNv7QNDYZ8ZaNIwv5UtMi78nz/jF YTJotTcOYaAzp9P/AOhl7HuCQkj8leyq7D3/aZS3CoyNsrE++9j8n4PfpleiOYVp c9KlDTYevKTCFtr8Y2swOLheqJpswuAxVWT68bx2JAUSRI5lBmF83Qn+dHr7ckCi zLsNVv/+21hC6iGOL39jcOrRDx7VMTAWdv8dMeaiOW9jINmFBQDp10awM2KpTs7m SEnbpuQ0wHzHEHyNQCLYBaQe6C/pGNZh6rDEu8JxMbux6xQkzTZ136BZYwiBSWqD ++PXlwbeSx/2DaUhjIDgWprWgm9ywNLw0aBjP0V6u5tzu1rOsQ0oiQyxUyzOFo7t tP3f0bWxn8AvNFZIxdtFEFIQrJIl2TTPM1SRX4Msq5ZVuxAJkuF+hlOjhmV1QEE1 vqeii45CpEUmzE0bbi/K1MhHBC8aVUWwMmwEu9omr9OH4niXqLoelGhn5juXH0fk us40Z8qWtYTDcdkvWR+3aaes7nowR7IgEKBNSbs8YfOLh3719nwi0AyxavYiOUhY 4ACFkLFIOI9Pa958YaBpdpyYqXNJ5NLGHad4nQRmeEB07y5Ru/yg021V/8bH8K+2 eSB/q3fpOMqfcAA6KDbAodocv0NK/g== =f9Oz -----END PGP SIGNATURE-----