-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 30 Jun 2017 16:20:29 +0200 Source: bind9 Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-140 libdns162 libirs141 libisc160 liblwres141 libisccc140 libisccfg140 dnsutils lwresd libbind-export-dev libdns-export162 libdns-export162-udeb libisc-export160 libisc-export160-udeb libisccfg-export140 libisccc-export140 libisccc-export140-udeb libisccfg-export140-udeb libirs-export141 libirs-export141-udeb Architecture: source Version: 1:9.10.3.dfsg.P4-12.3+deb9u1 Distribution: stretch-security Urgency: high Maintainer: LaMont Jones <lamont@debian.org> Changed-By: Yves-Alexis Perez <corsac@debian.org> Description: bind9 - Internet Domain Name Server bind9-doc - Documentation for BIND bind9-host - Version of 'host' bundled with BIND 9.X bind9utils - Utilities for BIND dnsutils - Clients provided with BIND host - Transitional package libbind-dev - Static Libraries and Headers used by BIND libbind-export-dev - Development files for the exported BIND libraries libbind9-140 - BIND9 Shared Library used by BIND libdns-export162 - Exported DNS Shared Library libdns-export162-udeb - Exported DNS library for debian-installer (udeb) libdns162 - DNS Shared Library used by BIND libirs-export141 - Exported IRS Shared Library libirs-export141-udeb - Exported IRS library for debian-installer (udeb) libirs141 - DNS Shared Library used by BIND libisc-export160 - Exported ISC Shared Library libisc-export160-udeb - Exported ISC library for debian-installer (udeb) libisc160 - ISC Shared Library used by BIND libisccc-export140 - Command Channel Library used by BIND libisccc-export140-udeb - Command Channel Library used by BIND (udeb) libisccc140 - Command Channel Library used by BIND libisccfg-export140 - Exported ISC CFG Shared Library libisccfg-export140-udeb - Exported ISC CFG library for debian-installer (udeb) libisccfg140 - Config File Handling Library used by BIND liblwres141 - Lightweight Resolver Library used by BIND lwresd - Lightweight Resolver Daemon Changes: bind9 (1:9.10.3.dfsg.P4-12.3+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * debian/patches: - debian/patches/CVE-2017-3142+CVE-2017-3143 added, fix TSIG bypasses CVE-2017-3142: error in TSIG authentication can permit unauthorized zone transfers. An attacker may be able to circumvent TSIG authentication of AXFR and Notify requests. CVE-2017-3143: error in TSIG authentication can permit unauthorized dynamic updates. An attacker may be able to forge a valid TSIG or SIG(0) signature for a dynamic update. Checksums-Sha1: 87d549996647e81402cb96a566ab9b4ad54d6a8c 3441 bind9_9.10.3.dfsg.P4-12.3+deb9u1.dsc 36d20fd54a67b1fbcb65277887bf150070207210 8641072 bind9_9.10.3.dfsg.P4.orig.tar.gz a6f16d92afbbd618c5cb30eb2dbdeba4c660ec73 84056 bind9_9.10.3.dfsg.P4-12.3+deb9u1.debian.tar.xz 2561e7f830890f09e2266debeb99dc39b2ca7fae 20637 bind9_9.10.3.dfsg.P4-12.3+deb9u1_amd64.buildinfo Checksums-Sha256: 85f1c3286e0476304ce064f3c614a4da8aa226e65cc626566061106dfaf0b80c 3441 bind9_9.10.3.dfsg.P4-12.3+deb9u1.dsc 895077c868d06eea39c1526624f2278a3b51a3358b5aa50f48a0f1c16a7ab6e6 8641072 bind9_9.10.3.dfsg.P4.orig.tar.gz eb9b493f87116257c13beb588fca2511b1e035d2e779f6b1f53a49ea74fb8978 84056 bind9_9.10.3.dfsg.P4-12.3+deb9u1.debian.tar.xz dbf55fc1632e8ddf683e5f047f914c794fdc7c5d9cd6719d1fd58fd538dd6f1d 20637 bind9_9.10.3.dfsg.P4-12.3+deb9u1_amd64.buildinfo Files: 2ce1b4b166e117104707b6fcf8a71691 3441 net optional bind9_9.10.3.dfsg.P4-12.3+deb9u1.dsc 909aa9f0c48b7c2d0d604ea78d9fc607 8641072 net optional bind9_9.10.3.dfsg.P4.orig.tar.gz 75c102ab27e1fc552e3959f4d3ca39de 84056 net optional bind9_9.10.3.dfsg.P4-12.3+deb9u1.debian.tar.xz 16260d244d0884e66737e8f30799980f 20637 net optional bind9_9.10.3.dfsg.P4-12.3+deb9u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEl0WwInMjgf6efq/1bdtT8qZ1wKUFAllWrCcACgkQbdtT8qZ1 wKWGbQf+LknhJNDGZbe8W/+ci0XESttXVb9OyoY+bqnLUnMm4/cm56SnNHjMhkzP swd2Kbe0pTt9unVPpLAJw9S1/gUEBsYFsJFiZt1xErQ05pnYaYL5SWOop156vm4U mbnNBXl3IikkTbP1SWJkxux16eMwm7gFMb98uuPsp0983VYeES4T8o8sckqfONzI IV0zW+lN8Y9GW6P3xlfDEY70NewXFoiPPPdUJ5Ql8kj4AMrOaSLTlSUuqx6rKC6I BTCdcRHYZpVSbnWIz73+AR0C7El5cBzeiHPEq0bysqr2Yuq4z2u7/4ZB9SQaYV9X 1nm6yLhsg1jy2Vm6qh4uGa4yYK6mcQ== =QR2/ -----END PGP SIGNATURE-----