Univention Bugzilla – Bug 51926
bind9: Multiple issues (4.4)
Last modified: 2020-09-02 11:40:04 CEST
New Debian bind9 1:9.10.3.dfsg.P4-12.3+deb9u7A~4.4.5.202008301702 fixes: This update addresses the following issues: * truncated TSIG response can lead to an assertion failure (CVE-2020-8622) * remotely triggerable assertion failure in pk11.c (CVE-2020-8623)
--- mirror/ftp/4.4/unmaintained/4.4-5/source/bind9_9.10.3.dfsg.P4-12.3+deb9u6A~4.4.4.202005250914.dsc +++ apt/ucs_4.4-0-errata4.4-5/source/bind9_9.10.3.dfsg.P4-12.3+deb9u7A~4.4.5.202008301702.dsc @@ -1,4 +1,4 @@ -1:9.10.3.dfsg.P4-12.3+deb9u6A~4.4.4.202005250914 [Mon, 25 May 2020 09:14:59 +0200] Univention builddaemon <buildd@univention.de>: +1:9.10.3.dfsg.P4-12.3+deb9u7A~4.4.5.202008301702 [Sun, 30 Aug 2020 17:05:14 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 0001-Bug-22478-build-bind-with-libdb4.8 @@ -17,6 +17,17 @@ 0014-Bug-42389-Fix-crash-on-shutdown 0016-Bug-46526-Fix-memory-leak +1:9.10.3.dfsg.P4-12.3+deb9u7 [Wed, 26 Aug 2020 20:03:02 +0200] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2020-8622 + Crafted responses to TSIG-signed requests could lead to an assertion + failure, causing the server to exit. This could be done by malicious + server operators or guessing attackers. + * CVE-2020-8623 + An assertions failure, causing the server to exit, can be exploited by + a query for an RSA signed zone. + 1:9.10.3.dfsg.P4-12.3+deb9u6 [Thu, 14 May 2020 13:00:44 +0200] Ondřej Surý <ondrej@debian.org>: * [CVE-2020-8616]: Fix NXNSATTACK amplification attack on BIND 9 <http://10.200.17.11/4.4-5/#8151361931159110737>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-5] 06b8adfa81 Bug #51926: bind9 1:9.10.3.dfsg.P4-12.3+deb9u7A~4.4.5.202008301702 doc/errata/staging/bind9.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) [4.4-5] 9855c58698 Bug #51926: bind9 1:9.10.3.dfsg.P4-12.3+deb9u7A~4.4.5.202008301702 doc/errata/staging/bind9.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x727>