Univention Bugzilla – Bug 57301
bind9: Multiple issues (5.0)
Last modified: 2024-05-22 13:00:18 CEST
New Debian bind9 1:9.11.5.P4+dfsg-5.1+deb10u11A~5.0.7.202405201000 fixes: This update addresses the following issues: 1:9.11.5.P4+dfsg-5.1+deb10u11 (Fri, 17 May 2024 12:43:53 -0300) * Non-maintainer upload by the LTS Team. [ Ola Lundqvist ] * CVE-2023-50387 and CVE-2023-50868 Specific DNS answers could cause a denial-of-service condition due to DNS validation taking a long time. (CVE-2023-50387) The same code change also addresses another problem: preparing NSEC3 closest encloser proofs could exhaust available CPU resources. (CVE-2023-50868) [ Santiago Ruano Rincón ] * Add debian/gbp.conf to match buster branches * Correct the use of the debian revision in the newly added symbols in libdns1104.symbols
--- mirror/ftp/pool/main/b/bind9/bind9_9.11.5.P4+dfsg-5.1+deb10u10A~5.0.6.202402081617.dsc +++ apt/ucs_5.0-0-errata5.0-7/source/bind9_9.11.5.P4+dfsg-5.1+deb10u11A~5.0.7.202405211119.dsc @@ -1,4 +1,4 @@ -1:9.11.5.P4+dfsg-5.1+deb10u10A~5.0.6.202402081617 [Thu, 08 Feb 2024 16:17:43 +0100] Univention builddaemon <buildd@univention.de>: +1:9.11.5.P4+dfsg-5.1+deb10u11A~5.0.7.202405211119 [Tue, 21 May 2024 11:19:55 -0000] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 0001-Bug-22478-build-bind-with-libdb4.8.patch @@ -19,6 +19,24 @@ 0017-Bug-51786-fix-apparmor-profile.patch 0018-Bug-55163-fix-resolver-priming-query.quilt +1:9.11.5.P4+dfsg-5.1+deb10u11 [Fri, 17 May 2024 12:43:53 -0300] Santiago Ruano Rincón <santiago@freexian.com>: + + * Non-maintainer upload by the LTS Team. + + [ Ola Lundqvist ] + * CVE-2023-50387 and CVE-2023-50868 + Specific DNS answers could cause a denial-of-service + condition due to DNS validation taking a long time. + (CVE-2023-50387) + The same code change also addresses another problem: + preparing NSEC3 closest encloser proofs could exhaust + available CPU resources. (CVE-2023-50868) + + [ Santiago Ruano Rincón ] + * Add debian/gbp.conf to match buster branches + * Correct the use of the debian revision in the newly added symbols in + libdns1104.symbols + 1:9.11.5.P4+dfsg-5.1+deb10u10 [Mon, 29 Jan 2024 22:03:02 +0100] Thorsten Alteholz <debian@alteholz.de>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/5.0-7/#7470781319620409179>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-7] cd4f00d5f3 Bug #57301: bind9 1:9.11.5.P4+dfsg-5.1+deb10u11A~5.0.7.202405211119 doc/errata/staging/bind9.yaml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) [5.0-7] 2aac3aad2d Bug #57301: bind9 1:9.11.5.P4+dfsg-5.1+deb10u11A~5.0.7.202405211119 doc/errata/staging/bind9.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x1051>