Accepted bind9 1:9.16.15-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 29 Apr 2021 09:11:32 +0200
Source: bind9
Architecture: source
Version: 1:9.16.15-1
Distribution: unstable
Urgency: high
Maintainer: Debian DNS Team <team+dns@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Closes: 987741 987742 987743
Changes:
bind9 (1:9.16.15-1) unstable; urgency=high
.
* New upstream version 9.16.15 (Closes: #987741, #987742, #987743)
+ CVE-2021-25214: A malformed incoming IXFR transfer could trigger an
assertion failure in ``named``, causing it to quit abnormally.
+ CVE-2021-25215: ``named`` crashed when a DNAME record placed in the
ANSWER section during DNAME chasing turned out to be the final
answer to a client query.
+ CVE-2021-25216: When a server's configuration set the
``tkey-gssapi-keytab`` or ``tkey-gssapi-credential`` option, a
specially crafted GSS-TSIG query could cause a buffer overflow in
the ISC implementation of SPNEGO (a protocol enabling negotiation of
the security mechanism used for GSSAPI authentication).
* Add patches to implement I-D draft-hardaker-dnsop-nsec3-guidance
Checksums-Sha1:
5f9d70519d693dbbf48c18ec7fa8da726810e10c 3236 bind9_9.16.15-1.dsc
5d68bbd1ff452708d45f2d4ef832faa3a1690fc7 5025688 bind9_9.16.15.orig.tar.xz
4926e0c0f0f2b667cf021a1f857f97b6280c8d1c 833 bind9_9.16.15.orig.tar.xz.asc
7c07b37263e067be9b08305982ef76f8bc67a94b 89700 bind9_9.16.15-1.debian.tar.xz
631b63a5be9a133fe2b35e3a2bc57a2dde7ff04f 15062 bind9_9.16.15-1_amd64.buildinfo
Checksums-Sha256:
758b08d2917f3610bdc0b481fa81540bd29b1052de8721cbb99ab379ba3d7036 3236 bind9_9.16.15-1.dsc
98b6f432d878a7bf8f57eb7b3c28be27278cf6b9989154bfe6c81104b38e7839 5025688 bind9_9.16.15.orig.tar.xz
55628031d8c5697707e1f8ad3d8033f72ffb987cdc392d578ec4bc89c968822e 833 bind9_9.16.15.orig.tar.xz.asc
8af2c74d4a1a6ea8e3d8cc88b14248d9b447711da9dda3ce6eaee0edd485d87b 89700 bind9_9.16.15-1.debian.tar.xz
3f92cec2331f52a55d923d3e1202b8c60f3028b59b396e29f34696dbcdcb79a0 15062 bind9_9.16.15-1_amd64.buildinfo
Files:
43334d6c45321a1dc5f355a446979657 3236 net optional bind9_9.16.15-1.dsc
6c6e5bb21763161bc68665b8729b3630 5025688 net optional bind9_9.16.15.orig.tar.xz
a2e6a9234cd8726fd389e82dea656fec 833 net optional bind9_9.16.15.orig.tar.xz.asc
61004a2ae5bb8a04e7137c188a5ccb5f 89700 net optional bind9_9.16.15-1.debian.tar.xz
6e225c8fbbbb2db806eb1ad895165d44 15062 net optional bind9_9.16.15-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmCKeENfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcI9pw//f8nlyKjLDpty4Sr6U9fNK6sWUu4dGPuvh5pQvx2pnH9sigExMqnlWkfe
lzqVvB02ywc+R7V63N5DzKLzbY/vLg0DPc4qLPMInw7wjFFul4rGNZ67noJlxgye
Kkr/cxRaPHs2LKIeGOiRcmrJwphl25mPPMAzT/rF6JwobyjlOc9DB6hMDt/14rEO
afQdy5pPrIb+8ExykS+2beKUuMhNA0rGu/cuSq8x08nZP3K7Snd2ZmcMrlAnut8K
AroNxBIZYaUefXn345/M/ocYFYH35yN041nMhxCUYWJQMPKfsKjeniH1Kxvmobnn
JxnaSXd2Jw4ZTxsdckJ33c3eruRaoYTBX6Bi+POrObiW3vDed6xC5izvQXW8qWO8
JpY6xOPgVX6HCpX7fVZ/ryE/p1HgZWPvBIi6izAggRm8YaMAjmGv7sVDFOL6obXm
aYYff+Hq9eHoYtT4jjZBaUjZQR4W+VT4kxmA8qahUqtNgl4Ue7axierF64NEfYb0
/EJRbaUlz457rF6U6PLFvjLmRwKxaqOwcoQg6HQ9HPYWjsxgciwhDWoSoKUUvgKg
PX4eQp+5r9L4SRV88wdKuLtUFlMyAH2jOnXQyfLqIWfsKrDJTAWWqVxDed5CHAbn
0jWGRCXxBBVdzbDs5TzojbD0S2MLiR0RiESeLINgyJJDlaTSLww=
=gcxm
-----END PGP SIGNATURE-----
Reply to: