-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 23 Jul 2024 15:15:18 +0200
Source: bind9
Architecture: source
Version: 1:9.16.50-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian DNS Team <
team+dns@tracker.debian.org>
Changed-By: Ondřej Surý <
ondrej@debian.org>
Changes:
bind9 (1:9.16.50-1~deb11u1) bullseye-security; urgency=high
.
* Backported from BIND 9.18.28
+ CVE-2024-1737: It is possible to craft excessively large resource
records sets, which have the effect of slowing down database
processing. This has been addressed by adding a fixed limit to
the number of records that can be stored per name and type in a cache
or zone database.
+ CVE-2024-1737: It is possible to craft excessively large numbers of
resource record types for a given owner name, which has the effect of
slowing down database processing. This has been addressed by adding a
fixed limit to the number of records that can be stored per
name and type in a cache or zone database.
+ CVE-2024-1975: Validating DNS messages signed using the SIG(0)
protocol could cause excessive CPU load, leading to a
denial-of-service condition. Support for SIG(0) message validation
was removed from this version.
+ CVE-2024-4076: Due to a logic error, lookups that triggered serving
stale data and required lookups in local authoritative zone data could
have resulted in an assertion failure.
Checksums-Sha1:
55b5b549a57e42f75a572c3b1217aeae4154f291 3266 bind9_9.16.50-1~deb11u1.dsc
a10542aaabad60bbbb8d19efd43591c98c01c277 5134620 bind9_9.16.50.orig.tar.xz
b0da42f81f0cf61e3daeaa08a86abd78e73d3937 833 bind9_9.16.50.orig.tar.xz.asc
abad697fbd1982acdad317ca21190efd2a49645a 68232 bind9_9.16.50-1~deb11u1.debian.tar.xz
17b19ea30951f91cbab2da7e81a852429c5fd697 15395 bind9_9.16.50-1~deb11u1_amd64.buildinfo
Checksums-Sha256:
fb3438fd1ee2458a6ec4fa6b578a82e0f910aeeee342ce9eb19e1c35ba0d8a84 3266 bind9_9.16.50-1~deb11u1.dsc
816dbaa3c115019f30fcebd9e8ef8f7637f4adde91c79daa099b035255a15795 5134620 bind9_9.16.50.orig.tar.xz
ea439870e59cb3b415a64d1f19a302f5c362538e4918a09528b22529426b4cc6 833 bind9_9.16.50.orig.tar.xz.asc
bb49d68b02ce77e7f1ae15fd872cc74cc5688d6408a12d511f322900509a96cd 68232 bind9_9.16.50-1~deb11u1.debian.tar.xz
a27799de17b836ff2391bb85e363b38be34dcc2ed240f1060a77181496b05c51 15395 bind9_9.16.50-1~deb11u1_amd64.buildinfo
Files:
b54bde5e7da6275f7bcd414874290eee 3266 net optional bind9_9.16.50-1~deb11u1.dsc
0aa065323f039e413d234736a727c00e 5134620 net optional bind9_9.16.50.orig.tar.xz
7621fdb8536f44e0df9680c251aa9e95 833 net optional bind9_9.16.50.orig.tar.xz.asc
8cea19c5caa010683922307f48c507a6 68232 net optional bind9_9.16.50-1~deb11u1.debian.tar.xz
2bb1e733c60fe8f26fe51d06042ee81b 15395 net optional bind9_9.16.50-1~deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmaf6ilfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcKVug//YtVG6bjuBle/o/Q/rc4E5PpQG8wTmlkP9Hdq/8b02k72fBiaCojY6V6s gdXNDxnAZOd4aAUhUC7hfppsmG4NzzwMLuzszvibxmwkptwSU7x1fs7LohnJDxSy ZGScSValkuwCVzMXXgEzcd02uABVRnMsKS03KJopkBJ15aysFUKQhkQKH15cHAny ZdSvAif8m2hB3iFqZZJGllx5Kp7KYZJXbl5o9YUQ6Llb2r+VflV2XaN8asJBUgK8 91pxw+fdzFHflT9BKHqUD4HS8KINA2Ol2Zf4iuGdu3rrPR2cKO5h0jyzt2Y4uCZY RCn8RX3W8xtmPKqKx90aqAA3L8ajoccMAm6veDw9kyAF+eQzQpB3ztEiNLf0EGwK 7ZITbCkJvE+uqGcrZJigNJduVDnx+h1hYUGC+Tt4A0i0Dal2V+eVE/N6a6n1lbvF ZKRaIgVdiXOI7rICvdG2urDGSNRuiUUm6wePJkpr4Iiu78itHM5zLFQlRkDwVN1d jb0xqvAYg4U8Hkr6hxrFQ+gMXCCTugLjOU5aF9ccgnHXxF3lFBEZuEz2lleq3qpX 7N78MtakJesxXow4ZI6DcjFKogrpc9Pek1VteXjn47QdIuWedb9cZ6YpmECmePwy QBNnMPS0L14nn1qveJcKeDwoorBVyRLlCaRk8IqYVO3bIYIr7LQ=
=ei4n
-----END PGP SIGNATURE-----
--==============H19737193502969138=Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZrWw+gAKCRCb9qggYcy5 IYppAP46ob9z9kyyVH+rwiam3MJGJyaKTWy1MsrXRuyUsxq7cwEAuH4TRNLaL6rg 43HBsPqzmI6BNx2VcF32b0l2TQcWRQU=UYyk
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)