-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 23 Jul 2024 15:15:18 +0200 Source: bind9 Binary: bind9-doc bind9utils dnsutils Architecture: all Version: 1:9.16.50-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Ondřej Surý Description: bind9-doc - Documentation for BIND 9 bind9utils - Transitional package for bind9-utils dnsutils - Transitional package for bind9-dnsutils Changes: bind9 (1:9.16.50-1~deb11u1) bullseye-security; urgency=high . * Backported from BIND 9.18.28 + CVE-2024-1737: It is possible to craft excessively large resource records sets, which have the effect of slowing down database processing. This has been addressed by adding a fixed limit to the number of records that can be stored per name and type in a cache or zone database. + CVE-2024-1737: It is possible to craft excessively large numbers of resource record types for a given owner name, which has the effect of slowing down database processing. This has been addressed by adding a fixed limit to the number of records that can be stored per name and type in a cache or zone database. + CVE-2024-1975: Validating DNS messages signed using the SIG(0) protocol could cause excessive CPU load, leading to a denial-of-service condition. Support for SIG(0) message validation was removed from this version. + CVE-2024-4076: Due to a logic error, lookups that triggered serving stale data and required lookups in local authoritative zone data could have resulted in an assertion failure. Checksums-Sha1: 312604311860ee947fbeafc3db8fafbb1c018329 5153612 bind9-doc_9.16.50-1~deb11u1_all.deb 3536cd6e610a7593a9f81c919e2892f961d6d12b 11634 bind9_9.16.50-1~deb11u1_all-buildd.buildinfo 6afab1f96d6c8c089163ad143af203cd48248db4 270284 bind9utils_9.16.50-1~deb11u1_all.deb 55b1bd4a502ffb69764dbb29906569e5b173afa9 270280 dnsutils_9.16.50-1~deb11u1_all.deb Checksums-Sha256: 907abd59f75b4bc10e7649daa1c740bd415ad347f7073678758ece78e70d73a5 5153612 bind9-doc_9.16.50-1~deb11u1_all.deb f453be5b4098d55d2c10e435d0292d20d45ccbe76e43f4ed4857aa1fe66d4135 11634 bind9_9.16.50-1~deb11u1_all-buildd.buildinfo 64af4d7b3e4ce15d2f91f7dd65c50cfe913949afc784bb374ee96f84d7e10305 270284 bind9utils_9.16.50-1~deb11u1_all.deb 5bd71ea14016d6f466d95689ae33b853400505c7c5c8464d54d7be9b4d5b6d8c 270280 dnsutils_9.16.50-1~deb11u1_all.deb Files: d0e5a43c5df89a99a91c671c99301a8e 5153612 doc optional bind9-doc_9.16.50-1~deb11u1_all.deb 3991f603583feb9efd89773aee496539 11634 net optional bind9_9.16.50-1~deb11u1_all-buildd.buildinfo ec55c3999bd2fafcf19de698fc3362d5 270284 oldlibs optional bind9utils_9.16.50-1~deb11u1_all.deb 048219042c21c55cf72eadcbfb27be11 270280 oldlibs optional dnsutils_9.16.50-1~deb11u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmaf8REACgkQ4cagXJhO TXvyXA//fmalmhBHlaJJ31PSutzbBw3zJNVWUo8TpU7SefssUHL7J2Ybzm8uv4ZF nK19KMfuAI6CrbaG0W3irDFOB7K4q/1Nc9Pvg0zZ0Bo3b0FG0j6nmMH1OIdgRcHm mwO1/UicWQ9H0/rfqDLO8BiUcBlaThLO4o1jmQBvwADGOCpuRnX6UqjvURFg6gA2 8wzMVKwbOu4hUenxP898gGaIpmap8BrfAb9Bg2PxGndRA4T/G7JHWUXgvY9XmpX1 /Q7/omSQUFpgGfGlypdvfqxiw04+8jkpmEx8H49psRrpIdItsmyfxIkc80S0w7Jk nSvteZXoZUnMnSwwfl6uuVZt4qfQY+D1fpdMLZzGGiqAiDFPDvKjaGrAC6e9e0TX oJTdtoxZX1c2V3mF4bPOjtD9ycnHiKHrh+x+1yc9F9JrCFGiwf5MwHbo+1IobUof VsFA11fCmdboGSQsvYa7ut9ry532r1/RPXNZ2irYgZ5c1jp+2EdT9QNkzqDCfvqE sqQZts6tMk8bwfEa6LvpJ7oDaMO2WzO2xJdyL3XcQcCx4rn1ljoAp6fZ79xNnMtW TzURhQL5QWblmiWZ5JxnHE1ABq8dyl3JbrHNFSSnJyfA5/o28Z7gr3JCuc+1iiZP CoIgX2VSwqmhMKkmI8rWeeugFR2Vxb+7lJT8l506BhxJap1RPk4= =jN7D -----END PGP SIGNATURE-----