-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 23 Jul 2024 15:15:18 +0200 Source: bind9 Binary: bind9 bind9-dbgsym bind9-dev bind9-dnsutils bind9-dnsutils-dbgsym bind9-host bind9-host-dbgsym bind9-libs bind9-libs-dbgsym bind9-utils bind9-utils-dbgsym Architecture: i386 Version: 1:9.16.50-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Ondřej Surý Description: bind9 - Internet Domain Name Server bind9-dev - Static Libraries and Headers used by BIND 9 bind9-dnsutils - Clients provided with BIND 9 bind9-host - DNS Lookup Utility bind9-libs - Shared Libraries used by BIND 9 bind9-utils - Utilities for BIND 9 Changes: bind9 (1:9.16.50-1~deb11u1) bullseye-security; urgency=high . * Backported from BIND 9.18.28 + CVE-2024-1737: It is possible to craft excessively large resource records sets, which have the effect of slowing down database processing. This has been addressed by adding a fixed limit to the number of records that can be stored per name and type in a cache or zone database. + CVE-2024-1737: It is possible to craft excessively large numbers of resource record types for a given owner name, which has the effect of slowing down database processing. This has been addressed by adding a fixed limit to the number of records that can be stored per name and type in a cache or zone database. + CVE-2024-1975: Validating DNS messages signed using the SIG(0) protocol could cause excessive CPU load, leading to a denial-of-service condition. Support for SIG(0) message validation was removed from this version. + CVE-2024-4076: Due to a logic error, lookups that triggered serving stale data and required lookups in local authoritative zone data could have resulted in an assertion failure. Checksums-Sha1: f7cf513d68bc72842a19c3140bfa1ccd75524bea 448484 bind9-dbgsym_9.16.50-1~deb11u1_i386.deb c28a1c013d92c1e498a72cd6e4db258c0c5c27e2 1931276 bind9-dev_9.16.50-1~deb11u1_i386.deb dc1971778a0cb256d46a678935cbfed64647f6e1 251352 bind9-dnsutils-dbgsym_9.16.50-1~deb11u1_i386.deb e31717bcd597b1336c1631df1966ab598b14ea43 414264 bind9-dnsutils_9.16.50-1~deb11u1_i386.deb 51cc1bbb82517e0dc81d56d31cd2aec5bd9b757d 70444 bind9-host-dbgsym_9.16.50-1~deb11u1_i386.deb 1baa8ca60977d658eba26772fbca5bce96a3e9d0 314680 bind9-host_9.16.50-1~deb11u1_i386.deb d110906cd790408756a153c3167f5bad2bf05471 2807308 bind9-libs-dbgsym_9.16.50-1~deb11u1_i386.deb 4ca24b78353458becb2a330d29353eed8305cdcc 1513204 bind9-libs_9.16.50-1~deb11u1_i386.deb 7e5c58b05543b4b8add8ab05a4d50f13b4959a80 231756 bind9-utils-dbgsym_9.16.50-1~deb11u1_i386.deb 85f39e7bead29d6cd0de00adc17e1fd0c836caa0 442604 bind9-utils_9.16.50-1~deb11u1_i386.deb 8a58ca4d7e703cfa9ffe5decbf15ddcb70a2a57a 10882 bind9_9.16.50-1~deb11u1_i386-buildd.buildinfo 4db98f7ae14c6be1d9cb251c7f7f86832d77bd01 513628 bind9_9.16.50-1~deb11u1_i386.deb Checksums-Sha256: d06a424f65d0f67c07da827f22db4b5073cd42aed345587f0b731707d2ff7fda 448484 bind9-dbgsym_9.16.50-1~deb11u1_i386.deb 8b7c76c52deaad7990ac4fb8340aed55fd12d9f9e2d39ad37661711877308034 1931276 bind9-dev_9.16.50-1~deb11u1_i386.deb 52710597362023ac379a8e53457068dde4a0481a0b562826854d721a0cb13ed9 251352 bind9-dnsutils-dbgsym_9.16.50-1~deb11u1_i386.deb 5120ad0a039c31dcb1e5405d77644c9fa3666877c450bf229ce40f6bb1903d63 414264 bind9-dnsutils_9.16.50-1~deb11u1_i386.deb 5a8db40476bc8a141fdd8dd3c321c10d32e7ea4798166e41aee2e767e484ce0b 70444 bind9-host-dbgsym_9.16.50-1~deb11u1_i386.deb 20f044ba499d43e27ac29e64ae054f3d7d8a5037d813644dbe6b2c07e7875d9c 314680 bind9-host_9.16.50-1~deb11u1_i386.deb bb1d10f1a8a7f9d5dbf766b70b77ec7cb434c0b8d3af91b4c807dd80aa27a90c 2807308 bind9-libs-dbgsym_9.16.50-1~deb11u1_i386.deb db6aa236c775f24e699a51cbb0bcb9124998030f47139456587e17e82e18ada0 1513204 bind9-libs_9.16.50-1~deb11u1_i386.deb 96188f27f7bd36e41f13120c940dbbf0fc6de6a0967ea43bd5b9abe838c92f85 231756 bind9-utils-dbgsym_9.16.50-1~deb11u1_i386.deb 2603c21a51df8cd3839050d0574a980eb6a372c1034e7949019af6b8faac0881 442604 bind9-utils_9.16.50-1~deb11u1_i386.deb f407b3b0ef01e09e0aef6c52034393fec25f13a5a52cddb87c08513593818721 10882 bind9_9.16.50-1~deb11u1_i386-buildd.buildinfo 4b5e06a6c050700fcc1857cd609da6bd61a6f94055e0d212f37517d7c642bb7e 513628 bind9_9.16.50-1~deb11u1_i386.deb Files: d88462ea43f7aa1f1ff823d587fec834 448484 debug optional bind9-dbgsym_9.16.50-1~deb11u1_i386.deb 3b99711146c4fe9afb00c6bb6c6bf115 1931276 devel optional bind9-dev_9.16.50-1~deb11u1_i386.deb b0ded438f670cf571e355162d2568265 251352 debug optional bind9-dnsutils-dbgsym_9.16.50-1~deb11u1_i386.deb 4dbab36d21f615a704c3405ec8d4edd0 414264 net standard bind9-dnsutils_9.16.50-1~deb11u1_i386.deb 079e9e14ff3ee821d82b8d494e64435c 70444 debug optional bind9-host-dbgsym_9.16.50-1~deb11u1_i386.deb 7ad3a1e1e21d02fcd6f94a2468dc29b9 314680 net standard bind9-host_9.16.50-1~deb11u1_i386.deb f4f0530409edbe45827535ff2e20e6b4 2807308 debug optional bind9-libs-dbgsym_9.16.50-1~deb11u1_i386.deb e5eb6b4ad7381577e8d464b17496019c 1513204 libs standard bind9-libs_9.16.50-1~deb11u1_i386.deb b38e311ba73a9ac03782507baeeb67ac 231756 debug optional bind9-utils-dbgsym_9.16.50-1~deb11u1_i386.deb 069f6890309748c671c54dc1edab2b4d 442604 net optional bind9-utils_9.16.50-1~deb11u1_i386.deb adb494ebc81b4a3a4632d026cc9ac210 10882 net optional bind9_9.16.50-1~deb11u1_i386-buildd.buildinfo 859dc737648c208dadae6430f5ab6fcc 513628 net optional bind9_9.16.50-1~deb11u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEyTfXx8sBpQ0Lh3cUU9a0/LcaTpMFAmaf8ToACgkQU9a0/Lca TpND3RAAhhqueyxtatrXpKqEKj296d+xW/F3FWHJaI0iWjcQqJf7nZnUS/MhOs8d sn1IqNlo59JcXAWlh5hh1mHd+7lU+HvxptcoyPQgi1oz78jY0FNu57W1TTYcHl2m yVLaVs3h/1uB7D7gBjtFjJb+Q8XnRqhJMeP9eY+qT3BeZMXFQiPBDlSR7DT3mume R9jysh5tgzSO2cupkz7C5I55JA2C130Oiu7v/DovUILvj6T3EaoAmDuDtrXw8JR6 i7gmb7QKcMrMHfHxw7LAj2wQ82/ADyHO4wFTKucSlnpEFaOgpH0HAEAmFfPoyAe5 qxN/unduMSgdoe8XXZCYLBOVrfK6iMtWLFNpZzd6sprMB535F5lOFAz8KTkVRlWw OkhM35B42i7VfsBAZ7Z/sMqvqyczldBFDVNexlL1gMB21nZVsk2Y/w+80bW2+AFV ove2zGV4sQBfIJsvW4CqCCD2jSWuy42ZCJww5tkMJfWwyT6gKQTSxwltJ/XmODW0 wfs4PjZEg2y5KY4Jq+DnSBNNTYNxqNn1u0YETGGD6PfZPu1DvUJ6IwMC05TIgYNz h6G77oETEf5Zh00lNosun844G/afP0r0W8MtqAQCOljQQkbJZhg0YZPCSpFDasyV GTI8rMbI3i0+UfKErT0FItaBhZ+1k9i+MV8BAakiQwQQyQY5C/o= =S7BE -----END PGP SIGNATURE-----