Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package bind for openSUSE:Factory checked in
at 2022-06-06 11:09:52
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/bind (Old)
and /work/SRC/openSUSE:Factory/.bind.new.1548 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bind"
Mon Jun 6 11:09:52 2022 rev:179 rq:980817 version:9.18.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/bind/bind.changes 2022-05-17
17:23:45.927134562 +0200
+++ /work/SRC/openSUSE:Factory/.bind.new.1548/bind.changes 2022-06-06
11:09:54.043253625 +0200
@@ -1,0 +2,42 @@
+Thu May 19 07:32:31 UTC 2022 - Josef M??llers <josef.moell...@suse.com>
+
+- Upgrade to 9.18.3:
+ Bugs fixed:
+ * Fix a crash in DNS-over-HTTPS (DoH) code caused by premature
+ TLS stream socket object deletion.
+ * RPZ NSIP and NSDNAME rule processing didn't handle stub and
+ static-stub zones at or above the query name. This has now
+ been addressed.
+ * Fixed a deadlock that could occur if an rndc connection arrived
+ during the shutdown of network interfaces.
+ * Refactor the fctx_done() function to set fctx to NULL after
+ detaching, so that reference counting errors will be easier to
+ avoid.
+ * udp_recv() in dispatch could trigger an INSIST when the
+ callback's result indicated success but the response was
+ canceled in the meantime.
+ * Work around a jemalloc quirk which could trigger an
+ out-of-memory condition in named over time.
+ * If there was a pending negative cache DS entry, validations
+ depending upon it could fail.
+ * dig returned a 0 exit status on UDP connection failure.
+ * Fix an assertion failure when using dig with +nssearch and
+ +tcp options by starting the next query in the send_done()
+ callback (like in the UDP mode) instead of doing that
+ recursively in start_tcp(). Also ensure that queries
+ interrupted while connecting are detached properly.
+ * Don't remove CDS/CDNSKEY DELETE records on zone sign when
+ using 'auto-dnssec maintain;'.
+ This obsoletes the following patch:
+ bind-define-local-instances-of-FALLTHROUGH-and-UNREACHABLE.patch
+ [CVE-2022-1183, bsc#1199619]
+
+-------------------------------------------------------------------
+Tue May 17 12:06:17 UTC 2022 - Josef M??llers <josef.moell...@suse.com>
+
+- An assertion failure can be triggered if a TLS connection to a
+ configured http TLS listener with a defined endpoint is destroyed too
+ early.
+ [CVE-2022-1183, bsc#1199619, CVE-2022-1183.patch]
+
+-------------------------------------------------------------------
Old:
----
bind-9.18.2.tar.xz
bind-9.18.2.tar.xz.sha512.asc
bind-define-local-instances-of-FALLTHROUGH-and-UNREACHABLE.patch
New:
----
bind-9.18.3.tar.xz
bind-9.18.3.tar.xz.sha512.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ bind.spec ++++++
--- /var/tmp/diff_new_pack.3wTAKu/_old 2022-06-06 11:09:54.799254719 +0200
+++ /var/tmp/diff_new_pack.3wTAKu/_new 2022-06-06 11:09:54.803254725 +0200
@@ -56,7 +56,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: bind
-Version: 9.18.2
+Version: 9.18.3
Release: 0
Summary: Domain Name System (DNS) Server (named)
License: MPL-2.0
@@ -75,7 +75,6 @@
# configuation file for systemd-sysusers
Source72: named.conf
Patch56: bind-ldapdump-use-valid-host.patch
-Patch57:
bind-define-local-instances-of-FALLTHROUGH-and-UNREACHABLE.patch
Patch58: bind-prevent-buffer-overflow.patch
BuildRequires: libcap-devel
BuildRequires: libopenssl-devel
++++++ bind-9.18.2.tar.xz -> bind-9.18.3.tar.xz ++++++
++++ 21939 lines of diff (skipped)
