-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 14 Mar 2022 15:25:15 +0100 Source: bind9 Architecture: source Version: 1:9.16.27-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian DNS Team <team+...@tracker.debian.org> Changed-By: Ondřej Surý <ond...@debian.org> Changes: bind9 (1:9.16.27-1~deb11u1) bullseye-security; urgency=high . * New upstream version 9.16.27 * CVE-2022-0396: A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer() to be called recursively, which in turn left TCP connections hanging in the CLOSE_WAIT state blocking indefinitely when out-of-order processing was disabled. * CVE-2021-25220: The rules for acceptance of records into the cache have been tightened to prevent the possibility of poisoning if forwarders send records outside the configured bailiwick * Remove patch to fix sphinx-build failure (fixed upstream) Checksums-Sha1: 47c0ec824c82cd36853346a51786f58b77bf5ee5 3268 bind9_9.16.27-1~deb11u1.dsc 29cfd63b5229bc95022d0e13f551d6bce4ef4dd1 5084340 bind9_9.16.27.orig.tar.xz 3b7b13ef8ad7a340afa1751c8c606207ade8f72c 874 bind9_9.16.27.orig.tar.xz.asc 4d16034502ecb3cfd76f4c9c3c16d8ac526956a0 78044 bind9_9.16.27-1~deb11u1.debian.tar.xz d4f56888a7dacf44115a9168437306298a4cdda6 15287 bind9_9.16.27-1~deb11u1_amd64.buildinfo Checksums-Sha256: b338c6b655309d1a7ac37caa578b1378f613ea3cec99d8b5cd38e6f135b56633 3268 bind9_9.16.27-1~deb11u1.dsc 90902aaf104c81019d75d6f8b2f7ec40fcd249406f894b44e4a9c6b5e08bf566 5084340 bind9_9.16.27.orig.tar.xz 54bef52d67a123d19b7df8be52237215ae26c2a27193d5cea0d8dc403272606b 874 bind9_9.16.27.orig.tar.xz.asc 732eca7086ba9496248cb08ca5cf7e449cb81451c0afbe431ea9dc4fcfc6a263 78044 bind9_9.16.27-1~deb11u1.debian.tar.xz 30f4089199fb7883fc80655a645a96fc461ca1ad48ba3366f02288d1ebf59b8b 15287 bind9_9.16.27-1~deb11u1_amd64.buildinfo Files: c377a71243ff86c76585d2c8a129fcb9 3268 net optional bind9_9.16.27-1~deb11u1.dsc db71eecaf698660da37581c42ce9f904 5084340 net optional bind9_9.16.27.orig.tar.xz 46d3f2d80e2d027220fb30a846061761 874 net optional bind9_9.16.27.orig.tar.xz.asc bdd84ec01fc21f67bf7cb0699f494a21 78044 net optional bind9_9.16.27-1~deb11u1.debian.tar.xz 4d205a195459bec495765575360d7e1f 15287 net optional bind9_9.16.27-1~deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmIvU6JfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcKX6w/+IKPSqn0UDyABHBU3CTHMmHbXvTImZrHJKte8MhFmVsllvEF5m9+LKEn9 kIfkxXYDtmnOY1zrR4VPd1UhDnXmEm4PtEDJytGwaufh7O8W0qPZ9thzCXuKgFEw +XaSgyu7BfkCedtmXdg8KePJV5rJyuO5kItI274/7qvKWsqw9Q3eWPs16dxHK5t5 rYeqx3Spf6B6M3ez5Mnr5/k1Fa3n8PelBV6h+Pj3lp8bNZF5ccwSZnLNcCbBda96 kZtYDwEQDHtj1JvIh0V19dSnuHPRf2JvS1o4Bb+HlMNqU2MZNif1t/zeDIszR6Jd E18JN1KptYEAqWwdcobHwtCRtvZVtI4WMSzgqvvxDyAsWTqsxPoflHgTJdIA/RCy P3wspZ0i88zUbEEvGPuLj5U4WRJCzM0A5eUF3JT9yUxPI584m+YKdwelEfoyTWdC 6eJRd3Bp/pcJNuWv4ARxX6mdHVy0nQfYozOnOwn5m3tT3qYHG0NT6OR0mF4iI81K ldXa6lJ/kuL+p4ZGFIbTyk7CiHoEA1tDGR0mR3KQqg51NUYswrUm+e1wyy+zqRiE RnCUa2Vli69/kV7gc92FTqyuYvsiFbfU0agKMUxVTYXs2WQIK3YCPW/5ynYS58yx 3b16HEhXdBPvIzZtNuATUt/GSG91ocDcCGmOQjBlZx2ZLlGfagc= =y750 -----END PGP SIGNATURE-----