From 7c27d1ddc69f680c163f83ff8da78d0af507eaa2ad667dd6fc6c5d513c5e6b84 Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Thu, 15 Feb 2024 19:58:46 +0000 Subject: [PATCH] Updating link to change in openSUSE:Factory/bind revision 205 OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=e2511210e538b1b02e5a3a15836c9d2f --- bind-9.18.21.tar.xz | 3 --- bind-9.18.21.tar.xz.asc | 16 ---------------- bind-9.18.24.tar.xz | 3 +++ bind-9.18.24.tar.xz.asc | 16 ++++++++++++++++ bind.changes | 40 ++++++++++++++++++++++++++++++++++++++++ bind.spec | 2 +- 6 files changed, 60 insertions(+), 20 deletions(-) delete mode 100644 bind-9.18.21.tar.xz delete mode 100644 bind-9.18.21.tar.xz.asc create mode 100644 bind-9.18.24.tar.xz create mode 100644 bind-9.18.24.tar.xz.asc diff --git a/bind-9.18.21.tar.xz b/bind-9.18.21.tar.xz deleted file mode 100644 index 159ce20..0000000 --- a/bind-9.18.21.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a556be22505d9ea4f9c6717aee9c549739c68498aff3ca69035787ecc648fec5 -size 5507132 diff --git a/bind-9.18.21.tar.xz.asc b/bind-9.18.21.tar.xz.asc deleted file mode 100644 index 16793c1..0000000 --- a/bind-9.18.21.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEcGtsKGIOdvkdEfffUQpkKgbFLOwFAmV3BGsACgkQUQpkKgbF -LOwu9w/+JciqKqT0JieUDwPzEhhulBCWEhbZFrHK6dFM5UkPHkaV79QkZAQEhnq1 -FXVEF99ZuTbz5s79wNAZ9I4AiU0al5RK1P5MwMBbjsQrfnkhmKnPIU1jx3FSVrCP -tC9l1xEjkLNi2vf28ZQ9KED2hUdqsgTZqDvgewEnrq1NtZ0K7ozz9nHQLfooDSJT -L5U9HDp3vf5BJWONjnKAPjJJdeRf7HPqokJVSjQcVxrT06VsMNUFFmyCbEJ0UTJm -mqDrRuEXhkAKf40DwMr0qGqiq5Q4m960yADEK1Aju/9cEf6Ag4FYyy70iyICe7Tj -T8qjVzzwboUJao3m/152+6qvzGXJKdUUZqCnNcCc2wmirmg/ES4DLLFyYYXBflj7 -hWCOLXeghF/785te4fmiH3gqcEZBEVcc0wl1HCL5m3q9kGutGgLJVOZgM5D6zf2T -0Sa60qIr5r+cKCS9OYowTH1+NqEsW4XhCVIe/RYEuXa3FFczIUbdGlUQ5t9ILBxi -zbZ04Tj0tecqUVkhoEYZfQzhHEa43LzxATdQ4Zc01USaxhbSFSoyG1+WP1tPD+PL -wqZA9tEuvKtngr/UP+BeLG0lWv5zbtShzM1V1cEg7JuoiI2onWstaN7NYXShiUMZ -oVYXIBbmNbXVmm2TYzt4mw9TotGWHkSNjPZGvvAYw/0mtcw6NXs= -=bzR1 ------END PGP SIGNATURE----- diff --git a/bind-9.18.24.tar.xz b/bind-9.18.24.tar.xz new file mode 100644 index 0000000..bf22de9 --- /dev/null +++ b/bind-9.18.24.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:709d73023c9115ddad3bab65b6c8c79a590196d0d114f5d0ca2533dbd52ddf66 +size 5515528 diff --git a/bind-9.18.24.tar.xz.asc b/bind-9.18.24.tar.xz.asc new file mode 100644 index 0000000..77d21d9 --- /dev/null +++ b/bind-9.18.24.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEcGtsKGIOdvkdEfffUQpkKgbFLOwFAmXI5VgACgkQUQpkKgbF +LOwcMA/+Ow94NYy2xIcuN2bqLtZLnfM8tWU3NL/mUJed/iYp//Q0CI3Q6pnLmPVY +1j5trMDmNGcDHFg1RN4GKtsZmRm4icjANyuqYA7Bcqb2Qr7cezbkbpGrY6AI7ex/ +wGtt5+OL+1aZgAQWZV35XVmyW7c+HJ1zQc28Ctfh7pRwOU+sit7OGvTSZZVPaY/Q +CzyOQnLE2lqpTZzcUT7m/ohHW7mYkf4GN+xRXuvD/TyAE+h3XetYdK03C8+lRY/y +r6KbucVG2hm/6L5u00s2mPMH68vTidQiT1YPMMHcWSAXZ51OcVJdLCg5CVCnXDIJ +O8PoUIs7cxvUstfdRGie7vyCwqsk9fwgH/9M+81OreizdxX7G/orKyzIfiBRxcMw +UHpuc0bMfZ3CWigo79q1FdXaSpC+RA+noBqoDJS6/eMl9M0mFOUwuNIsDbTqHoRK +tGJu9xFz4vjgisXIuXCyNEJfvzESRl/w7fAs90sumMiVrjxWw7JXAUsZfaMNQhI5 +LQedp+SGtrXQLUqLJe/nHeAKSuXKvf6ftgs5/nVBmLS/KPRfnciysDd7Vuu5+lFB +FrEQ4b6m80H7W0kwRdqPEiFcGGS3Zsiyi1SAERMudsoR/JiDGVMuSRuulRwJVQw4 +rpylvX+yCy7VRXQIIo4K65TAWtHLnld3Lp1fnrmHbzL9ZrE2exE= +=CnZp +-----END PGP SIGNATURE----- diff --git a/bind.changes b/bind.changes index a805b88..a3deacb 100644 --- a/bind.changes +++ b/bind.changes @@ -1,3 +1,43 @@ +------------------------------------------------------------------- +Tue Feb 13 15:15:21 UTC 2024 - Jorik Cronenberg + +- Update to release 9.18.24 + Security Fixes: + * Validating DNS messages containing a lot of DNSSEC signatures + could cause excessive CPU load, leading to a denial-of-service + condition. This has been fixed. (CVE-2023-50387) + [bsc#1219823] + * Preparing an NSEC3 closest encloser proof could cause excessiv + CPU load, leading to a denial-of-service condition. This has + been fixed. (CVE-2023-50868) + [bsc#1219826] + * Parsing DNS messages with many different names could cause + excessive CPU load. This has been fixed. (CVE-2023-4408) + [bsc#1219851] + * Specific queries could cause named to crash with an assertion + failure when nxdomain-redirect was enabled. This has been + fixed. (CVE-2023-5517) + [bsc#1219852] + * A bad interaction between DNS64 and serve-stale could cause + named to crash with an assertion failure, when both of these + features were enabled. This has been fixed. (CVE-2023-5679) + [bsc#1219853] + * Query patterns that continuously triggered cache database + maintenance could cause an excessive amount of memory to be + allocated, exceeding max-cache-size and potentially leading to + all available memory on the host running named being exhausted + This has been fixed. (CVE-2023-6516) + [bsc#1219854] + * Under certain circumstances, the DNS-over-TLS client code + incorrectly attempted to process more than one DNS message at a + time, which could cause named to crash with an assertion + failure. This has been fixed. + + Bug Fixes: + * The counters exported via the statistics channel were changed + back to 64-bit signed values; they were being inadvertently + truncated to unsigned 32-bit values since BIND 9.15.0. + ------------------------------------------------------------------- Thu Jan 4 11:22:09 UTC 2024 - Jorik Cronenberg diff --git a/bind.spec b/bind.spec index 7c86273..ca4f609 100644 --- a/bind.spec +++ b/bind.spec @@ -56,7 +56,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: bind -Version: 9.18.21 +Version: 9.18.24 Release: 0 Summary: Domain Name System (DNS) Server (named) License: MPL-2.0