Information on source package bind9

Available versions

ReleaseVersion
wheezy1:9.8.4.dfsg.P1-6+nmu2+deb7u10
wheezy (security)1:9.8.4.dfsg.P1-6+nmu2+deb7u17
jessie1:9.9.5.dfsg-9+deb8u12
jessie (security)1:9.9.5.dfsg-9+deb8u13
stretch1:9.10.3.dfsg.P4-12.3+deb9u1
stretch (security)1:9.10.3.dfsg.P4-12.3+deb9u2
buster1:9.10.3.dfsg.P4-12.4
sid1:9.10.3.dfsg.P4-12.5

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2016-6170vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x ...

Resolved issues

BugDescription
CVE-2017-3143An error in TSIG authentication can permit unauthorized dynamic updates
CVE-2017-3142An error in TSIG authentication can permit unauthorized zone transfers
CVE-2017-3141
CVE-2017-3140An error processing RPZ rules can cause named to loop endlessly after handling a query
CVE-2017-3139
CVE-2017-3138named exits with a REQUIRE assertion failure if it receives a null command string on its control channel
CVE-2017-3137A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME
CVE-2017-3136An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"
CVE-2017-3135Assertion failure when using DNS64 and RPZ can lead to crash
CVE-2016-9778An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c
CVE-2016-9444named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and ...
CVE-2016-9147named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows ...
CVE-2016-9131named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and ...
CVE-2016-8864named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and ...
CVE-2016-2848ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows ...
CVE-2016-2776buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before ...
CVE-2016-2775ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x ...
CVE-2016-2088resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS ...
CVE-2016-1286named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 ...
CVE-2016-1285named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does ...
CVE-2016-1284rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before ...
CVE-2015-8705buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug ...
CVE-2015-8704apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before ...
CVE-2015-8461Race condition in resolver.c in named in ISC BIND 9.9.8 before ...
CVE-2015-8000db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before ...
CVE-2015-5986openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x ...
CVE-2015-5722buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before ...
CVE-2015-5477named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 ...
CVE-2015-4620name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and ...
CVE-2015-1349named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x ...
CVE-2014-8680The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows ...
CVE-2014-8500ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through ...
CVE-2014-3859libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS ...
CVE-2014-3214The prefetch implementation in named in ISC BIND 9.10.0, when a ...
CVE-2014-0591The query_findclosestnsec3 function in query.c in named in ISC BIND ...
CVE-2013-6230The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ...
CVE-2013-4854The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x ...
CVE-2013-3919resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, ...
CVE-2013-2266libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before ...
CVE-2012-5689ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain ...
CVE-2012-5688ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 ...
CVE-2012-5166ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before ...
CVE-2012-4244ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before ...
CVE-2012-3868Race condition in the ns_client structure management in ISC BIND 9.9.x ...
CVE-2012-3817ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before ...
CVE-2012-1667ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before ...
CVE-2012-1033The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server ...
CVE-2011-4313query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, ...
CVE-2011-2465Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and ...
CVE-2011-2464Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, ...
CVE-2011-1910Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x ...
CVE-2011-1907ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset ...
CVE-2011-0414ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative ...
CVE-2010-3762ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not ...
CVE-2010-3615named in ISC BIND 9.7.2-P2 does not check all intended locations for ...
CVE-2010-3614named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV ...
CVE-2010-3613named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, ...
CVE-2010-0382ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before ...
CVE-2010-0290Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before ...
CVE-2010-0218ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ...
CVE-2010-0213BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a ...
CVE-2010-0097ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before ...
CVE-2009-4022Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before ...
CVE-2009-0696The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 ...
CVE-2009-0265Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not ...
CVE-2009-0025BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check ...
CVE-2008-4163Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and ...
CVE-2008-1447The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, ...
CVE-2008-0122Off-by-one error in the inet_network function in libbind in ISC BIND ...
CVE-2007-6283Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key ...
CVE-2007-2926ISC BIND 9 through 9.5.0a5 uses a weak random number generator during ...
CVE-2007-2925The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and ...
CVE-2007-2241Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 ...
CVE-2007-0494ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 ...
CVE-2007-0493Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up ...
CVE-2006-4096BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to ...
CVE-2006-4095BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers ...
CVE-2006-2073Unspecified vulnerability in ISC BIND allows remote attackers to cause ...
CVE-2006-0987The default configuration of ISC BIND before 9.4.1-P1, when configured ...
CVE-2005-0364Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and ...
CVE-2005-0034An "incorrect assumption" in the authvalidated validator function in ...
CVE-2002-2211BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary ...
CVE-2002-1221BIND 8.x through 8.3.3 allows remote attackers to cause a denial of ...
CVE-2002-1220BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of ...
CVE-2002-1219Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 ...
CVE-2002-0029Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 ...

Security announcements

DSA / DLADescription
DSA-3904-2bind9 - regression update
DSA-3904-2bind9 - regression update
DLA-1025-1bind9 - security update
DSA-3904-1bind9 - security update
DSA-3904-1bind9 - security update
DLA-957-1bind9 - security update
DSA-3854-1bind9 - security update
DLA-843-1bind9 - security update
DSA-3795-1bind9 - security update
DLA-805-1bind9 - security update
DSA-3758-1bind9 - security update
DLA-696-1bind9 - security update
DSA-3703-1bind9 - security update
DLA-672-1bind9 - security update
DLA-645-1bind9 - security update
DSA-3680-1bind9 - security update
DSA-3511-1bind9 - security update
DSA-3511-1bind9 - security update
DSA-3449-1bind9 - security update
DSA-3449-1bind9 - security update
DLA-396-1bind9 - security update
DLA-370-1bind9 - security update
DSA-3420-1bind9 - security update
DSA-3420-1bind9 - security update
DLA-308-1bind9 - security update
DSA-3350-1bind9 - security update
DSA-3350-1bind9 - security update
DSA-3319-1bind9 - security update
DSA-3319-1bind9 - security update
DLA-285-1bind9 - security update
DLA-270-1bind9 - security update
DSA-3304-1bind9 - security update
DSA-3304-1bind9 - security update
DLA-163-1bind9 - security update
DSA-3162-1bind9 - security update
DLA-112-1bind9 - security update
DSA-3094-1bind9 - security update
DSA-3023-1bind9 - security update
DLA-48-1bind9 - security update
DSA-2728-1bind9 - denial of service
DSA-2728-1bind9 - denial of service
DSA-2656-1bind9 - denial of service
DSA-2560-1bind9 - denial of service
DSA-2547-1bind9 - improper assert
DSA-2517-1bind9 - denial of service
DSA-2486-1bind9 - denial of service
DSA-2347-1bind9 - improper assert
DSA-2347-1bind9 - improper assert
DSA-2272-1bind9 - denial of service
DSA-2272-1bind9 - denial of service
DSA-2244-1bind9 - wrong boundary condition
DSA-2244-1bind9 - wrong boundary condition
DSA-2208-1bind9 - denial of service
DSA-2130-1bind9 - denial of service
DSA-2054-1bind9 - cache poisoning
DSA-1961-1bind9 - cache poisoning
DSA-1961-1bind9 - cache poisoning
DSA-1847-1bind9 - denial of service
DSA-1847-1bind9 - denial of service
DSA-1703-1bind9 - cryptographic weakness
DSA-1603-1bind9 - cache poisoning
DSA-1341-2bind9 - DNS cache poisoning vulnerability
DSA-1341-2bind9 - DNS cache poisoning vulnerability
DSA-1254-1bind9
DSA-1172-1bind9 - programming error

Search for package or bug name: Reporting problems