DNS rebinding protection is ineffective when BIND is configured as a forwarding DNS server
Bug #1873046 reported by
Andreas Hasenack
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bind9 (Ubuntu) |
Fix Released
|
Undecided
|
Andreas Hasenack |
Bug Description
This affects focal which is at 9.16.1 at the moment.
Upstream MP: https:/
Upstream released 9.16.2[1] with the fix, and of course other changes.
1. https:/
Related branches
~ahasenack/ubuntu/+source/bind9:groovy-bind-9.16.2-merge
- Rafael David Tinoco (community): Approve
- Canonical Server: Pending requested
- Canonical Server Core Reviewers: Pending requested
-
Diff: 1245 lines (+1064/-14)11 files modifieddebian/NEWS (+24/-0)
debian/bind9-dnsutils.install (+0/-2)
debian/bind9.apport (+24/-0)
debian/changelog (+843/-0)
debian/control (+4/-4)
debian/patches/CVE-2020-8616.patch (+137/-0)
debian/patches/CVE-2020-8617.patch (+27/-0)
debian/patches/series (+2/-0)
debian/rules (+2/-3)
debian/tests/control (+1/-1)
debian/tests/simpletest (+0/-4)
~ahasenack/ubuntu/+source/bind9:focal-bind9-rebinding-protection-fix
- Lucas Kanashiro (community): Approve
-
Diff: 70 lines (+49/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-rebinding-protection.patch (+41/-0)
debian/patches/series (+1/-0)
description: | updated |
Changed in bind9 (Ubuntu): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
status: | New → In Progress |
To post a comment you must log in.
This bug was fixed in the package bind9 - 1:9.16.1-0ubuntu2
---------------
bind9 (1:9.16.1-0ubuntu2) focal; urgency=medium
* d/p/fix- rebinding- protection. patch: fix rebinding protection bug
when using forwarder setups (LP: #1873046)
-- Andreas Hasenack <email address hidden> Wed, 15 Apr 2020 14:59:51 -0300