From 1fe5029122c8d6aba0194d6b9b0ddcd1fde2ee8d Mon Sep 17 00:00:00 2001 From: Peter Korsgaard Date: Sun, 10 Apr 2022 22:51:10 +0200 Subject: [PATCH] package/bind: security bump to version 9.16.27 Fixes the following security issues: - The rules for acceptance of records into the cache have been tightened to prevent the possibility of poisoning if forwarders send records outside the configured bailiwick. (CVE-2021-25220) - TCP connections with keep-response-order enabled could leave the TCP sockets in the CLOSE_WAIT state when the client did not properly shut down the connection. (CVE-2022-0396) Signed-off-by: Peter Korsgaard --- package/bind/bind.hash | 4 ++-- package/bind/bind.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/bind/bind.hash b/package/bind/bind.hash index 401e389e49..2c10a0429b 100644 --- a/package/bind/bind.hash +++ b/package/bind/bind.hash @@ -1,4 +1,4 @@ -# Verified from https://ftp.isc.org/isc/bind9/9.16.26/bind-9.16.26.tar.xz.asc +# Verified from https://ftp.isc.org/isc/bind9/9.16.27/bind-9.16.27.tar.xz.asc # with key AADBBA5074F1402F7B69D56BC5B4EE931A9F9DFD -sha256 70b39a5eb71650358ec9ba41da3050d32aeac0aeb4a466684b23f35affa7fb45 bind-9.16.26.tar.xz +sha256 90902aaf104c81019d75d6f8b2f7ec40fcd249406f894b44e4a9c6b5e08bf566 bind-9.16.27.tar.xz sha256 daf6f1eddf5983ed664a2d125b619e56e2e93917c19d0d41c7586ea153ba2155 COPYRIGHT diff --git a/package/bind/bind.mk b/package/bind/bind.mk index a595baabc5..5164001ab5 100644 --- a/package/bind/bind.mk +++ b/package/bind/bind.mk @@ -4,7 +4,7 @@ # ################################################################################ -BIND_VERSION = 9.16.26 +BIND_VERSION = 9.16.27 BIND_SOURCE= bind-$(BIND_VERSION).tar.xz BIND_SITE = https://ftp.isc.org/isc/bind9/$(BIND_VERSION) # bind does not support parallel builds.