-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 06 Nov 2010 11:34:33 -0600
Source: bind9
Binary: bind9 bind9utils bind9-doc bind9-host libbind-dev libbind9-50 libdns55 libisc50 liblwres50 libisccc50 libisccfg50 dnsutils lwresd
Architecture: hppa
Version: 1:9.6.ESV.R2+dfsg-0+lenny1
Distribution: stable
Urgency: low
Maintainer: hppa Build Daemon (peri) <buildd_hppa-peri@buildd.debian.org>
Changed-By: LaMont Jones <lamont@debian.org>
Description: 
 bind9      - Internet Domain Name Server
 bind9-doc  - Documentation for BIND
 bind9-host - Version of 'host' bundled with BIND 9.X
 bind9utils - Utilities for BIND
 dnsutils   - Clients provided with BIND
 libbind-dev - Static Libraries and Headers used by BIND
 libbind9-50 - BIND9 Shared Library used by BIND
 libdns55   - DNS Shared Library used by BIND
 libisc50   - ISC Shared Library used by BIND
 libisccc50 - Command Channel Library used by BIND
 libisccfg50 - Config File Handling Library used by BIND
 liblwres50 - Lightweight Resolver Library used by BIND
 lwresd     - Lightweight Resolver Daemon
Changes: 
 bind9 (1:9.6.ESV.R2+dfsg-0+lenny1) stable-security; urgency=low
 .
   [Internet Software Consortium, Inc]
 .
   * v9.6-ESV-R2.  Addresses CVE-2010-3762
     - Check that named successfully skips NSEC3 records that fail to match
       the NSEC3PARAM record currently in use. [RT# 21868]
     - Worked around an apparent race condition in over memory conditions.
       Without this fix a DNS cache DB or ADB could incorrectly stay in an
       over memory state, effectively refusing further caching, which
       subsequently made a BIND 9 caching server unworkable.  This fix
       prevents this problem from happening by polling the state of the
       memory context, rather than making a copy of the state, which
       appeared to cause a race.  This is a "workaround" in that it doesn't
       solve the possible race per se, but several experiments proved this
       change solves the symptom.  Also, the polling overhead hasn't been
       reported to be an issue.  This bug should only affect a caching
       server that specifies a finite max-cache-size.  It's also quite
       likely that the bug happens only when enabling threads, but it's not
       confirmed yet. [RT #21818]
     - Named failed to accept uncachable negative responses from insecure
       zones. [RT# 21555]
     - The resolver could attempt to destroy a fetch context too soon.
       [RT #19878]
     - The placeholder negative caching element was not properly constructed
       triggering a INSIST in dns_ncache_towire(). [RT #21346]
     - Handle the introduction of new trusted-keys and DS, DLV RRsets better.
       [RT #21097]
     - Fix arguments to dns_keytable_findnextkeynode() call.  [RT #20877]
     - Named could return SERVFAIL for negative responses from unsigned
       zones. [RT #21131]
     - Handle broken DNSSEC trust chains better. [RT #15619]
 .
   [LaMont Jones]
 .
   * meta: drop verisoned depends from library packages, for less upgrade pain
   * cleanup libisc version number.  It should be libisc50, not libisc52 or
     libisc53
Checksums-Sha1: 
 009a2624446b067ffc3d312059e52472c0f16109 299734 bind9_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 433e1f06fdd883500e9422b716f57ff125836839 113624 bind9utils_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 505cdaa89df059ca9c3183ef13dcd5907347606f 66836 bind9-host_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 d77d70df0fc1d82a8a692ccf32d5539feb77b5d7 1543006 libbind-dev_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 659dc0e6c3035d393b1fd1ecf30aa57d97539bc8 35626 libbind9-50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 d57dfa522fa61484bf332eae8127c40c78628231 686436 libdns55_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 7f599f68884ed1b746cf3ae824c6717f8185e4e9 171450 libisc50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 5f9e06857d8096553ebad145be4f1a020dd0c225 48254 liblwres50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 2dfc33ffedda2372cae351a3901ce518b18a165d 29708 libisccc50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 7fb4cc7048dae5d5b4dce1fcc60e7b48b8974a47 52164 libisccfg50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 16a5f66c78c9bf2882abd149d43a0586e5343a7b 159818 dnsutils_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 6962ec69ab32ee9cf1dcaec240a7bf97134c74df 234598 lwresd_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
Checksums-Sha256: 
 872b6d2571851f3b941954437b9d50e903d3f383e9c7e81172084fb61d1e11db 299734 bind9_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 524527ad4b78a2b55d059b0660bc691a820de7f035ccb797b2a3b69743b85732 113624 bind9utils_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 b7c3382040591aca20178352d22a51757a16cec8aeb80493587f78e4bae76190 66836 bind9-host_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 03c9dbb256ffde57dfcb18e94f565f4b7e898f92e67f6bedb67975767abca48e 1543006 libbind-dev_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 f8d3660e4ecdf597950c344cf44c18369586f7d9ffdb893ae5d6a255f98d0b4a 35626 libbind9-50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 aac40e4542513188f2626c4a46221c4786f760d8b674f70484f7920bd535114d 686436 libdns55_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 cbadcbc5846dce32fbd8232abb6f402ac28afa74625fcc4c90abc14142801b42 171450 libisc50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 37ca2cafe3f98a70c71596ca6b6534b776de7d3f8f36a53b0936c2116db9f4cf 48254 liblwres50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 37d93ffc11b4df83434b88c7c32d9c55e93dc1e250b86c1c2341b968b493bae6 29708 libisccc50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 f96d046a326251734b0b08ba847d6c9717c6d41c5a4daa048b71a0b955010be9 52164 libisccfg50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 0711324c2c37be05b6f7c7d38ff5cef194ddf3602f5a966fe8aae97528214801 159818 dnsutils_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 4068060b0243d43a1172c921def665a59f5ebf589a8dc41ec0ac077b8e10656f 234598 lwresd_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
Files: 
 46607b7f4aef6f28800beb294074346d 299734 net optional bind9_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 2be66c0f2e143581c6d3224651e49858 113624 net optional bind9utils_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 f549f8e998cf33fa636855e9d8fd3103 66836 net standard bind9-host_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 6cc8d5f83c0c8d1eb879ed522fffa5b6 1543006 libdevel optional libbind-dev_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 079bad3693c8678bcd10c8d6a3049fc0 35626 libs standard libbind9-50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 15d86778dad1a09abdb1bc9527371458 686436 libs standard libdns55_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 ad3d340916de81d9503848c60d2cedf8 171450 libs standard libisc50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 f54d19dd09e5b33113979965fc7644c5 48254 libs standard liblwres50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 0d8b0789a98e552e0db8f3820d9969eb 29708 libs standard libisccc50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 8f3bdd5ae09f46a87a99a535ca18f751 52164 libs standard libisccfg50_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 b8e4c17cda9b00e99c6fbc91c9a0b529 159818 net standard dnsutils_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
 e43ad1a2592ae79f4804cdff782352bf 234598 net optional lwresd_9.6.ESV.R2+dfsg-0+lenny1_hppa.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIbBAEBCAAGBQJNJpAWAAoJEBv4PF5U/IZACXkP9j/K9IoL+Pd4UdT2OLrxS9MP
CbC9vHftqTJqEBwWB7CeX4nAThE3t/lMJpJ6caCFvDj2nzZkQV29Eew29uRIAO2M
YeY4bKGSNMF5wyYE6L1HbkBX7uSNCDR4NDFwoCF3rrpca32Tjnhp0MsQ2dMdADjl
St/pXnZ6L5EgRp+8Dqy6JgDqDnyapbT+UhlKAFLr3dVFTKedJQNcYAxI7DFsPTCw
Hv1qqvrOue2dHyM+SXlC5wX97b/W24NEBQtxPjue1xYXaMH2uEU4Pqb6twJbeqhR
zD0OJa+gF7ZiDSYI/Q5XArCt8NtKjAZ6VikrfhvOIjRJI/aIx9jyVJcI8gFmdP36
/65fZAZbngGR3LMe7eBBpmujSXqhDUc6tz/Mkf31iEyjar6UR0je9RiWRdvgm6du
U64KuzDfQNfCz5EQ2W7e9Wkjpm3SX7HCqJHeINUV5f0dCUK37vrtITn2wwOro9kS
eJ+YASPvBIDAOcl+chb6ltLwwZpUB/AL3lRupvjfZ8QecznAvoM7HJfK+0wJHQZd
h4LsqhNTgrrma9LZYkDoHLZRLWCSU0vOkFdmxg2htOv5/p3J55vwFWzo+gK6LpqA
12S35lIHXUFHh75HWJLPHCCtV2LhluNqRg1wCKgi0Q7cGeWozbBZOZGdIzC/VlT5
BwUXkiF+mxi7pYYTz9I=
=jelK
-----END PGP SIGNATURE-----