From release notes (https://downloads.isc.org/isc/bind9/9.16.27/doc/arm/html/notes.html#notes-for-bind-9-16-27): """ Notes for BIND 9.16.27 Security Fixes The rules for acceptance of records into the cache have been tightened to prevent the possibility of poisoning if forwarders send records outside the configured bailiwick. (CVE-2021-25220) ISC would like to thank Xiang Li, Baojun Liu, and Chaoyi Lu from Network and Information Security Lab, Tsinghua University, and Changgen Zou from Qi An Xin Group Corp. for bringing this vulnerability to our attention. [GL #2950] TCP connections with keep-response-order enabled could leave the TCP sockets in the CLOSE_WAIT state when the client did not properly shut down the connection. (CVE-2022-0396) [GL #3112] """
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7b918ba18b54e673b3b58f6dab03cb3c81f8148b commit 7b918ba18b54e673b3b58f6dab03cb3c81f8148b Author: Sam James <sam@gentoo.org> AuthorDate: 2022-03-16 18:14:15 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-03-16 18:14:24 +0000 net-dns/bind-tools: add 9.16.27 Bug: https://bugs.gentoo.org/835439 Signed-off-by: Sam James <sam@gentoo.org> net-dns/bind-tools/Manifest | 1 + net-dns/bind-tools/bind-tools-9.16.27.ebuild | 148 +++++++++++++++++++++++++++ 2 files changed, 149 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b0eedb1c3f97c98966757a0e4909a15afb24e907 commit b0eedb1c3f97c98966757a0e4909a15afb24e907 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-03-16 18:10:41 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-03-16 18:14:22 +0000 net-dns/bind: add 9.16.27 Bug: https://bugs.gentoo.org/835439 Signed-off-by: Sam James <sam@gentoo.org> net-dns/bind/Manifest | 1 + net-dns/bind/bind-9.16.27.ebuild | 375 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 376 insertions(+)
Please cleanup
GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8bdc575dae63f16d44b926f18271d15d3173fc5f commit 8bdc575dae63f16d44b926f18271d15d3173fc5f Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-10-31 01:19:33 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-31 01:20:11 +0000 net-dns/bind: security cleanup Bug: https://bugs.gentoo.org/820563 Bug: https://bugs.gentoo.org/835439 Bug: https://bugs.gentoo.org/872206 Acked-by: Patrick McLean <chutzpah@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> net-dns/bind/Manifest | 5 - net-dns/bind/bind-9.16.27-r1.ebuild | 375 -------------------- net-dns/bind/bind-9.16.29-r1.ebuild | 376 -------------------- net-dns/bind/bind-9.16.29.ebuild | 375 -------------------- net-dns/bind/bind-9.16.30.ebuild | 381 -------------------- net-dns/bind/bind-9.16.31.ebuild | 382 --------------------- net-dns/bind/bind-9.16.32.ebuild | 382 --------------------- .../bind/files/bind-9.16.29-fortify-source-3.patch | 35 -- 8 files changed, 2311 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=3ff54f9ebabdb1f657769518402d72abd34fbdcb commit 3ff54f9ebabdb1f657769518402d72abd34fbdcb Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-31 01:18:02 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-31 01:40:16 +0000 [ GLSA 202210-25 ] ISC BIND: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/820563 Bug: https://bugs.gentoo.org/835439 Bug: https://bugs.gentoo.org/872206 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-25.xml | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+)
GLSA released, all done!