Debian Buster Openstack images changelog 10.5.1-20200830 Updates in 2 source package(s), 6 binary package(s): Source bind9, binaries: libdns-export1104:amd64 libisc-export1100:amd64 libdns-export1104:arm64 libisc-export1100:arm64 bind9 (1:9.11.5.P4+dfsg-5.1+deb10u2) buster-security; urgency=high [ Salvatore Bonaccorso ] * [CVE-2020-8622] Properly handle malformed truncated responses to TSIG queries * [CVE-2020-8623] Fix crash in pk11_numbits() with crafted packet when native-pkcs11 is used * Wait more than 1 second for NSEC3 chain changes * [CVE-2020-8624] Fix processing of "update-policy" rules of type "subdomain" (Closes: #966497) [ Ondřej Surý ] * [CVE-2020-8619]: It was possible to trigger a INSIST when a zone with interior (non-leaf) wildcard label Source json-c, binaries: libjson-c3:amd64 libjson-c3:arm64 json-c (0.12.1+ds-2+deb10u1) buster-security; urgency=high * d/patches/611.patch: Add upstream patch to fix CVE-2020-12762 -- Steve McIntyre <93sam@debian.org> Mon, 31 Aug 2020 11:48:41 +0100 10.5.0 First build for 10.5.0 release -- Steve McIntyre <93sam@debian.org> Sun, 02 Aug 2020 02:59:15 +0100