9.9.8-P2

author Mark Andrews <marka@isc.org>

Fri, 4 Dec 2015 00:05:33 +0000 (11:05 +1100)

committer Mark Andrews <marka@isc.org>

Fri, 4 Dec 2015 00:05:33 +0000 (11:05 +1100)
author Mark Andrews <marka@isc.org>
Fri, 4 Dec 2015 00:05:33 +0000 (11:05 +1100)
committer Mark Andrews <marka@isc.org>
Fri, 4 Dec 2015 00:05:33 +0000 (11:05 +1100)
diff --git a/README b/README

index 9d125222afda15917118dd6b4e98d70f8f980e15..d35def350c9cee0b70aef0098562c1beca48d8e3 100644 (file)
--- a/README
+++ b/README
@@ -51,6 +51,11 @@ BIND 9
         For up-to-date release notes and errata, see
         http://www.isc.org/software/bind9/releasenotes
  
+BIND 9.9.8-P2
+
+       BIND 9.9.8-P2 is a security release addressing the flaws
+        described in CVE-2015-3193 (OpenSSL) and CVE-2015-8461.
+
  BIND 9.9.8-P1
  
         BIND 9.9.8-P1 is a security release addressing the flaw
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml

index 9f1825bd236631b48c9dfc31b9b91e6303920584..80575c3f878527cd2596d9ecb097ec4af3170887 100644 (file)
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -23,7 +23,8 @@
        This document summarizes changes since BIND 9.9.8:
      </para>
      <para>
-      BIND 9.9.8-P1 addresses a security issue described in CVE-2015-8000.
+      BIND 9.9.8-P2 addresses security issues described in CVE-2015-3193
+      (OpenSSL), CVE-2015-8000 and CVE-2015-8461.
      </para>
    </sect2>
    <sect2 id="relnotes_download">
@@ -42,11 +43,8 @@
      <itemizedlist>
        <listitem>
         <para>
-         Insufficient testing when parsing a message allowed
-         records with an incorrect class to be be accepted,
-         triggering a REQUIRE failure when those records
-         were subsequently cached.  This flaw is disclosed
-         in CVE-2015-8000. [RT #40987]
+         Named is potentially vulnerable to the OpenSSL vulnerabilty
+         described in CVE-2015-3193.
         </para>
        </listitem>
        <listitem>
@@ -56,6 +54,15 @@
           lookup.  This flaw is disclosed in CVE-2015-8461. [RT#40945]
         </para>
        </listitem>
+      <listitem>
+       <para>
+         Insufficient testing when parsing a message allowed
+         records with an incorrect class to be be accepted,
+         triggering a REQUIRE failure when those records
+         were subsequently cached.  This flaw is disclosed
+         in CVE-2015-8000. [RT #40987]
+       </para>
+      </listitem>
      </itemizedlist>
    </sect2>
    <sect2 id="relnotes_features">
diff --git a/lib/dns/api b/lib/dns/api

index bd8309a36b3b704d7a8c36bc2c720e6fc52162ef..0d52f39a7a0bb32b0d24975ede507842dd3b948d 100644 (file)
--- a/lib/dns/api
+++ b/lib/dns/api
@@ -7,5 +7,5 @@
  # 9.10: 140-149
  # 9.11: 160-169
  LIBINTERFACE = 170
-LIBREVISION = 0
-LIBAGE = 0
+LIBREVISION = 1
+LIBAGE = 1
diff --git a/version b/version

index 5e6b40bf87788d8fdec0082a3944e6ad9144bc54..3711d026bab265b33461cbea8ba676afcd1dc2ba 100644 (file)
--- a/version
+++ b/version
@@ -7,5 +7,5 @@ MAJORVER=9
  MINORVER=9
  PATCHVER=8
  RELEASETYPE=-P
-RELEASEVER=1
+RELEASEVER=2
  EXTENSIONS=
author	Mark Andrews <marka@isc.org>
	Fri, 4 Dec 2015 00:05:33 +0000 (11:05 +1100)
committer	Mark Andrews <marka@isc.org>
	Fri, 4 Dec 2015 00:05:33 +0000 (11:05 +1100)
README		patch \| blob \| blame \| history
doc/arm/notes.xml		patch \| blob \| blame \| history
lib/dns/api		patch \| blob \| blame \| history
version		patch \| blob \| blame \| history