bind9 (1:9.16.15-1) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/dns-team/bind9.git
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: debian/main
Path: debian/changelog
Browser: https://salsa.debian.org/dns-team/bind9
Last scan: 2021-05-01 11:42:05+00
Next scan: 2021-05-08 09:51:00+00
Merge requests: 5

Debian changelog in Git:

bind9 (1:9.16.15-1) unstable; urgency=high

  * New upstream version 9.16.15 (Closes: #987741, #987742, #987743)
   + CVE-2021-25214: A malformed incoming IXFR transfer could trigger an
     assertion failure in ``named``, causing it to quit abnormally.
   + CVE-2021-25215: ``named`` crashed when a DNAME record placed in the
     ANSWER section during DNAME chasing turned out to be the final
     answer to a client query.
   + CVE-2021-25216: When a server's configuration set the
    ``tkey-gssapi-keytab`` or ``tkey-gssapi-credential`` option, a
    specially crafted GSS-TSIG query could cause a buffer overflow in
    the ISC implementation of SPNEGO (a protocol enabling negotiation of
    the security mechanism used for GSSAPI authentication).
  * Add patches to implement I-D draft-hardaker-dnsop-nsec3-guidance

 -- Ondřej Surý <ondrej@debian.org>  Thu, 29 Apr 2021 09:11:32 +0200

This branch is even with tag debian/1%9.16.15-1