diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 23:51:29 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 23:51:29 +0000 |
| commit | 113ad32e9cd2dcda12f12aa8a72d56b73ff4f4cc (patch) | |
| tree | 76bbb508aac2452b17d73bcd162adc8cc7602e69 /CHANGES | |
| parent | Releasing progress-linux version 1:9.16.44-1~deb11u1progress6u1. (diff) | |
| download | bind9-113ad32e9cd2dcda12f12aa8a72d56b73ff4f4cc.tar.xz bind9-113ad32e9cd2dcda12f12aa8a72d56b73ff4f4cc.zip | |
Merging upstream version 1:9.16.48.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 53 |
1 files changed, 53 insertions, 0 deletions
@@ -1,3 +1,56 @@ + --- 9.16.48 released --- + +6343. [bug] Fix case insensitive setting for isc_ht hashtable. + [GL #4568] + + --- 9.16.47 released --- + +6322. [security] Specific DNS answers could cause a denial-of-service + condition due to DNS validation taking a long time. + (CVE-2023-50387) [GL #4424] + +6321. [security] Change 6315 inadvertently introduced regressions that + could cause named to crash. [GL #4234] + + --- 9.16.46 released --- + +6319. [security] Query patterns that continuously triggered cache + database maintenance could exhaust all available memory + on the host running named. (CVE-2023-6516) [GL #4383] + +6317. [security] Restore DNS64 state when handling a serve-stale timeout. + (CVE-2023-5679) [GL #4334] + +6316. [security] Specific queries could trigger an assertion check with + nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281] + +6315. [security] Speed up parsing of DNS messages with many different + names. (CVE-2023-4408) [GL #4234] + +6314. [bug] Address race conditions in dns_tsigkey_find(). + [GL #4182] + +6304. [bug] The wrong time was being used to determine what RRSIGs + where to be generated when dnssec-policy was in use. + [GL #4494] + +6282. [func] Deprecate AES-based DNS cookies. [GL #4421] + + --- 9.16.45 released --- + +6269. [maint] B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and + 2801:1b8:10::b. [GL #4101] + +6254. [cleanup] Add semantic patch to do an explicit cast from char + to unsigned char in ctype.h class of functions. + [GL #4327] + +6250. [bug] The wrong covered value was being set by + dns_ncache_current for RRSIG records in the returned + rdataset structure. This resulted in TYPE0 being + reported as the covered value of the RRSIG when dumping + the cache contents. [GL #4314] + --- 9.16.44 released --- 6245. [security] Limit the amount of recursion that can be performed |