diff options
Diffstat (limited to '')
| -rw-r--r-- | CHANGES | 53 |
1 files changed, 53 insertions, 0 deletions
@@ -1,3 +1,56 @@ + --- 9.16.48 released --- + +6343. [bug] Fix case insensitive setting for isc_ht hashtable. + [GL #4568] + + --- 9.16.47 released --- + +6322. [security] Specific DNS answers could cause a denial-of-service + condition due to DNS validation taking a long time. + (CVE-2023-50387) [GL #4424] + +6321. [security] Change 6315 inadvertently introduced regressions that + could cause named to crash. [GL #4234] + + --- 9.16.46 released --- + +6319. [security] Query patterns that continuously triggered cache + database maintenance could exhaust all available memory + on the host running named. (CVE-2023-6516) [GL #4383] + +6317. [security] Restore DNS64 state when handling a serve-stale timeout. + (CVE-2023-5679) [GL #4334] + +6316. [security] Specific queries could trigger an assertion check with + nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281] + +6315. [security] Speed up parsing of DNS messages with many different + names. (CVE-2023-4408) [GL #4234] + +6314. [bug] Address race conditions in dns_tsigkey_find(). + [GL #4182] + +6304. [bug] The wrong time was being used to determine what RRSIGs + where to be generated when dnssec-policy was in use. + [GL #4494] + +6282. [func] Deprecate AES-based DNS cookies. [GL #4421] + + --- 9.16.45 released --- + +6269. [maint] B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and + 2801:1b8:10::b. [GL #4101] + +6254. [cleanup] Add semantic patch to do an explicit cast from char + to unsigned char in ctype.h class of functions. + [GL #4327] + +6250. [bug] The wrong covered value was being set by + dns_ncache_current for RRSIG records in the returned + rdataset structure. This resulted in TYPE0 being + reported as the covered value of the RRSIG when dumping + the cache contents. [GL #4314] + --- 9.16.44 released --- 6245. [security] Limit the amount of recursion that can be performed |