From 113ad32e9cd2dcda12f12aa8a72d56b73ff4f4cc Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 28 Apr 2024 01:51:29 +0200 Subject: Merging upstream version 1:9.16.48. Signed-off-by: Daniel Baumann --- doc/notes/notes-9.16.37.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'doc/notes/notes-9.16.37.rst') diff --git a/doc/notes/notes-9.16.37.rst b/doc/notes/notes-9.16.37.rst index 9b0393c..4d24781 100644 --- a/doc/notes/notes-9.16.37.rst +++ b/doc/notes/notes-9.16.37.rst @@ -19,14 +19,14 @@ Security Fixes available memory. This flaw was addressed by adding a new ``update-quota`` option that controls the maximum number of outstanding DNS UPDATE messages that :iscman:`named` can hold in a - queue at any given time (default: 100). (CVE-2022-3094) + queue at any given time (default: 100). :cve:`2022-3094` ISC would like to thank Rob Schulhof from Infoblox for bringing this vulnerability to our attention. :gl:`#3523` - :iscman:`named` could crash with an assertion failure when an RRSIG query was received and ``stale-answer-client-timeout`` was set to a - non-zero value. This has been fixed. (CVE-2022-3736) + non-zero value. This has been fixed. :cve:`2022-3736` ISC would like to thank Borja Marcos from Sarenet (with assistance by Iratxe Niño from Fundación Sarenet) for bringing this vulnerability to @@ -36,7 +36,7 @@ Security Fixes ``stale-answer-client-timeout`` option set to any value greater than ``0`` could crash with an assertion failure, when the ``recursive-clients`` soft quota was reached. This has been fixed. - (CVE-2022-3924) + :cve:`2022-3924` ISC would like to thank Maksym Odinintsev from AWS for bringing this vulnerability to our attention. :gl:`#3619` -- cgit v1.2.3