From 45d6379135504814ab723b57f0eb8be23393a51d Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 09:24:22 +0200 Subject: Adding upstream version 1:9.16.44. Signed-off-by: Daniel Baumann --- doc/notes/notes-9.16.44.rst | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 doc/notes/notes-9.16.44.rst (limited to 'doc/notes/notes-9.16.44.rst') diff --git a/doc/notes/notes-9.16.44.rst b/doc/notes/notes-9.16.44.rst new file mode 100644 index 0000000..81c157a --- /dev/null +++ b/doc/notes/notes-9.16.44.rst @@ -0,0 +1,31 @@ +.. Copyright (C) Internet Systems Consortium, Inc. ("ISC") +.. +.. SPDX-License-Identifier: MPL-2.0 +.. +.. This Source Code Form is subject to the terms of the Mozilla Public +.. License, v. 2.0. If a copy of the MPL was not distributed with this +.. file, you can obtain one at https://mozilla.org/MPL/2.0/. +.. +.. See the COPYRIGHT file distributed with this work for additional +.. information regarding copyright ownership. + +Notes for BIND 9.16.44 +---------------------- + +Security Fixes +~~~~~~~~~~~~~~ + +- Previously, sending a specially crafted message over the control + channel could cause the packet-parsing code to run out of available + stack memory, causing :iscman:`named` to terminate unexpectedly. + This has been fixed. (CVE-2023-3341) + + ISC would like to thank Eric Sesterhenn from X41 D-Sec GmbH for + bringing this vulnerability to our attention. :gl:`#4152` + +Known Issues +~~~~~~~~~~~~ + +- There are no new known issues with this release. See :ref:`above + ` for a list of all known issues affecting this + BIND 9 branch. -- cgit v1.2.3