From 14509ce60103dab695cef4d4f31321bab27ab967 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 8 Apr 2024 18:41:28 +0200 Subject: Merging upstream version 1:9.18.24. Signed-off-by: Daniel Baumann --- doc/notes/notes-9.18.7.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'doc/notes/notes-9.18.7.rst') diff --git a/doc/notes/notes-9.18.7.rst b/doc/notes/notes-9.18.7.rst index dade98e..5d46acd 100644 --- a/doc/notes/notes-9.18.7.rst +++ b/doc/notes/notes-9.18.7.rst @@ -18,7 +18,7 @@ Security Fixes - Previously, there was no limit to the number of database lookups performed while processing large delegations, which could be abused to severely impact the performance of :iscman:`named` running as a - recursive resolver. This has been fixed. (CVE-2022-2795) + recursive resolver. This has been fixed. :cve:`2022-2795` ISC would like to thank Yehuda Afek from Tel-Aviv University and Anat Bremler-Barr & Shani Stajnrod from Reichman University for bringing @@ -27,20 +27,20 @@ Security Fixes - When an HTTP connection was reused to request statistics from the stats channel, the content length of successive responses could grow in size past the end of the allocated buffer. This has been fixed. - (CVE-2022-2881) :gl:`#3493` + :cve:`2022-2881` :gl:`#3493` - Memory leaks in code handling Diffie-Hellman (DH) keys were fixed that could be externally triggered, when using TKEY records in DH mode with - OpenSSL 3.0.0 and later versions. (CVE-2022-2906) :gl:`#3491` + OpenSSL 3.0.0 and later versions. :cve:`2022-2906` :gl:`#3491` - :iscman:`named` running as a resolver with the :any:`stale-answer-client-timeout` option set to ``0`` could crash with an assertion failure, when there was a stale CNAME in the cache - for the incoming query. This has been fixed. (CVE-2022-3080) + for the incoming query. This has been fixed. :cve:`2022-3080` :gl:`#3517` - Memory leaks were fixed that could be externally triggered in the - DNSSEC verification code for the EdDSA algorithm. (CVE-2022-38178) + DNSSEC verification code for the EdDSA algorithm. :cve:`2022-38178` :gl:`#3487` Feature Changes -- cgit v1.2.3