Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/net/bind
History
Noah Meyerhans 4c6ea5379c bind: bump to 9.18.1 
Fixes multiple security issues:

 * CVE-2022-0667 -- An assertion could occur in resume_dslookup() if the
                    fetch had been shut down earlier
 * CVE-2022-0635 -- Lookups involving a DNAME could trigger an INSIST when
                    "synth-from-dnssec" was enabled
 * CVE-2022-0396 -- A synchronous call to closehandle_cb() caused
                    isc__nm_process_sock_buffer() to be called recursively,
                    which in turn left TCP connections hanging in the CLOSE_WAIT
                    state blocking indefinitely when out-of-order processing was
                    disabled.
 * CVE-2021-25220 -- The rules for acceptance of records into the cache
                     have been tightened to prevent the possibility of
                     poisoning if forwarders send records outside the
                     configured bailiwick

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
2022-03-18 00:34:43 -07:00
..
files named: don't leak mktemp files on reload 2022-03-15 15:20:15 -07:00
Config.in bind: support compile-time exclusion of DNS-over-HTTPS support 2022-02-07 21:31:54 -08:00
Makefile bind: bump to 9.18.1 2022-03-18 00:34:43 -07:00