588284218a
This change includes fixes for several security issues:
* CVE-2017-3138: rndc "" could trigger an assertion failure in named.
* CVE-2017-3137: Some chaining (i.e., type CNAME or DNAME) responses to
upstream queries could trigger assertion failures.
* CVE-2017-3136: dns64 with break-dnssec yes; can result in an assertion
failure.
* CVE-2017-3135: If a server is configured with a response policy zone
(RPZ) that rewrites an answer with local data, and is also configured
for DNS64 address mapping, a NULL pointer can be read triggering a
server crash.
* CVE-2016-9444: named could mishandle authority sections with missing
RRSIGs, triggering an assertion failure.
* CVE-2016-9131: named mishandled some responses where covering RRSIG
records were returned without the requested data, resulting in an
assertion failure.
* CVE-2016-9131: named incorrectly tried to cache TKEY records which could
trigger an assertion failure when there was a class mismatch.
* CVE-2016-8864: It was possible to trigger assertions when processing
responses containing answers of type DNAME.
* CVE-2016-6170: Added the ability to specify the maximum number of
records permitted in a zone (max-records #;). This provides a mechanism
to block overly large zone transfers, which is a potential risk with
slave zones from other parties.
* CVE-2016-2776: It was possible to trigger an assertion when rendering a
message using a specially crafted request.
* CVE-2016-2775: Calling getrrsetbyname() with a non absolute name could
trigger an infinite recursion bug in lwresd or named with lwres
configured if, when combined with a search list entry from resolv.conf,
the resulting name is too long.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
|
||
|---|---|---|
| .. | ||
| files | ||
| patches | ||
| Config.in | ||
| Makefile | ||