projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aebeefc) | patch
bind: bump to 9.16.15
authorNoah Meyerhans <frodo@morgul.net>
Thu, 29 Apr 2021 18:08:58 +0000 (11:08 -0700)
committerNoah Meyerhans <frodo@morgul.net>
Fri, 30 Apr 2021 00:33:12 +0000 (17:33 -0700)
commit9fd4ed8afa303deea079ca9b8e16d32c41d05f60
tree8726da6afcc816b4074c49d7ec5637fc9019ec38tree | snapshot
parentaebeefcd5a7d62e4bab2d7bdb5d360f9357e46a5commit | diff
bind: bump to 9.16.15

Fixes the following security issues:

* CVE-2021-25216 - A specially crafted GSS-TSIG query could cause a buffer
                   overflow in the ISC implementation of SPNEGO.
* CVE-2021-25215 - named crashed when a DNAME record placed in the ANSWER
                   section during DNAME chasing turned out to be the final
                   answer to a client query.
* CVE-2021-25214 - Insufficient IXFR checks could result in named serving a
                   zone without an SOA record at the apex, leading to a
                   RUNTIME_CHECK assertion failure when the zone was
                   subsequently refreshed. This has been fixed by adding an
                   owner name check for all SOA records which are included
                   in a zone transfer.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
net/bind/Makefile diff | blob | history
Mirror of packages feed