Change History (4)
comment:1 by , 6 years ago
| Priority: | normal → high |
|---|
comment:3 by , 6 years ago
Security Fixes
A race condition could trigger an assertion failure when a large number of incoming packets were being rejected. This flaw is disclosed in CVE-2019-6471. [GL #942]
Bug Fixes
When qname-minimization was set to relaxed, some improperly configured domains would fail to resolve, but would have succeeded if minimization were disabled. named will now fall back to normal resolution in such cases, and also uses type A rather than NS for minimal queries in order to reduce the likelihood of encountering the problem. [GL #1055]
Note:
See TracTickets
for help on using tickets.
For whoever takes this, from the oss security list:
Today ISC disclosed a vulnerability in our BIND software.
Information about the vulnerability can be found in the ISC Knowledge Base:
New maintenance releases of BIND released today contain the fix for the vulnerability along with other bug fixes and feature improvements. They may be downloaded from the ISC web site's download page (https://www.isc.org/downloads)
With the public disclosure of these vulnerabilities, parties which had been given advance notice concerning them are released from non-disclosure and packagers and redistributors are encouraged to publish updated packages containing fixes.