Opened 6 years ago
Closed 6 years ago
#11704 closed enhancement (fixed)
bind9 bind 9.12.3-P4 (CVE-2018-5744 CVE-2018-5745 CVE-2019-6465)
Reported by: | Bruce Dubbs | Owned by: | Bruce Dubbs |
---|---|---|---|
Priority: | high | Milestone: | 8.4 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
New patch version.
Change History (5)
comment:1 by , 6 years ago
Priority: | normal → high |
---|---|
Summary: | bind9 bind 9.12.3-P4 → bind9 bind 9.12.3-P4 (CVE-2018-5744 CVE-2018-5745 CVE-2019-6465) |
comment:3 by , 6 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:4 by , 6 years ago
--- 9.12.3-P4 released ---
--- 9.12.3-P3 released (withdrawn) ---
- [security] Zone transfer controls for writable DLZ zones were
not effective as the allowzonexfr method was not being called for such zones. (CVE-2019-6465) [GL #790]
--- 9.12.3-P2 released (withdrawn) ---
- [security] Named could crash if it is managing a key with
managed-keys
and the authoritative zone is rolling the key to an unsupported algorithm. (CVE-2018-5745) [GL #780]
- [security] Named leaked memory if there were multiple Key Tag
EDNS options present. (CVE-2018-5744) [GL #772]
Note:
See TracTickets
for help on using tickets.