Opened 4 years ago
Closed 4 years ago
#12424 closed enhancement (fixed)
bind9 bind 9.14.5
|Reported by:||Douglas R. Reno||Owned by:||Bruce Dubbs|
New point version
Change History (4)
comment:1 by , 4 years ago
comment:2 by , 4 years ago
|Milestone:||9.1 → 9.0|
|Status:||new → assigned|
Promote to blfs-9.0
comment:3 by , 4 years ago
--- 9.14.5 released ---
- [bug] Cache DB statistics could underflow when serve-stale
was in use, because of a bug in counter maintenance when RRsets become stale.
Functions for dumping statistics have been updated to dump active, stale, and ancient statistic counters. Ancient RRset counters are prefixed with '~'; stale RRset counters are still prefixed with '#'.
- [bug] Mark DS records included in referral messages
with trust level "pending" so that they can be validated and cached immediately, with no need to re-query.
- [bug] Address potential use after free race when shutting
- [bug] Check that bits [64..71] of a dns64 prefix are zero.
- [port] cygwin: can return ETIMEDOUT on connect() with a
- [bug] named could crash during configuration if
configured to use "geoip continent" ACLs with legacy GeoIP.
- [bug] named-checkconf failed to report dnstap-output
missing from named.conf when dnstap was specified.
- [bug] DNS64 and RPZ nodata (CNAME *.) rules interacted badly
- [func] New DNS Cookie algorithm - siphash24 - has been added
to BIND 9.
- [func] Add SipHash 2-4 implementation in lib/isc/siphash.c
and switch isc_hash_function() to use SipHash 2-4.
comment:4 by , 4 years ago
|Status:||assigned → closed|
Fixed at revision 22059.
This fixes CVE-2019-6471