Opened 4 years ago

Closed 4 years ago

#12424 closed enhancement (fixed)

bind9 bind 9.14.5

Reported by: Douglas R. Reno Owned by: Bruce Dubbs
Priority: normal Milestone: 9.0
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version

Change History (4)

comment:1 by Douglas R. Reno, 4 years ago

This fixes CVE-2019-6471

comment:2 by Bruce Dubbs, 4 years ago

Milestone: 9.19.0
Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

Promote to blfs-9.0

comment:3 by Bruce Dubbs, 4 years ago

--- 9.14.5 released ---

  1. [bug] Cache DB statistics could underflow when serve-stale

was in use, because of a bug in counter maintenance when RRsets become stale.

Functions for dumping statistics have been updated to dump active, stale, and ancient statistic counters. Ancient RRset counters are prefixed with '~'; stale RRset counters are still prefixed with '#'.

  1. [bug] Mark DS records included in referral messages

with trust level "pending" so that they can be validated and cached immediately, with no need to re-query.

  1. [bug] Address potential use after free race when shutting

down rpz.

  1. [bug] Check that bits [64..71] of a dns64 prefix are zero.
  1. [port] cygwin: can return ETIMEDOUT on connect() with a

non-blocking socket.

  1. [bug] named could crash during configuration if

configured to use "geoip continent" ACLs with legacy GeoIP.

  1. [bug] named-checkconf failed to report dnstap-output

missing from named.conf when dnstap was specified.

  1. [bug] DNS64 and RPZ nodata (CNAME *.) rules interacted badly
  1. [func] New DNS Cookie algorithm - siphash24 - has been added

to BIND 9.

  1. [func] Add SipHash 2-4 implementation in lib/isc/siphash.c

and switch isc_hash_function() to use SipHash 2-4.

comment:4 by Bruce Dubbs, 4 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 22059.

Note: See TracTickets for help on using tickets.