Opened 5 years ago
Closed 5 years ago
#12424 closed enhancement (fixed)
bind9 bind 9.14.5
Reported by: | Douglas R. Reno | Owned by: | Bruce Dubbs |
---|---|---|---|
Priority: | normal | Milestone: | 9.0 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
New point version
Change History (4)
comment:1 by , 5 years ago
comment:2 by , 5 years ago
Milestone: | 9.1 → 9.0 |
---|---|
Owner: | changed from | to
Status: | new → assigned |
Promote to blfs-9.0
comment:3 by , 5 years ago
--- 9.14.5 released ---
- [bug] Cache DB statistics could underflow when serve-stale
was in use, because of a bug in counter maintenance when RRsets become stale.
Functions for dumping statistics have been updated to dump active, stale, and ancient statistic counters. Ancient RRset counters are prefixed with '~'; stale RRset counters are still prefixed with '#'.
- [bug] Mark DS records included in referral messages
with trust level "pending" so that they can be validated and cached immediately, with no need to re-query.
- [bug] Address potential use after free race when shutting
down rpz.
- [bug] Check that bits [64..71] of a dns64 prefix are zero.
- [port] cygwin: can return ETIMEDOUT on connect() with a
non-blocking socket.
- [bug] named could crash during configuration if
configured to use "geoip continent" ACLs with legacy GeoIP.
- [bug] named-checkconf failed to report dnstap-output
missing from named.conf when dnstap was specified.
- [bug] DNS64 and RPZ nodata (CNAME *.) rules interacted badly
- [func] New DNS Cookie algorithm - siphash24 - has been added
to BIND 9.
- [func] Add SipHash 2-4 implementation in lib/isc/siphash.c
and switch isc_hash_function() to use SipHash 2-4.
This fixes CVE-2019-6471