Opened 12 months ago
Closed 12 months ago
#19302 closed enhancement (fixed)
bind9 bind 9.18.24
| Reported by: | Douglas R. Reno | Owned by: | Rahul Chandra |
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.1 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version
This contains security fixes for a protocol-level security vulnerability in DNSSEC.
- CVE-2023-4408: Parsing large DNS messages may cause excessive CPU load https://kb.isc.org/docs/cve-2023-4408
- CVE-2023-5517: Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled https://kb.isc.org/docs/cve-2023-5517
- CVE-2023-5679: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution https://kb.isc.org/docs/cve-2023-5679
- CVE-2023-6516: Specific recursive query patterns may lead to an out-of-memory condition https://kb.isc.org/docs/cve-2023-6516
- CVE-2023-50387: KeyTrap - Extreme CPU consumption in DNSSEC validator https://kb.isc.org/docs/cve-2023-50387
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof can exhaust CPU resources https://kb.isc.org/docs/cve-2023-50868
Change History (2)
comment:1 by , 12 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 12 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
SA-12.095 issued Fixed @ a3ca4c05e8255a534b32ec5b34112aaa5629f2d9