Opened 9 years ago
Closed 9 years ago
#5932 closed enhancement (fixed)
BIND-9.10.1-P1 and BIND Utilities-9.10.1-P1
| Reported by: | Fernando de Oliveira | Owned by: | Fernando de Oliveira |
|---|---|---|---|
| Priority: | high | Milestone: | 7.7 |
| Component: | BOOK | Version: | SVN |
| Severity: | major | Keywords: | |
| Cc: |
Description
ftp://ftp.isc.org/isc/bind9/9.10.1-P1/bind-9.10.1-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.10.1-P1/CHANGES
4006. [security] A flaw in delegation handling could be exploited to put named into an infinite loop. This has been addressed by placing limits on the number of levels of recursion named will allow (default 7), and the number of iterative queries that it will send (default 50) before terminating a recursive query (CVE-2014-8500). The recursion depth limit is configured via the "max-recursion-depth" option, and the query limit via the "max-recursion-queries" option. [RT #37580] 4003. [security] When geoip-directory was reconfigured during named run-time, the previously loaded GeoIP data could remain, potentially causing wrong ACLs to be used or wrong results to be served based on geolocation (CVE-2014-8680). [RT #37720] 4002. [security] Lookups in GeoIP databases that were not loaded could cause an assertion failure (CVE-2014-8680). [RT #37679] 4001. [security] The caching of GeoIP lookups did not always handle address families correctly, potentially resulting in an assertion failure (CVE-2014-8680). [RT #37672]
I am a little weak (got a flu), so cannot promise to be quick.
If somebody can do it first, please, go ahead.
Change History (3)
comment:1 by , 9 years ago
| Summary: | BIND-9.10.1-P and BIND Utilities-9.10.1-P → BIND-9.10.1-P1 and BIND Utilities-9.10.1-P1 |
|---|
comment:2 by , 9 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:3 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r15182.