projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f03ac48) | patch
bind: bump to 9.18.24
authorNoah Meyerhans <frodo@morgul.net>
Thu, 15 Feb 2024 17:36:41 +0000 (09:36 -0800)
committerNoah Meyerhans <frodo@morgul.net>
Fri, 16 Feb 2024 15:02:24 +0000 (07:02 -0800)
commitd277e41e78972130f75dc816ebcbd7931f582519
treedf5bdc9576912e22fe46ddfb0bfba34dbb6bf005tree | snapshot
parentf03ac48d30629b032ac2372b24d41a9f9b8e4732commit | diff
bind: bump to 9.18.24

Fixes CVEs:

- CVE-2023-50387: Validating DNS messages containing a lot of DNSSEC signatures
  could cause excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof could cause
  excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-4408: Parsing DNS messages with many different names could cause
  excessive CPU load.
- CVE-2023-5517: Specific queries could cause named to crash with an assertion
  failure when nxdomain-redirect was enabled.
- CVE-2023-5679: A bad interaction between DNS64 and serve-stale could cause
  named to crash with an assertion failure, when both of these features were
  enabled.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
net/bind/Makefile diff | blob | history
Mirror of packages feed