[Buildroot] [PATCH] bind: security bump to version 9.11.4-P2

Peter Korsgaard peter at korsgaard.com
Sun Sep 30 08:36:31 UTC 2018


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > From the release notes
 > (http://ftp.isc.org/isc/bind9/9.11.4-P2/RELEASE-NOTES-bind-9.11.4-P2.txt):

 >  * There was a long-existing flaw in the documentation for ms-self,
 >    krb5-self, ms-subdomain, and krb5-subdomain rules in update-policy
 >    statements.  Though the policies worked as intended, operators who
 >    configured their servers according to the misleading documentation may
 >    have thought zone updates were more restricted than they were; users of
 >    these rule types are advised to review the documentation and correct
 >    their configurations if necessary.  New rule types matching the
 >    previously documented behavior will be introduced in a future maintenance
 >    release.  [GL !708]

 >  * named could crash during recursive processing of DNAME records when
 >    deny-answer-aliases was in use.  This flaw is disclosed in CVE-2018-5740.
 >    [GL #387]

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list