[Buildroot] [PATCH] package/bind: security bump to version 9.11.19

Peter Korsgaard peter at korsgaard.com
Mon May 25 19:58:24 UTC 2020


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security issues:
 > - (9.11.18) DNS rebinding protection was ineffective when BIND 9 is
 >   configured as a forwarding DNS server.  Found and responsibly reported by
 >   Tobias Klein.  [GL #1574]

 > - (9.11.19) To prevent exhaustion of server resources by a maliciously
 >   configured domain, the number of recursive queries that can be triggered
 >   by a request before aborting recursion has been further limited.  Root and
 >   top-level domain servers are no longer exempt from the
 >   max-recursion-queries limit.  Fetches for missing name server address
 >   records are limited to 4 for any domain.  This issue was disclosed in
 >   CVE-2020-8616.  [GL #1388]

 > - (9.11.19) Replaying a TSIG BADTIME response as a request could trigger an
 >   assertion failure.  This was disclosed in CVE-2020-8617.  [GL #1703]

 > Also update the COPYRIGHT hash for a change of copyright year and adjust the
 > spacing for the new agreements.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list