[Buildroot] [PATCH] package/bind: security bump to version 9.11.28
Peter Korsgaard
peter at korsgaard.com
Mon Feb 22 13:35:46 UTC 2021
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issue:
> - CVE-2020-8625: When tkey-gssapi-keytab or tkey-gssapi-credential was
> configured, a specially crafted GSS-TSIG query could cause a buffer
> overflow in the ISC implementation of SPNEGO (a protocol enabling
> negotiation of the security mechanism to use for GSSAPI authentication).
> This flaw could be exploited to crash named. Theoretically, it also
> enabled remote code execution, but achieving the latter is very difficult
> in real-world conditions
> For details, see the advisory:
> https://kb.isc.org/docs/cve-2020-8625
> In addition, 9.11.26-27 fixed a number of issues, see the release notes for
> details:
> https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.html
> Drop now upstreamed patches, update the GPG key for the 2021-2022 variant
> and update the COPYRIGHT hash for a change of year:
> -Copyright (C) 1996-2020 Internet Systems Consortium, Inc. ("ISC")
> +Copyright (C) 1996-2021 Internet Systems Consortium, Inc. ("ISC")
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list