89a5d21627
Fixes the following security issues: - (9.11.18) DNS rebinding protection was ineffective when BIND 9 is configured as a forwarding DNS server. Found and responsibly reported by Tobias Klein. [GL #1574] - (9.11.19) To prevent exhaustion of server resources by a maliciously configured domain, the number of recursive queries that can be triggered by a request before aborting recursion has been further limited. Root and top-level domain servers are no longer exempt from the max-recursion-queries limit. Fetches for missing name server address records are limited to 4 for any domain. This issue was disclosed in CVE-2020-8616. [GL #1388] - (9.11.19) Replaying a TSIG BADTIME response as a request could trigger an assertion failure. This was disclosed in CVE-2020-8617. [GL #1703] Also update the COPYRIGHT hash for a change of copyright year and adjust the spacing for the new agreements. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-cross.patch | ||
| bind.hash | ||
| bind.mk | ||
| Config.in | ||
| named.service | ||
| S81named | ||