NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6e000dba5f
kumquat-buildroot/package/bind/bind.hash
Fabrice Fontaine 54f6e1f81f package/bind: security bump to version 9.16.44 
Fix CVE-2023-3341: The code that processes control channel messages sent
to `named` calls certain functions recursively during packet parsing.
Recursion depth is only limited by the maximum accepted packet size;
depending on the environment, this may cause the packet-parsing code to
run out of available stack memory, causing `named` to terminate
unexpectedly. Since each incoming control channel message is fully
parsed before its contents are authenticated, exploiting this flaw does
not require the attacker to hold a valid RNDC key; only network access
to the control channel's configured TCP port is necessary. This issue
affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18,
9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1
through 9.18.18-S1.

https://ftp.isc.org/isc/bind9/9.16.44/CHANGES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-28 11:26:19 +02:00

5 lines
308 B
Plaintext
Raw Blame History

# Verified from https://ftp.isc.org/isc/bind9/9.16.44/bind-9.16.44.tar.xz.asc
# with key AADBBA5074F1402F7B69D56BC5B4EE931A9F9DFD
sha256 cfaa953c36d5ca42d9584fcf9653d07c85527b59687e7c4d4cb8071272db6754 bind-9.16.44.tar.xz
sha256 13491a682dc0f5ee2273cebd3949e2be62f9470fe659419a03a308d4f444773b COPYRIGHT
Reference in New Issue View Git Blame Copy Permalink