NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a8eef7d2e6
kumquat-buildroot/package/bind/bind.hash
Peter Korsgaard 6376decbda package/bind: security bump to version 9.11.28 
Fixes the following security issue:

- CVE-2020-8625: When tkey-gssapi-keytab or tkey-gssapi-credential was
  configured, a specially crafted GSS-TSIG query could cause a buffer
  overflow in the ISC implementation of SPNEGO (a protocol enabling
  negotiation of the security mechanism to use for GSSAPI authentication).
  This flaw could be exploited to crash named.  Theoretically, it also
  enabled remote code execution, but achieving the latter is very difficult
  in real-world conditions

For details, see the advisory:
https://kb.isc.org/docs/cve-2020-8625

In addition, 9.11.26-27 fixed a number of issues, see the release notes for
details:
https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.html

Drop now upstreamed patches, update the GPG key for the 2021-2022 variant
and update the COPYRIGHT hash for a change of year:

-Copyright (C) 1996-2020  Internet Systems Consortium, Inc. ("ISC")
+Copyright (C) 1996-2021  Internet Systems Consortium, Inc. ("ISC")

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-22 14:35:10 +01:00

5 lines
308 B
Plaintext
Raw Blame History

# Verified from https://ftp.isc.org/isc/bind9/9.11.28/bind-9.11.28.tar.gz.asc
# with key 2455774D42FDFE6B9C383EB8FE1002BC5970811F
sha256 1090cbe6caba37c404d1075887da7e5282ae9a2bc6172d722df15cd480975e74 bind-9.11.28.tar.gz
sha256 cad49daa42654bc241762cd998630168a2542c8fd6fad3881e2eac1510bb6fcd COPYRIGHT
Reference in New Issue View Git Blame Copy Permalink