kumquat-buildroot/package/bind
Peter Korsgaard a0c53973f8 bind: security bump to version 9.11.1-P2
Fixes the following security issues:

CVE-2017-3142: An error in TSIG authentication can permit unauthorized zone
transfers

An attacker who is able to send and receive messages to an authoritative DNS
server and who has knowledge of a valid TSIG key name may be able to
circumvent TSIG authentication of AXFR requests via a carefully constructed
request packet. A server that relies solely on TSIG keys for protection with
no other ACL protection could be manipulated into:

* providing an AXFR of a zone to an unauthorized recipient
* accepting bogus NOTIFY packets

https://kb.isc.org/article/AA-01504/74/CVE-2017-3142

CVE-2017-3041: An error in TSIG authentication can permit unauthorized dynamic
updates

An attacker who is able to send and receive messages to an authoritative DNS
server and who has knowledge of a valid TSIG key name for the zone and service
being targeted may be able to manipulate BIND into accepting an unauthorized
dynamic update.

https://kb.isc.org/article/AA-01503/74/CVE-2017-3143

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-02 23:48:41 +02:00
..
0002-cross.patch
0003-Rename-ptrsize-to-ptr_size.patch
bind.hash bind: security bump to version 9.11.1-P2 2017-07-02 23:48:41 +02:00
bind.mk bind: security bump to version 9.11.1-P2 2017-07-02 23:48:41 +02:00
Config.in
named.service
S81named