mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-01 06:55:30 +00:00
Code Issues Releases Wiki Activity

Add release notes entry

Browse Source
This commit is contained in:
Mark Andrews
2020-03-31 17:22:15 +11:00
committed by Michał Kępień
parent 83965f70df
commit 7ea45838a9
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
doc/notes/notes-current.rst
View File

@@ -14,6 +14,14 @@ Notes for BIND 9.17.2
Security Fixes Security Fixes
~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~
- To prevent exhaustion of server resources by a maliciously configured
domain, the number of recursive queries that can be triggered by a
request before aborting recursion has been further limited. Root and
top-level domain servers are no longer exempt from the
``max-recursion-queries`` limit. Fetches for missing name server
address records are limited to 4 for any domain. This issue was
disclosed in CVE-2020-8616. [GL #1388]
- Replaying a TSIG BADTIME response as a request could trigger an - Replaying a TSIG BADTIME response as a request could trigger an
assertion failure. This was disclosed in CVE-2020-8617. [GL #1703] assertion failure. This was disclosed in CVE-2020-8617. [GL #1703]