mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 22:45:39 +00:00
Code Issues Releases Wiki Activity

Add CHANGES and release notes for [GL #3619]

Browse Source
This commit is contained in:
Aram Sargsyan
2022-11-14 12:30:49 +00:00
committed by Michał Kępień
parent ec2098ca35
commit d08a478b42
2 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -1,4 +1,5 @@
6067. [placeholder] 6067. [security] Fix serve-stale crash when recursive clients soft quota
is reached. (CVE-2022-3924) [GL #3619]
6066. [security] Handle RRSIG lookups when serve-stale is active. 6066. [security] Handle RRSIG lookups when serve-stale is active.
(CVE-2022-3736) [GL #3622] (CVE-2022-3736) [GL #3622]

9
doc/notes/notes-current.rst
View File

@@ -32,6 +32,15 @@ Security Fixes
Iratxe Niño from Fundación Sarenet) for bringing this vulnerability to Iratxe Niño from Fundación Sarenet) for bringing this vulnerability to
our attention. :gl:`#3622` our attention. :gl:`#3622`
- :iscman:`named` running as a resolver with the
:any:`stale-answer-client-timeout` option set to any value greater
than ``0`` could crash with an assertion failure, when the
:any:`recursive-clients` soft quota was reached. This has been fixed.
(CVE-2022-3924)
ISC would like to thank Maksym Odinintsev from AWS for bringing this
vulnerability to our attention. :gl:`#3619`
New Features New Features
~~~~~~~~~~~~ ~~~~~~~~~~~~