projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c2d5b6d) | patch
bind: update to 9.18.11
authorNoah Meyerhans <frodo@morgul.net>
Thu, 26 Jan 2023 18:45:55 +0000 (10:45 -0800)
committerHannu Nyman <hannu.nyman@iki.fi>
Sat, 28 Jan 2023 07:47:09 +0000 (09:47 +0200)
commit47fcec43abedab5c409259db1ac14c1ccc86bd02
treed1454208cf8eacdbb9a0b8912efd4d8f2c21eafbtree | snapshot
parentc2d5b6de78ccfeea23381f93bd320dbd04d637c8commit | diff
bind: update to 9.18.11

Fixes CVEs:
      - CVE-2022-3924: Fix serve-stale crash when recursive clients
      soft quota is reached.
      - CVE-2022-3736: Handle RRSIG lookups when serve-stale is
      active.
      - CVE-2022-3094: An UPDATE message flood could cause named to
      exhaust all available memory. This flaw was addressed by adding
      a new "update-quota" statement that controls the number of
      simultaneous UPDATE messages that can be processed or
      forwarded. The default is 100. A stats counter has been added to
      record events when the update quota is exceeded, and the XML and
      JSON statistics version numbers have been updated.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
net/bind/Makefile diff | blob | history
Mirror of packages feed