mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
3d7f409cba
For details see: https://ftp.isc.org/isc/bind9/9.11.0-P2/RELEASE-NOTES-bind-9.11.0-P2.html "BIND 9.11.0-P2 addresses the security issues described in CVE-2016-9131, CVE-2016-9147, CVE-2016-9444 and CVE-2016-9778. ... Security Fixes A coding error in the nxdomain-redirect feature could lead to an assertion failure if the redirection namespace was served from a local authoritative data source such as a local zone or a DLZ instead of via recursive lookup. This flaw is disclosed in CVE-2016-9778. [RT Named could mishandle authority sections that were missing RRSIGs triggering an assertion failure. This flaw is disclosed in CVE-2016-9444. [RT # 43632] Named mishandled some responses where covering RRSIG records are returned without the requested data resulting in a assertion failure. This flaw is disclosed in CVE-2016-9147. [RT #43548] Named incorrectly tried to cache TKEY records which could trigger a assertion failure when there was a class mismatch. This flaw is disclosed in CVE-2016-9131. [RT #43522] It was possible to trigger assertions when processing a response. This flaw is disclosed in CVE-2016-8864. [RT #43465]" Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>