ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

4260. [security] Insufficient testing when parsing a message allowed

Browse Source 
records with an incorrect class to be be accepted,
                        triggering a REQUIRE failure when those records
                        were subsequently cached. (CVE-2015-8000) [RT #4098]

(cherry picked from commit c8821d124c)
This commit is contained in:
Mark Andrews
2015-11-16 13:12:20 +11:00
parent c8a643d37a
commit 3a4c24c4a5
8 changed files with 83 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
doc/arm/notes.xml
View File

@@ -40,6 +40,15 @@
<section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
<itemizedlist>
<listitem>
<para>
Insufficient testing when parsing a message allowed
records with an incorrect class to be be accepted,
triggering a REQUIRE failure when those records
were subsequently cached. This flaw is disclosed
in CVE-2015-8000. [RT #4098]
</para>
</listitem>
<listitem>
<para>
An incorrect boundary check in the OPENPGPKEY rdatatype