ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Add CHANGES and release note for GL #1996

Browse Source
This commit is contained in:
Ondřej Surý
2020-07-31 09:39:46 +02:00
committed by Michał Kępień
parent 9a372f2bce
commit 9d69ee740f
2 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -10,6 +10,10 @@
system, but the Duplicate Address Detection (DAD)
mechanism had not yet finished. [GL #2038]
5478. [security] It was possible to trigger an assertion failure by
sending a specially crafted large TCP DNS message.
(CVE-2020-8620) [GL #1996]
5477. [bug] The idle timeout for connected TCP sockets is now
derived from the client query processing timeout
configured for a resolver. [GL #2024]

6
doc/notes/notes-current.rst
View File

@@ -14,7 +14,11 @@ Notes for BIND 9.16.6
Security Fixes
~~~~~~~~~~~~~~
- None.
- It was possible to trigger an assertion failure by sending a specially
crafted large TCP DNS message. This was disclosed in CVE-2020-8620.
ISC would like to thank Emanuel Almeida of Cisco Systems, Inc. for
bringing this vulnerability to our attention. [GL #1996]
Known Issues
~~~~~~~~~~~~