Commit Graph

241 Commits

Author SHA1 Message Date
Ondřej Surý
5e88bf24f7 Update documentation to remove obsolete bind9-bugs@isc.org email address
(cherry picked from commit efc9bc5d8d)
(cherry picked from commit 486e79050f)
(cherry picked from commit 292d6c8a5b)
2018-03-08 10:42:40 -08:00
Evan Hunt
f8d31691b5 [v9_9] add missing release note, update README 2018-02-17 20:04:13 -08:00
Evan Hunt
00947bf45d [v9_9] prep 9.9.12b1 2018-01-24 10:15:30 -08:00
Tinderbox User
dce370c959 regen v9_9 2017-12-21 01:41:40 +00:00
Tinderbox User
0cfdad53dc regen v9_9 2017-12-16 01:47:39 +00:00
Evan Hunt
0d0b16c1f5 [v9_9] README and relnote fixes
(cherry picked from commit 30419509dd)
(cherry picked from commit e609b6b32b)
(cherry picked from commit 04f334e4b0)
2017-10-17 13:53:21 -07:00
Evan Hunt
67a70cde7e [v9_9] correct the license info 2017-09-19 13:00:31 -07:00
Evan Hunt
a3f30d1aac [v9_9] address TSIG bypass/forgery vulnerabilities
4643.	[security]	An error in TSIG handling could permit unauthorized
			zone transfers or zone updates. (CVE-2017-3142)
			(CVE-2017-3143) [RT #45383]

(cherry picked from commit 581c1526ab)
(cherry picked from commit a03f4b1ea4)
2017-06-27 11:41:31 -07:00
Evan Hunt
ef0f8427a2 [v9_9] quote service registry paths
4532.	[security]	The BIND installer on Windows used an unquoted
                        service path, which can enable privilege escalation.
			(CVE-2017-3141) [RT #45229]

(cherry picked from commit 967a3b9419)
(cherry picked from commit c28e44f3f8)
2017-05-30 13:39:28 -07:00
Evan Hunt
10f80ef83a [v9_9] fix rpz formerr loop
4531.	[security]	Some RPZ configurations could go into an infinite
			query loop when encountering responses with TTL=0.
			(CVE-2017-3140) [RT #45181]

(cherry picked from commit 3440cf9c60)
(cherry picked from commit a57b289ed0)
2017-05-30 12:43:57 -07:00
Evan Hunt
02cb20760b [v9_9] change markdown comment style for pandoc 2017-04-27 23:44:39 -07:00
Tinderbox User
db6190e6ca regen v9_9 2017-04-26 23:46:04 +00:00
Tinderbox User
27ce6c57d3 regen v9_9 2017-04-25 01:22:11 +00:00
Evan Hunt
96762fdd4c [v9_9] allow parallel make
4609.	[cleanup]	Rearrange makefiles to enable parallel execution
			(i.e. "make -j"). [RT #45078]
2017-04-23 23:04:56 -07:00
Tinderbox User
1966cf8c5e regen v9_9 2017-04-23 01:21:17 +00:00
Evan Hunt
4bb6e3f63e [v9_9] remove references to compile options that aren't in 9.9 2017-04-20 20:15:51 -07:00
Evan Hunt
6f90648dbd [v9_9] update README, remove FAQ
4593.	[doc]		Update README using markdown, remove outdated FAQ
			file in favor of the knowledge base.
2017-04-20 19:50:55 -07:00
Evan Hunt
1398f719a6 [v9_9] prep 9.9.10 2017-04-13 20:44:50 -07:00
Mark Andrews
da4d56894c fix version number 2017-02-27 16:18:20 +11:00
Evan Hunt
fcf1874867 [v9_9] remove unnecessary INSIST and prep 9.11.1rc2
4578.	[security]	Some chaining (CNAME or DNAME) responses to upstream
			queries could trigger assertion failures.
			(CVE-2017-3137) [RT #44734]

(cherry picked from commit a1365a0042)
(cherry picked from commit 559cbe04e7)
2017-02-23 15:26:55 -08:00
Mark Andrews
14d680e3bc 9.9.10; copyrights 2017-02-16 12:41:30 +11:00
Evan Hunt
b4a0711e17 [v9_9] prep 9.9.10rc1 2017-02-04 22:36:23 -08:00
Evan Hunt
035e660ca5 [v9_9] README 2016-12-28 20:42:36 -08:00
Mark Andrews
d372472f60 4508. [security] Named incorrectly tried to cache TKEY records which
could trigger a assertion failure when there was
                            a class mismatch. (CVE-2016-9131) [RT #43522]

(cherry picked from commit 2c1c4b99a1)
2016-12-29 11:35:54 +11:00
Mark Andrews
964e19cea8 4497. [port] Add support for OpenSSL 1.1.0. [RT #41284] 2016-11-09 09:59:32 +11:00
Mark Andrews
e1570b4fc0 add CVE-2016-2776 2016-09-09 11:41:41 +10:00
Mark Andrews
d05f0b2479 add CVE-2016-2775 2016-07-12 01:19:20 +10:00
Mark Andrews
5d2ab9b4b4 document python requirements 2016-05-26 15:41:24 +10:00
Jeremy C. Reed
34c9083464 fix two spelling typos 2016-03-08 08:49:37 -05:00
Mark Andrews
44982ad2fb add CVE-2016-1286 2016-02-24 13:13:27 +11:00
Evan Hunt
b63bcfa9f5 [v9_9] add [performance] 2016-02-01 09:52:57 -08:00
Mark Andrews
eab11c6f0e add CVE-2015-8000 2015-11-17 15:30:12 +11:00
Evan Hunt
0fd8edc3c7 [v9_9] add CVE number 2015-08-13 15:31:39 -07:00
Evan Hunt
0d83784a75 [v9_9] address buffer accounting error
4168.	[security]	A buffer accounting error could trigger an
			assertion failure when parsing certain malformed
			DNSSEC keys. (CVE-2015-5722) [RT #40212]

(cherry picked from commit ce9f893e21)
2015-08-07 13:22:40 -07:00
Evan Hunt
de476c9f4d [v9_9] add fetchlimit to README 2015-08-03 12:54:01 -07:00
Mark Andrews
3fa6d28ea3 add CVE-2015-5477 2015-07-15 08:01:11 +10:00
Mark Andrews
f31f3bf055 add CVE-2015-1349 2015-02-11 16:39:56 +11:00
Evan Hunt
fee6ad726f [v9_9] prep 9.9.7b1 2014-12-18 13:50:42 -08:00
Evan Hunt
ea4e9ef83b [v9_9] update contact info in README and confiure --help 2014-09-16 12:27:20 -07:00
Mark Andrews
7851096a62 Revert "add CVE-2014-3859"
This reverts commit fb4d84ce2b.
2014-05-27 12:30:01 +10:00
Mark Andrews
fb4d84ce2b add CVE-2014-3859 2014-05-26 13:14:08 +10:00
Evan Hunt
2d9abcc1d2 [v9_9] update README 2014-02-06 22:52:51 -08:00
Evan Hunt
488819e99d [v9_9] add description of [contrib] 2014-02-05 14:55:06 -08:00
Evan Hunt
d3cc34243f [v9_9] explain [placeholder] 2014-02-05 09:25:28 -08:00
Evan Hunt
edd0fc4596 [v9_9] add CVE details; marked 3656 as [security] 2014-01-13 14:56:32 -08:00
Evan Hunt
94a726d4b7 [v9_9] prep 9.9.5rc1 2014-01-10 09:20:32 -08:00
Evan Hunt
61210f6d39 README formatting 2013-12-11 20:04:10 -08:00
Evan Hunt
b80e110dae [v9_9] prepare 9.9.5b1 2013-12-10 17:17:55 -08:00
Mark Andrews
b7f64bab54 [master] clarify case preservation feature
(cherry picked from commit dc3ac7e79a)
2013-09-18 16:10:50 +10:00
Mark Andrews
8cf6ba817a document case sensitive responses
(cherry picked from commit ca9bf8644a)
2013-09-18 16:09:32 +10:00