ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,381 Commits 589 Branches 805 Tags
de7ba81cb4e777282827deb06fe7113a852635b5
Commit Graph

4863 Commits

Author SHA1 Message Date
Tinderbox User
29904d0564 regenerate 2015-08-25 21:41:54 +00:00
Tinderbox User
f9ce0f83a4 regen v9_10 2015-08-25 20:48:29 +00:00
Evan Hunt
cf954d24ba [v9_10] relnotes 2015-08-25 13:34:34 -07:00
Tinderbox User
40130c37fc regen v9_10 2015-08-16 01:09:43 +00:00
Evan Hunt
42802dd2e8 [v9_10] fix the o umlaut for HTML and TXT too 2015-08-14 19:58:12 -07:00
Tinderbox User
b23d24228a regen v9_10 2015-08-14 01:09:03 +00:00
Tinderbox User
0333f3462e update copyright notice / whitespace 2015-08-13 23:45:54 +00:00
Evan Hunt
96f318b0c6 [v9_10] add CVE number 2015-08-13 15:31:15 -07:00
Tinderbox User
6a6990e4f1 document omlaut 
(cherry picked from commit f619a2035b)
 2015-08-14 06:45:16 +10:00
Tinderbox User
d3ba0ffc90 support umlaut 'o' 
(cherry picked from commit a73d9c0b4d)
 2015-08-14 05:52:16 +10:00
Evan Hunt
aaa8c27733 [v9_10] xml doesn't define ö 2015-08-12 18:16:38 -07:00
Evan Hunt
a51bed6650 [v9_10] fix length check in OPENPGPKEY 
4170.	[security]	An incorrect boundary check in the OPENPGPKEY
			rdatatype could trigger an assertion failure.
			[RT #40286]
 2015-08-11 20:02:39 -07:00
Tinderbox User
cd7459a034 regen v9_10 2015-08-08 01:11:49 +00:00
Evan Hunt
7163ce122d [v9_10] address buffer accounting error 
4168.	[security]	A buffer accounting error could trigger an
			assertion failure when parsing certain malformed
			DNSSEC keys. (CVE-2015-5722) [RT #40212]

(cherry picked from commit ce9f893e21)
 2015-08-07 13:23:03 -07:00
Tinderbox User
c0dc39d84d regen v9_10 2015-08-07 01:10:56 +00:00
Evan Hunt
5d1a343762 [v9_10] remove spurious "None" 2015-08-06 14:16:55 -07:00
Evan Hunt
d9417d8311 [v9_10] revert incorrect 'correction' 2015-08-05 12:15:39 -07:00
Tinderbox User
61459501d6 regen v9_10 2015-08-01 01:11:08 +00:00
Evan Hunt
be4ececeb0 [v9_10] corrected relnotes -- assertion in name.c not message.c 2015-07-31 12:03:44 -07:00
Tinderbox User
1767227885 regenerate 2015-07-31 07:18:29 +00:00
Tinderbox User
5a6ce6c0a8 regen v9_10 2015-07-31 07:16:42 +00:00
Tinderbox User
01843e9a88 regen v9_10 2015-07-24 01:08:49 +00:00
Mark Andrews
fa25ae3d4d whitespace 2015-07-23 19:52:07 +10:00
Tinderbox User
5d5fe61534 regen v9_10 2015-07-21 01:09:02 +00:00
Evan Hunt
c41d5c2d5d [v9_10] remove accidentally duplicated section on clients-per-query 2015-07-20 15:28:17 -07:00
Tinderbox User
d7707ba51f regen v9_10 2015-07-15 01:08:44 +00:00
Mark Andrews
fba94b205b add CVE-2015-5477 2015-07-15 07:55:52 +10:00
Tinderbox User
877ef1db24 regen v9_10 2015-07-11 01:10:45 +00:00
Tinderbox User
1abf201343 regen v9_10 2015-07-10 01:08:50 +00:00
Evan Hunt
83d0b1ab69 [v9_10] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			These options are not available by default;
			use "configure --enable-fetchlimit" (or
			--enable-developer) to include them in the build.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:55:31 -07:00
Tinderbox User
4b6accc40b regen v9_10 2015-07-08 01:08:43 +00:00
Mark Andrews
bb7971417a 4157. [protocol] Update experimental SIT code to use the EDNS COOKIE 
option code point (10).  This is the minimal change
                        required to use the new code point. [RT #39928]
 2015-07-07 15:43:04 +10:00
Tinderbox User
42792e6b2a regen v9_10 2015-06-25 01:08:51 +00:00
Mark Andrews
be4b9178f0 4143. [bug] serial-query-rate was not effective for notify. 
[RT #39858]
 2015-06-24 20:54:56 +10:00
Tinderbox User
c024374dd3 regen v9_10 2015-06-20 01:11:19 +00:00
Witold Krecicki
2e02ab4e50 fix rpz-client-ip documentation [RT #39783] 2015-06-19 10:26:04 +02:00
Tinderbox User
73f14fb2bc regen v9_10 2015-06-19 01:09:14 +00:00
Mukund Sivaraman
f38cbc4cc9 Add comma 
(cherry picked from commit f4d1c19691)
 2015-06-17 12:26:14 +05:30
Mark Andrews
48f85bd5a2 add release notes for CVE-2015-4620 
(cherry picked from commit 572e95f52a)
 2015-06-17 11:20:44 +10:00
Tinderbox User
6b3a82832c regen v9_10 2015-06-06 01:12:12 +00:00
Tinderbox User
889f1723d0 Merge branch 'v9_10' of ssh://repo.isc.org/proj/git/prod/bind9 into v9_10 2015-06-06 01:07:33 +00:00
Mark Andrews
1f0e687cfa update rpz doc as per rt39703 
(cherry picked from commit 94f7158d44)
 2015-06-05 11:14:38 +10:00
Tinderbox User
3851d4137f regen v9_10 2015-06-05 01:08:54 +00:00
Evan Hunt
f89d03dc9e [v9_10] further RPZ fixes 
4131.	[bug]		Addressed further problems with reloading RPZ
			zones. [RT #39649]
 2015-06-03 18:19:19 -07:00
Tinderbox User
2ce9b9310a regen v9_10 2015-05-29 01:08:42 +00:00
Tinderbox User
b3623d80ab update copyright notice / whitespace 2015-05-28 23:45:50 +00:00
Tinderbox User
1d6dbadbc4 regen v9_10 2015-05-28 01:08:38 +00:00
Mark Andrews
d8161b8756 4127. [protocol] CDS and CDNSKEY need to be signed by the key signing 
key as per RFC 7344, Section 4.1. [RT #37215]

(cherry picked from commit 598b502695)
 2015-05-27 15:36:55 +10:00
Tinderbox User
5fd8115e3f regen v9_10 2015-05-23 01:09:48 +00:00
Evan Hunt
1f71e84ce5 [v9_10] fix tags 2015-05-21 14:29:28 -07:00