Evan Hunt
835485d6a7
[v9_9] formatting
...
(cherry picked from commit 52e398c0af )
2017-04-12 14:06:18 -07:00
Mark Andrews
91adc7a4da
add CVE-2017-3138
...
(cherry picked from commit fe1ad70e51 )
2017-03-30 02:57:16 +11:00
Evan Hunt
fcf1874867
[v9_9] remove unnecessary INSIST and prep 9.11.1rc2
...
4578. [security] Some chaining (CNAME or DNAME) responses to upstream
queries could trigger assertion failures.
(CVE-2017-3137) [RT #44734 ]
(cherry picked from commit a1365a0042 )
(cherry picked from commit 559cbe04e7 )
2017-02-23 15:26:55 -08:00
Mark Andrews
52e42f648b
add CVE-2017-3136 note
...
(cherry picked from commit d77eadc261 )
2017-02-15 12:45:20 +11:00
Evan Hunt
02f0aa2ed3
[v9_9] doc style
2017-02-07 08:19:39 -08:00
Evan Hunt
0220addcca
[v9_9] removed extra note about bind.keys update
2017-02-06 14:19:39 -08:00
Evan Hunt
3b1b532d66
[v9_9] release note about new root key
2017-02-04 22:16:06 -08:00
Mark Andrews
07f8c99017
new root KSK
2017-02-02 18:30:20 +11:00
Evan Hunt
a6bae6d52c
[v9_9] change 4558 was incomplete
...
(cherry picked from commit cd668ea57f )
2017-01-30 14:11:30 -08:00
Evan Hunt
4474e3aca7
[v9_9] expand relnote
...
(cherry picked from commit afa0ff0cbb )
2017-01-23 20:05:13 -08:00
Mark Andrews
4b843e0cc8
4556. [security] Combining dns64 and rpz can result in dereferencing
...
a NULL pointer (read). (CVE-2017-3135) [RT#44434]
(cherry picked from commit 5abe80ef13 )
2017-01-24 09:56:20 +11:00
Tinderbox User
0ed649b6e5
update copyright notice / whitespace
2017-01-12 23:48:25 +00:00
Mark Andrews
ab9537f521
4553. [bug] Named could deadlock there were multiple changes to
...
NSEC/NSEC3 parameters for a zone being processed at
the same time. [RT #42770 ]
(cherry picked from commit d2e1b47d4f )
2017-01-12 14:26:17 +11:00
Mark Andrews
72a50181d2
4552. [bug] Named could trigger a assertion when sending notify
...
messages. [RT #44019 ]
(cherry picked from commit 42924b40af )
2017-01-12 14:20:18 +11:00
Evan Hunt
4e8f6de3dd
[v9_9] release notes
2016-12-28 20:10:52 -08:00
Mark Andrews
d372472f60
4508. [security] Named incorrectly tried to cache TKEY records which
...
could trigger a assertion failure when there was
a class mismatch. (CVE-2016-9131) [RT #43522 ]
(cherry picked from commit 2c1c4b99a1 )
2016-12-29 11:35:54 +11:00
Evan Hunt
81a5785611
[v9_9] release notes
2016-12-28 13:54:44 -08:00
Mark Andrews
3cf6fa831e
4527. [doc] Support DocBook XSL Stylesheets v1.79.1. [RT #43831 ]
...
(cherry picked from commit 1b8ce3b330 )
2016-12-07 11:00:40 +11:00
Mark Andrews
51fe40fd59
4504. [security] Allow the maximum number of records in a zone to
...
be specified. This provides a control for issues
raised in CVE-2016-6170. [RT #42143 ]
(cherry picked from commit 5f8412a4cb )
2016-11-03 10:46:37 +11:00
Mark Andrews
fa1f25ce83
add CVE-2016-2776
2016-09-09 11:53:18 +10:00
Mark Andrews
00e7b6dcca
grammar
...
(cherry picked from commit 8f7881684b )
2016-07-14 09:43:04 +10:00
Mark Andrews
e0f5ce3bad
add [RT #42694 ]
2016-07-13 11:36:13 +10:00
Mark Andrews
eca42d74ef
whitespace
2016-07-13 11:25:32 +10:00
Mark Andrews
d05f0b2479
add CVE-2016-2775
2016-07-12 01:19:20 +10:00
Mark Andrews
8491339284
add note for rt42694
...
(cherry picked from commit aacf0753e9 )
2016-07-07 13:55:57 +10:00
Evan Hunt
08da9c0bc0
[v9_9] spelling
2016-05-25 18:45:49 -07:00
Evan Hunt
767c85f45a
[v9_9] extend release notes
2016-05-25 18:43:56 -07:00
Evan Hunt
d5ebc757a6
[v9_9] log message when using ISC DLV
...
4352. [cleanup] The ISC DNSSEC Lookaside Validation (DLV) service
is scheduled to be disabled in 2017. A warning is
now logged when named is configured to use it,
either explicitly or via "dnssec-lookaside auto;"
[RT #42207 ]
2016-05-04 14:40:17 -07:00
Tinderbox User
046e66c891
update copyright notice / whitespace
2016-03-30 23:45:53 +00:00
Jeremy C. Reed
a2f067c7b5
[v9_9] some release notes updates
...
mention that the document summarizes "significant" changes
since obviously it misses a lot.
Also refer to the CHANGES file.
Added a few bugs. Wording some discussed via email, phone call, and jabber.
2016-03-30 13:36:55 -04:00
Evan Hunt
7d5c94236b
[v9_9] more release note corrections
2016-03-24 16:40:54 -07:00
Evan Hunt
7e76a21929
[v9_9] fixes for release notes
2016-03-24 14:43:05 -07:00
Mark Andrews
ef0a86dfad
note rrsig regeneration
...
(cherry picked from commit 98c5690bd9 )
2016-03-11 12:28:11 +11:00
Jeremy C. Reed
4943482c81
minor updates and a typo fix
...
mention SMIMEA, new contrib, and named -V
2016-03-08 08:52:45 -05:00
Mark Andrews
c85aaaaf17
9.9.9b1
2016-03-08 16:14:23 +11:00
Mark Andrews
cb3e40e655
add AVC
2016-03-04 18:17:39 +11:00
Evan Hunt
b5957e6c2d
[v9_9] recursively clean empty interior nodes when deleting database records
...
4324. [bug] When deleting records from a zone database, interior
nodes could be left empty but not deleted, damaging
search performance afterward. [RT #40997 ]
(cherry picked from commit 44c86318ed )
(cherry picked from commit db06cd726c )
2016-03-03 21:19:59 -08:00
Mark Andrews
885b3a09f2
re-order security list into reverse order
2016-02-29 12:47:03 +11:00
Mukund Sivaraman
76c3c9fe9f
Fix resolver assertion failure due to improper DNAME handling (CVE-2016-1286) ( #41753 )
...
(cherry picked from commit 5995fec51c )
(cherry picked from commit 456e1eadd2 )
2016-02-22 12:25:46 +05:30
Mark Andrews
31e4657cf2
4318. [security] Malformed control messages can trigger assertions
...
in named and rndc. (CVE-2016-1285) [RT #41666 ]
(cherry picked from commit a2b15b3305 )
2016-02-18 12:18:00 +11:00
Evan Hunt
b23d9e68e9
[v9_9] remove reporter's name per his request
2016-01-29 10:36:17 -08:00
Evan Hunt
e1997cc26e
[v9_9] update EOL date
2016-01-27 12:08:08 -08:00
Evan Hunt
75214d0c59
[v9_9] fix use after free on xfr timeout
...
4289. [bug] The server could crash due to memory being used
after it was freed if a zone transfer timed out.
[RT #41297 ]
2016-01-04 22:06:35 -08:00
Evan Hunt
97efa261cb
[v9_9] Merge branch 'v9_9' of ssh://repo/proj/git/prod/bind9 into v9_9
2016-01-04 16:10:15 -08:00
Evan Hunt
f6ab9b3a28
[v9_9] fixed bogus server regression
...
4288. [bug] Fixed a regression in resolver.c:possibly_mark()
which caused known-bogus servers to be queried
anyway. [RT #41321 ]
2016-01-04 16:06:27 -08:00
Evan Hunt
7128c44787
[v9_9] clean up relnotes to include only things added since 9.9.8
2016-01-04 16:05:44 -08:00
Tinderbox User
c40fa54eab
update copyright notice / whitespace
2016-01-04 23:46:16 +00:00
Evan Hunt
717129f35a
[v9_9] clean up notes
2016-01-03 21:23:52 -08:00
Mark Andrews
435ab2044a
4285. [security] Specific APL data could trigger a INSIST.
...
(CVE-2015-8704) [RT #41396 ]
(cherry picked from commit 1b3d211802 )
2015-12-31 13:47:08 +11:00
Mukund Sivaraman
15faf2a1fd
Update notes.xml for #40996
...
(cherry picked from commit 6960e7fd12 )
(cherry picked from commit f2d05dbb6f )
2015-12-15 18:07:37 +05:30