: Log in!


ウェブ 検索
トップ  >  Linux17歩  >  2017-02-10 bind-9.11.0-P3にupdate
20170210 bind-9.11.0-P3にupdateしました

Release Notes for BIND Version 9.11.0-P3

Security Fixes

* If a server is configured with a response policy zone (RPZ) that
  rewrites an answer with local data, and is also configured for
  DNS64 address mapping, a NULL pointer can be read triggering a
  server crash. This flaw is disclosed in CVE-2017-3135. [RT #44434]
* A coding error in the nxdomain-redirect feature could lead to an
  assertion failure if the redirection namespace was served from a
  local authoritative data source such as a local zone or a DLZ
  instead of via recursive lookup. This flaw is disclosed in
  CVE-2016-9778. [RT #43837]
* named could mishandle authority sections with missing RRSIGs,
  triggering an assertion failure. This flaw is disclosed in
  CVE-2016-9444. [RT #43632]
* named mishandled some responses where covering RRSIG records were
  returned without the requested data, resulting in an assertion
  failure. This flaw is disclosed in CVE-2016-9147. [RT #43548]
* named incorrectly tried to cache TKEY records which could trigger
  an assertion failure when there was a class mismatch. This flaw is
  disclosed in CVE-2016-9131. [RT #43522]
* It was possible to trigger assertions when processing responses
  containing answers of type DNAME. This flaw is disclosed in
  CVE-2016-8864. [RT #43465]

New Features

* None.

Feature Changes

* None.

Porting Changes

* None.

Bug Fixes

* A synthesized CNAME record appearing in a response before the
  associated DNAME could be cached, when it should not have been.
  This was a regression introduced while addressing CVE-2016-8864.
  [RT #44318]
投票数:31 平均点:5.48
2017-02-08 openssl-1.0.2kにupdate
2017-02-25 lynis-2.4.2にupdate