37bb75f740
1. Very large RRSIG RRsets included in a negative cache can trigger an assertion failure that will crash named (BIND 9 DNS) due to an off-by-one error in a buffer size check. This bug affects all resolving name servers, whether DNSSEC validation is enabled or not, on all BIND versions prior to today. There is a possibility of malicious exploitation of this bug by remote users. 2. Named could fail to validate zones listed in a DLV that validated insecure without using DLV and had DS records in the parent zone. Add a patch provided by ru@ and confirmed by ISC to fix a crash at shutdown time when a SIG(0) key is being used.
11 lines
220 B
Plaintext
11 lines
220 B
Plaintext
# $Id: version,v 1.43.12.11.2.2.2.1 2011-05-27 00:19:16 each Exp $
|
|
#
|
|
# This file must follow /bin/sh rules. It is imported directly via
|
|
# configure.
|
|
#
|
|
MAJORVER=9
|
|
MINORVER=6
|
|
PATCHVER=
|
|
RELEASETYPE=-ESV
|
|
RELEASEVER=-R4-P1
|