| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
use this as a work area for 9.3.* imports for stable branches.
Notes:
svn path=/vendor/bind9/dist-9.3/; revision=180458
|
| |
|
|
| |
Notes:
svn path=/vendor/bind9/dist/; revision=165071
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
announced by ISC dated 31 October (delivered via e-mail to the
bind-announce@isc.org list on 2 November):
Description:
Because of OpenSSL's recently announced vulnerabilities
(CAN-2006-4339, CVE-2006-2937 and CVE-2006-2940) which affect named,
we are announcing this workaround and releasing patches. A proof of
concept attack on OpenSSL has been demonstrated for CAN-2006-4339.
OpenSSL is required to use DNSSEC with BIND.
Fix for version 9.3.2-P1 and lower:
Upgrade to BIND 9.3.2-P2, then generate new RSASHA1 and
RSAMD5 keys for all old keys using the old default exponent
and perform a key rollover to these new keys.
These versions also change the default RSA exponent to be
65537 which is not vulnerable to the attacks described in
CAN-2006-4339.
Notes:
svn path=/vendor/bind9/dist/; revision=163976
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vulnerabilities:
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
2066. [security] Handle SIG queries gracefully. [RT #16300]
http://www.kb.cert.org/vuls/id/697164
1941. [bug] ncache_adderesult() should set eresult even if no
rdataset is passed to it. [RT #15642]
All users of BIND 9 are encouraged to upgrade to this version.
Notes:
svn path=/vendor/bind9/dist/; revision=162079
|
| |
|
|
| |
Notes:
svn path=/vendor/bind9/dist/; revision=153816
|
|
|
Notes:
svn path=/vendor/bind9/dist/; revision=135446
|
