diff options
author | spz <spz@pkgsrc.org> | 2010-01-21 19:42:16 +0000 |
---|---|---|
committer | spz <spz@pkgsrc.org> | 2010-01-21 19:42:16 +0000 |
commit | db2414ddb5c8a14b91cfaf151ae72fb0601dff78 (patch) | |
tree | 111ac6d3318fb0d33cd5de53a868243f33f03462 /comms/xisp | |
parent | 9bd3f726fd61298a8f4e150dfee30cf185ede76c (diff) | |
download | pkgsrc-db2414ddb5c8a14b91cfaf151ae72fb0601dff78.tar.gz |
security update:
BIND 9.5.2-P2 is a SECURITY PATCH for BIND 9.5.2. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.5.2-P1:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
Diffstat (limited to 'comms/xisp')
0 files changed, 0 insertions, 0 deletions