diff options
| author | taca <taca@pkgsrc.org> | 2014-12-08 21:59:09 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2014-12-08 21:59:09 +0000 |
| commit | 8d1c6e3e0ca3456e49230beb140144fc6d6b71b4 (patch) | |
| tree | fab5839e6d8df0bda3112fbf811e2056dc0213d4 /wm | |
| parent | f9962b54b359ee60b6e56b915ab84463466f2726 (diff) | |
| download | pkgsrc-8d1c6e3e0ca3456e49230beb140144fc6d6b71b4.tar.gz | |
Update bind910 to 9.10.1pl1 (BIND 9.10.1-P1).
--- 9.10.1-P1 released ---
4006. [security] A flaw in delegation handling could be exploited
to put named into an infinite loop. This has
been addressed by placing limits on the number
of levels of recursion named will allow (default 7),
and the number of iterative queries that it will
send (default 50) before terminating a recursive
query (CVE-2014-8500).
The recursion depth limit is configured via the
"max-recursion-depth" option, and the query limit
via the "max-recursion-queries" option. [RT #37580]
4003. [security] When geoip-directory was reconfigured during
named run-time, the previously loaded GeoIP
data could remain, potentially causing wrong
ACLs to be used or wrong results to be served
based on geolocation (CVE-2014-8680). [RT #37720]
4002. [security] Lookups in GeoIP databases that were not
loaded could cause an assertion failure
(CVE-2014-8680). [RT #37679]
4001. [security] The caching of GeoIP lookups did not always
handle address families correctly, potentially
resulting in an assertion failure (CVE-2014-8680).
[RT #37672]
Diffstat (limited to 'wm')
0 files changed, 0 insertions, 0 deletions