]> git.ipfire.org Git - thirdparty/knot-resolver.git/commitdiff
projects / thirdparty / knot-resolver.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fb957a9)
Clarify conditions when invalid RRSIG can lead to AD=1 response
authorPetr Špaček <petr.spacek@nic.cz>
Mon, 6 Mar 2017 12:24:20 +0000 (13:24 +0100)
committerPetr Špaček <petr.spacek@nic.cz>
Mon, 6 Mar 2017 12:24:20 +0000 (13:24 +0100)
Further clarification of fb957a9b5593aaa46dcfddd9adb488cf898b4a45

NEWS patch | blob | blame | history

diff --git a/NEWS b/NEWS
index 5eb761c3ba2a8881c5e5bc16d81e1d3dfdc94560..07851ae66d2480a70882cb8094c8ceba3b77a4f4 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -4,7 +4,8 @@ Knot Resolver 1.2.4-dev (2017-03-XX)
 Security
 --------
 - Knot Resolver 1.2.0 and higher could return AD flag for insecure
-  answer, if the same answer was validated three or more times.
+  answer if the daemon received answer with invalid RRSIG several times
+  in a row.
 
 Improvements
 ------------
Mirror of https://gitlab.nic.cz/knot/knot-resolver.git