]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: c49ee79 14e2999)
[CVE-2025-13878] sec: usr: Fix incorrect length checks for BRID and HHIT records
authorNicki Křížek <nicki@isc.org>
Thu, 8 Jan 2026 11:32:38 +0000 (12:32 +0100)
committerNicki Křížek <nicki@isc.org>
Thu, 8 Jan 2026 11:32:38 +0000 (12:32 +0100)
commit7bf83f69a80bdc6094c2adee3595e28b1b3e19ea
treeb50ece25e73bd3bac724f19b24293cd857f0b869tree | snapshot
parentc49ee7907d87d0e60d2e8a08b34917ec0b94b2b1commit | diff
parent14e299995f8f1dd8faeb7c5395a5a0c12b0f43f4commit | diff
[CVE-2025-13878] sec: usr: Fix incorrect length checks for BRID and HHIT records

Malformed BRID and HHIT records could trigger an assertion failure. This has been fixed.

ISC would like to thank Vlatko Kosturjak from Marlink Cyber for bringing
this vulnerability to our attention.

Closes isc-projects/bind9#5616

Merge branch '5616-confidential-brid-hhit-towire' into 'v9.21.17-release'

See merge request isc-private/bind9!876
Mirror of https://gitlab.isc.org/isc-projects/bind9.git