]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 6a41fa3 4fb662a)
fix: usr: Check that an NSEC signer is at or above the name to be validated
authorEvan Hunt <each@isc.org>
Wed, 24 Jun 2026 21:04:20 +0000 (21:04 +0000)
committerEvan Hunt <each@isc.org>
Wed, 24 Jun 2026 21:04:20 +0000 (21:04 +0000)
commit89e57b45e024cf1600ca779e2075fd296882fac1
treea3ea13b56bedca03c42e6b979b232dfea5ff8234tree | snapshot
parent6a41fa3e9c7143c78844a5c8c5a623313419fca9commit | diff
parent4fb662a171e494f865047ed74e28000ab850881dcommit | diff
fix: usr: Check that an NSEC signer is at or above the name to be validated

Add a check that an NSEC record being used as a proof of nonexistence
for a given name is not signed by a name lower in the DNS hierarchy than
the one in question.

Closes #5876

Merge branch '5876-nsec-signer-above-name' into 'main'

See merge request isc-projects/bind9!12272
Mirror of https://gitlab.isc.org/isc-projects/bind9.git