]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 282b0ed 88c31fd)
fix: usr: validate adb fetches
authorMark Andrews <marka@isc.org>
Mon, 3 Feb 2025 02:18:09 +0000 (02:18 +0000)
committerMark Andrews <marka@isc.org>
Mon, 3 Feb 2025 02:18:09 +0000 (02:18 +0000)
commitd9eb272b69093f3b0a761e4d2c395f013444cf74
tree134cad76a7b1243daf7cf116b0d5e5547547c290tree | snapshot
parent282b0ed51408033041cb5bbd83b1ea13dd284975commit | diff
parent88c31fdd52ceee43224b83847247057f8aecbf76commit | diff
fix: usr: validate adb fetches

ADB responses were not being validated, allowing spoofed responses to be accepted and used for further lookups. This should not be possible when the servers for the zone are in a signed zone, except with CD=1 requests or when glue is needed. This has been fixed.

Closes #5066

Merge branch '5066-validate-adb-fetches' into 'main'

See merge request isc-projects/bind9!10052
Mirror of https://gitlab.isc.org/isc-projects/bind9.git