]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 6a41fa3 4fb662a)
fix: usr: Check that an NSEC signer is at or above the name to be validated
authorEvan Hunt <each@isc.org>
Wed, 24 Jun 2026 21:04:20 +0000 (21:04 +0000)
committerEvan Hunt <each@isc.org>
Wed, 24 Jun 2026 21:04:20 +0000 (21:04 +0000)
Add a check that an NSEC record being used as a proof of nonexistence
for a given name is not signed by a name lower in the DNS hierarchy than
the one in question.

Closes #5876

Merge branch '5876-nsec-signer-above-name' into 'main'

See merge request isc-projects/bind9!12272


Trivial merge
Mirror of https://gitlab.isc.org/isc-projects/bind9.git