3693. [security] memcpy was incorrectly called with overlapping
ranges resulting in malformed names being generated
on some platforms. This could cause INSIST failures
- when serving NSEC3 signed zones. [RT #35120]
+ when serving NSEC3 signed zones (CVE-2014-0591).
+ [RT #35120]
3692. [bug] Two calls to dns_db_getoriginnode were fatal if there
was no data at the node. [RT #35080]
3658. [port] linux: Address platform specific compilation issue
when libcap-devel is installed. [RT #34838]
-3656. [bug] Treat an all zero netmask as invalid when generating
- the localnets acl. [RT #34687]
+3656. [security] Treat an all zero netmask as invalid when generating
+ the localnets acl. (The prior behavior could
+ allow unexpected matches when using some versions
+ of Winsock: CVE-2013-6320.) [RT #34687]
3655. [cleanup] Simplify TCP message processing when requesting a
zone transfer. [RT #34825]
BIND 9.6-ESV-R11 (Extended Support Version)
BIND 9.6-ESV-R11 is a maintenance release, fixing bugs in
- BIND 9.6-ESV-R10, and also includes the following functional
- enhancement:
+ BIND 9.6-ESV-R10, and patches the security flaws described
+ in CVE-2013-6320 and CVE-2014-0591. It also includes the
+ following functional enhancement:
- "named" now preserves the capitalization of names when
responding to queries.
projects / thirdparty / bind9.git / commitdiff
