From: Michał Kępień <michal@isc.org>
Date: Thu, 8 May 2025 20:45:48 +0000 (+0200)
Subject: [CVE-2025-40775] sec: usr: Prevent assertion when processing TSIG algorithm
X-Git-Tag: v9.21.8~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1665e05438a97061e9e9266acf755d48e3604bbf;p=thirdparty%2Fbind9.git

[CVE-2025-40775] sec: usr: Prevent assertion when processing TSIG algorithm

DNS messages that included a Transaction Signature (TSIG) containing an
invalid value in the algorithm field caused :iscman:`named` to crash
with an assertion failure. This has been fixed.  :cve:`2025-40775`

See isc-projects/bind9#5300

Merge branch '5300-confidential-tsig-unknown-alg' into 'v9.21.8-release'

See merge request isc-private/bind9!793
---

1665e05438a97061e9e9266acf755d48e3604bbf