From: Nicki Křížek Date: Thu, 8 Jan 2026 15:42:08 +0000 (+0100) Subject: Generate changelog for BIND 9.18.44 X-Git-Tag: v9.18.44~1^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=56c4fdb7ff0d6523df903ea1d989205aaeba52ce;p=thirdparty%2Fbind9.git Generate changelog for BIND 9.18.44 --- diff --git a/doc/arm/changelog.rst b/doc/arm/changelog.rst index ad7a7c128a0..5925f8ce4f5 100644 --- a/doc/arm/changelog.rst +++ b/doc/arm/changelog.rst @@ -18,6 +18,7 @@ Changelog development. Regular users should refer to :ref:`Release Notes ` for changes relevant to them. +.. include:: ../changelog/changelog-9.18.44.rst .. include:: ../changelog/changelog-9.18.43.rst .. include:: ../changelog/changelog-9.18.42.rst .. include:: ../changelog/changelog-9.18.41.rst diff --git a/doc/changelog/changelog-9.18.44.rst b/doc/changelog/changelog-9.18.44.rst new file mode 100644 index 00000000000..4118fa38582 --- /dev/null +++ b/doc/changelog/changelog-9.18.44.rst @@ -0,0 +1,53 @@ +.. Copyright (C) Internet Systems Consortium, Inc. ("ISC") +.. +.. SPDX-License-Identifier: MPL-2.0 +.. +.. This Source Code Form is subject to the terms of the Mozilla Public +.. License, v. 2.0. If a copy of the MPL was not distributed with this +.. file, you can obtain one at https://mozilla.org/MPL/2.0/. +.. +.. See the COPYRIGHT file distributed with this work for additional +.. information regarding copyright ownership. + +BIND 9.18.44 +------------ + +Security Fixes +~~~~~~~~~~~~~~ + +- [CVE-2025-13878] Fix incorrect length checks for BRID and HHIT + records. ``d556bde123`` + + Malformed BRID and HHIT records could trigger an assertion failure. + This has been fixed. + + ISC would like to thank Vlatko Kosturjak from Marlink Cyber for + bringing this vulnerability to our attention. :gl:`#5616` + +Feature Changes +~~~~~~~~~~~~~~~ + +- Support compilation with cmocka 2.0.0+ ``184df12da4`` + + The `assert_in_range()` function was deprecated in favor of + `assert_int_in_range()` and `assert_uint_in_range()`. Add + compatibility shims for cmocka<2.0.0 and use the new functions. + :gl:`#5699` :gl:`!11438` + +Bug Fixes +~~~~~~~~~ + +- Allow glue in delegations with QTYPE=ANY. ``21ad0222b7`` + + When a query for type ANY triggered a delegation response, all + additional data was omitted from the response, including mandatory + glue. This has been corrected. :gl:`#5659` :gl:`!11368` + +- Reconfigure NSEC3 opt-out zone to NSEC causes zone to be invalid. + ``53cfe984e3`` + + A zone that is signed with NSEC3, opt-out enabled, and then + reconfigured to use NSEC, causes the zone to be published with missing + NSEC records. This has been fixed. :gl:`#5679` :gl:`!11402` + +