]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
Add Release Note for [GL #2950]
authorPetr Špaček <pspacek@isc.org>
Fri, 25 Feb 2022 14:14:23 +0000 (15:14 +0100)
committerMichał Kępień <michal@isc.org>
Wed, 16 Mar 2022 21:11:49 +0000 (22:11 +0100)
doc/notes/notes-current.rst

index a66b6eb57df01781f1381e9fd2e5d5a277130d69..0b45bfb281adfedeaaf860276bbdf540b47e7d43 100644 (file)
@@ -15,7 +15,14 @@ Notes for BIND 9.17.23
 Security Fixes
 ~~~~~~~~~~~~~~
 
-- None.
+- The rules for acceptance of records into the cache have been tightened
+  to prevent the possibility of poisoning if forwarders send records
+  outside the configured bailiwick. (CVE-2021-25220)
+
+  ISC would like to thank Xiang Li, Baojun Liu, and Chaoyi Lu from
+  Network and Information Security Lab, Tsinghua University, and
+  Changgen Zou from Qi An Xin Group Corp. for bringing this
+  vulnerability to our attention. :gl:`#2950`
 
 Known Issues
 ~~~~~~~~~~~~