From: Evan Hunt Date: Tue, 16 Aug 2022 23:26:02 +0000 (-0700) Subject: CHANGES and release notes for CVE-2022-2881 [GL #3493] X-Git-Tag: v9.19.5~6^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=430ee6c4271e68a2bbb8163ed0e1d2e37fbe3d5d;p=thirdparty%2Fbind9.git CHANGES and release notes for CVE-2022-2881 [GL #3493] --- diff --git a/CHANGES b/CHANGES index a533cbe04f7..7567fdca1eb 100644 --- a/CHANGES +++ b/CHANGES @@ -6,7 +6,12 @@ 5959. [placeholder] -5958. [placeholder] +5958. [security] When an HTTP connection was reused to get + statistics from the stats channel, and zlib + compression was in use, each successive + response sent larger and larger blocks of memory, + potentially reading past the end of the allocated + buffer. (CVE-2022-2881) [GL #3493] 5957. [security] Prevent excessive resource use while processing large delegations. (CVE-2022-2795) [GL #3394] diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index 3411d2448dd..b6663798cbe 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -24,6 +24,11 @@ Security Fixes Bremler-Barr & Shani Stajnrod from Reichman University for bringing this vulnerability to our attention. :gl:`#3394` +- When an HTTP connection was reused to request statistics from the + stats channel, the content length of successive responses could grow + in size past the end of the allocated buffer. This has been fixed. + (CVE-2022-2881) :gl:`#3493` + Known Issues ~~~~~~~~~~~~