From: Petr Špaček Date: Fri, 25 Feb 2022 14:14:23 +0000 (+0100) Subject: Add Release Note for [GL #2950] X-Git-Tag: v9.19.0~62^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=51546e88920829d9da74bff378eb88ac897f807e;p=thirdparty%2Fbind9.git Add Release Note for [GL #2950] --- diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index a66b6eb57df..0b45bfb281a 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -15,7 +15,14 @@ Notes for BIND 9.17.23 Security Fixes ~~~~~~~~~~~~~~ -- None. +- The rules for acceptance of records into the cache have been tightened + to prevent the possibility of poisoning if forwarders send records + outside the configured bailiwick. (CVE-2021-25220) + + ISC would like to thank Xiang Li, Baojun Liu, and Chaoyi Lu from + Network and Information Security Lab, Tsinghua University, and + Changgen Zou from Qi An Xin Group Corp. for bringing this + vulnerability to our attention. :gl:`#2950` Known Issues ~~~~~~~~~~~~