From: Ondřej Surý <ondrej@isc.org>
Date: Fri, 1 May 2026 06:07:20 +0000 (+0200)
Subject: [CVE-2026-5947] sec: usr: Fix crash in resolver when SIG(0)-signed responses are... 
X-Git-Tag: v9.21.22~8
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9831f41894b328b3a5b25a0e3facd28f7b59d30d;p=thirdparty%2Fbind9.git

[CVE-2026-5947] sec: usr: Fix crash in resolver when SIG(0)-signed responses are received under load

A resolver could crash when handling a SIG(0)-signed response if the
matching client query was cancelled while signature verification was
still in progress — for example, when the recursive-clients quota
was exhausted. This has been fixed.

Closes isc-projects/bind9#5819

Merge branch '5819-fix-heap-use-after-free-in-resquery_response_continue' into 'security-main'

See merge request isc-private/bind9!964
---

9831f41894b328b3a5b25a0e3facd28f7b59d30d