]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8fdc1f9) | patch
Reproducer for CVE-2026-1519
authorNicki Křížek <nicki@isc.org>
Tue, 3 Feb 2026 17:25:04 +0000 (18:25 +0100)
committerMichał Kępień <michal@isc.org>
Fri, 13 Mar 2026 12:06:38 +0000 (13:06 +0100)
commit05c51d3a5aedf7cb56407c5df02f7ab6deaf5755
treea9c66437aab3cc8269ad1219ee391871a334961ftree | snapshot
parent8fdc1f946d47f183021d3760255d49d3d8805887commit | diff
Reproducer for CVE-2026-1519

When a validating resolver processes a delegation from a DNSSEC-signed
zone which uses too many NSEC3 iterations, it should cease the attempt
to validate due to an NSEC3 iteration limit being exceeded and fall back
to insecure.

(cherry picked from commit 9bc14a89f1313aa38330e84674ac3b7691db3383)
bin/tests/system/nsec3-delegation/ns1/named.conf.j2 [new file with mode: 0644] blob
bin/tests/system/nsec3-delegation/ns1/root.db [new file with mode: 0644] blob
bin/tests/system/nsec3-delegation/ns2/iter-too-many.db.j2.manual [new file with mode: 0644] blob
bin/tests/system/nsec3-delegation/ns2/named.conf.j2 [new file with mode: 0644] blob
bin/tests/system/nsec3-delegation/ns2/sub.iter-too-many.db [new file with mode: 0644] blob
bin/tests/system/nsec3-delegation/ns3/named.conf.j2 [new file with mode: 0644] blob
bin/tests/system/nsec3-delegation/ns3/trusted.conf.j2 [new symlink] blob
bin/tests/system/nsec3-delegation/tests_excessive_nsec3_iterations.py [new file with mode: 0644] blob
Mirror of https://gitlab.isc.org/isc-projects/bind9.git