]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 1ec1535 a1e9b88)
[CVE-2025-40775] sec: usr: Prevent assertion when processing TSIG algorithm
authorMichał Kępień <michal@isc.org>
Thu, 8 May 2025 20:45:48 +0000 (22:45 +0200)
committerMichał Kępień <michal@isc.org>
Thu, 8 May 2025 20:45:48 +0000 (22:45 +0200)
commit1665e05438a97061e9e9266acf755d48e3604bbf
treed59f6a0a891c2e26a7d74fefc9e5971af0f083e6tree | snapshot
parent1ec1535827885bace832af595012bc736a7ef928commit | diff
parenta1e9b885d2cf3d136f738674f1d7f4a270a7ec19commit | diff
[CVE-2025-40775] sec: usr: Prevent assertion when processing TSIG algorithm

DNS messages that included a Transaction Signature (TSIG) containing an
invalid value in the algorithm field caused :iscman:`named` to crash
with an assertion failure. This has been fixed.  :cve:`2025-40775`

See isc-projects/bind9#5300

Merge branch '5300-confidential-tsig-unknown-alg' into 'v9.21.8-release'

See merge request isc-private/bind9!793
Mirror of https://gitlab.isc.org/isc-projects/bind9.git