]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: ef714e9 eaa587c)
[9.20.17] fix: usr: Adding NSEC3 opt-out records could leave invalid records in chain
authorAndoni Duarte <andoni@isc.org>
Tue, 9 Dec 2025 12:17:20 +0000 (12:17 +0000)
committerAndoni Duarte <andoni@isc.org>
Tue, 9 Dec 2025 12:17:20 +0000 (12:17 +0000)
commit1d83a8ad468dad546fd03cd602d9739718963dcd
tree725d20d7bd356ccb471b4f757e3d8f65032cb179tree | snapshot
parentef714e91acf7d5333f77e95476cbe99886cc8a0dcommit | diff
parenteaa587ca309d38e5c65019ad02301a78398fe8b4commit | diff
[9.20.17] fix: usr: Adding NSEC3 opt-out records could leave invalid records in chain

When creating an NSEC3 opt-out chain, a node in the chain could be removed too soon, causing the previous NSEC3 being unable to be found, resulting in invalid NSEC3 records to be left in the zone. This has been fixed.

Closes [#5671](https://gitlab.isc.org/isc-projects/bind9/-/issues/5671)

Backport of MR [!11340](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/11340)

Merge branch 'backport-5671-fix-dbiterator-prev-9.20.17' into 'v9.20.17-release'

See merge request isc-private/bind9!892
Mirror of https://gitlab.isc.org/isc-projects/bind9.git