git.ipfire.org Git - thirdparty/bind9.git/commit

]> git.ipfire.org Git - thirdparty/bind9.git/commit

projects / thirdparty / bind9.git / commit

author	Michał Kępień <michal@isc.org>
	Fri, 13 Mar 2026 14:45:01 +0000 (15:45 +0100)
committer	Michał Kępień <michal@isc.org>
	Fri, 13 Mar 2026 14:45:01 +0000 (15:45 +0100)
commit	aaaae0fd97e6bab8be0747d3261bf607d961b78b
tree	22d8519877055525e7b667be6524acbb3661a95a	tree \| snapshot
parent	308baa89105018c37b6998a9216e0bed2c0de8c2	commit \| diff
parent	4a2048ea7f98b7ad9528463a045abc9d224a0f43	commit \| diff

[9.20] [CVE-2026-3591] sec: usr: Fix a stack use-after-return flaw in SIG(0) handling code

A stack use-after-return flaw in SIG(0) handling code could enable ACL
bypass and/or assertion failures in certain circumstances. This flaw has
been fixed.

ISC would like to thank Mcsky23 for bringing this vulnerability to our
attention.

Closes isc-projects/bind9#5754

Backport of !920

Merge branch '5754-stack-use-after-free-sig0-9.20' into 'v9.20.21-release'

See merge request isc-private/bind9!931

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom