+5973. [bug] Fixed a possible invalid detach in UPDATE
+ processing. [GL #3522]
+
+5972. [bug] Gracefully handle when the statschannel HTTP connection
+ gets cancelled during sending data back to the client.
+ [GL #3542]
+
+5970. [func] Log the reason why a query was refused. [GL !6669]
+
+5967. [cleanup] Flagged the "random-device" option (which was
+ already nonoperational) as obsolete; configuring it
+ will generate a warning. [GL #3399]
+
+5963. [bug] Ensure struct named_server is properly initialized.
+ [GL #6531]
+
+ --- 9.18.7 released ---
+
+ 5962. [security] Fix memory leak in EdDSA verify processing.
+ (CVE-2022-38178) [GL #3487]
+
+ 5960. [security] Fix serve-stale crash that could happen when
+ stale-answer-client-timeout was set to 0 and there was
+ a stale CNAME in the cache for an incoming query.
+ (CVE-2022-3080) [GL #3517]
+
+ 5959. [security] Fix memory leaks in the DH code when using OpenSSL 3.0.0
+ and later versions. The openssldh_compare(),
+ openssldh_paramcompare(), and openssldh_todns()
+ functions were affected. (CVE-2022-2906) [GL #3491]
+
+ 5958. [security] When an HTTP connection was reused to get
+ statistics from the stats channel, and zlib
+ compression was in use, each successive
+ response sent larger and larger blocks of memory,
+ potentially reading past the end of the allocated
+ buffer. (CVE-2022-2881) [GL #3493]
+
+ 5957. [security] Prevent excessive resource use while processing large
+ delegations. (CVE-2022-2795) [GL #3394]
+
5956. [func] Make RRL code treat all QNAMEs that are subject to
wildcard processing within a given zone as the same
name. [GL #3459]
https://www.isc.org/download/. There you will find additional
information about each release, and source code.
+.. include:: ../notes/notes-current.rst
+ .. include:: ../notes/notes-9.18.7.rst
.. include:: ../notes/notes-9.18.6.rst
.. include:: ../notes/notes-9.18.5.rst
.. include:: ../notes/notes-9.18.4.rst
projects / thirdparty / bind9.git / commitdiff
