[RT #45181]
</p>
</li>
+<li class="listitem">
+ <p>
+ Addresses could be referenced after being freed during resolver
+ processing, causing an assertion failure. The chances of this
+ happening were remote, but the introduction of a delay in
+ resolution increased them. This bug is disclosed in
+ CVE-2017-3145. [RT #46839]
+ </p>
+ </li>
</ul></div>
</div>
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem">
+ <p>
+ Attempting to validate improperly unsigned CNAME responses
+ from secure zones could cause a validator loop. This caused
+ a delay in returning SERVFAIL and also increased the chances
+ of encountering the crash bug described in CVE-2017-3145.
+ [RT #46839]
+ </p>
+ </li>
<li class="listitem">
<p>
When <span class="command"><strong>named</strong></span> was reconfigured, failure of some
[RT #45181]
</p>
</li>
+<li class="listitem">
+ <p>
+ Addresses could be referenced after being freed during resolver
+ processing, causing an assertion failure. The chances of this
+ happening were remote, but the introduction of a delay in
+ resolution increased them. This bug is disclosed in
+ CVE-2017-3145. [RT #46839]
+ </p>
+ </li>
</ul></div>
</div>
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem">
+ <p>
+ Attempting to validate improperly unsigned CNAME responses
+ from secure zones could cause a validator loop. This caused
+ a delay in returning SERVFAIL and also increased the chances
+ of encountering the crash bug described in CVE-2017-3145.
+ [RT #46839]
+ </p>
+ </li>
<li class="listitem">
<p>
When <span class="command"><strong>named</strong></span> was reconfigured, failure of some
projects / thirdparty / bind9.git / commitdiff
