A recursive resolver could accept and cache an RRSIG record whose
Type-Covered field names a meta-type (ANY, AXFR, IXFR, MAILA, MAILB),
even though no real RRset of those types ever exists. Such records
are now rejected by the DNS message parser.
Closes #6002
Merge branch '6002-reject-rrsig-covering-meta-types' into 'main'
projects / thirdparty / bind9.git / commitdiff
