]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
regen master
authorTinderbox User <tbox@isc.org>
Fri, 5 Jan 2018 01:08:34 +0000 (01:08 +0000)
committerTinderbox User <tbox@isc.org>
Fri, 5 Jan 2018 01:08:34 +0000 (01:08 +0000)
doc/arm/Bv9ARM.ch09.html
doc/arm/notes.html

index 14a088bd2bfb978c91b00321c3d2ddbed66aab3e..d5409fe277ff03a520bd169103b4fad5fd276404 100644 (file)
 <a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
     <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
        <p>
-         None.
+         Addresses could be referenced after being freed during resolver
+         processing, causing an assertion failure. The chances of this
+         happening were remote, but the introduction of a delay in
+         resolution increased them. This bug is disclosed in
+         CVE-2017-3145. [RT #46839]
        </p>
       </li></ul></div>
   </div>
 <a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
     <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
        <p>
-         None.
+         Attempting to validate improperly unsigned CNAME responses
+         from secure zones could cause a validator loop. This caused
+         a delay in returning SERVFAIL and also increased the chances
+         of encountering the crash bug described in CVE-2017-3145.
+         [RT #46839]
        </p>
       </li></ul></div>
   </div>
index 421bed2dd1fc60fb55de8a144c403c91998722a2..997afd4a50a86026fb08c23ae339aad75c35ca33 100644 (file)
 <a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
     <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
        <p>
-         None.
+         Addresses could be referenced after being freed during resolver
+         processing, causing an assertion failure. The chances of this
+         happening were remote, but the introduction of a delay in
+         resolution increased them. This bug is disclosed in
+         CVE-2017-3145. [RT #46839]
        </p>
       </li></ul></div>
   </div>
 <a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
     <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
        <p>
-         None.
+         Attempting to validate improperly unsigned CNAME responses
+         from secure zones could cause a validator loop. This caused
+         a delay in returning SERVFAIL and also increased the chances
+         of encountering the crash bug described in CVE-2017-3145.
+         [RT #46839]
        </p>
       </li></ul></div>
   </div>