]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
add CVE-2015-5477
authorMark Andrews <marka@isc.org>
Tue, 14 Jul 2015 21:51:06 +0000 (07:51 +1000)
committerMark Andrews <marka@isc.org>
Tue, 14 Jul 2015 21:51:06 +0000 (07:51 +1000)
README
doc/arm/notes.xml

diff --git a/README b/README
index 153a4531a80402feaa43d09deed6e3ac87442b62..781bb2d468de013c39875d588ea7f982da75aecf 100644 (file)
--- a/README
+++ b/README
@@ -103,8 +103,8 @@ BIND 9.11.0
          to be added.  This can be disabled with "check-names no".
 
        This release addresses the security flaws described in
-       CVE-2014-3214, CVE-2014-3859, CVE-2014-8500, CVE-2014-8680 and
-       CVE-2015-1349.
+       CVE-2014-3214, CVE-2014-3859, CVE-2014-8500, CVE-2014-8680,
+       CVE-2015-1349 and CVE-2015-5477.
 
 BIND 9.10.0
 
index 1270c61a549b5ad0a55e1b5a9a13e2c2911ecfe5..28041198189468ce25fee8498aca88b48d3806bc 100644 (file)
   <sect2 id="relnotes_security">
     <title>Security Fixes</title>
     <itemizedlist>
+      <listitem>
+       <para>
+         A specially crafted query could trigger an assertion failure
+         in message.c.
+       </para>
+       <para>
+         This flaw was discovered by Jonathan Foote, and is disclosed
+         in CVE-2015-5477. [RT #39795]
+       </para>
+      </listitem>
       <listitem>
        <para>
          On servers configured to perform DNSSEC validation, an
          assertion failure could be triggered on answers from
          a specially configured server.
        </para>
-        <para>
+       <para>
          This flaw was discovered by Breno Silveira Soares, and is
          disclosed in CVE-2015-4620. [RT #39795]
-        </para>
+       </para>
       </listitem> 
       <listitem>
        <para>
          vehicle for such an attack.
        </para>
        <itemizedlist>
-          <listitem>
+         <listitem>
            <para>
              <option>fetches-per-server</option> limits the number of
              simultaneous queries that can be sent to any single
              <option>fetch-quota-params</option> option.
            </para>
          </listitem>
-          <listitem>
+         <listitem>
            <para>
              <option>fetches-per-zone</option> limits the number of
              simultaneous queries that can be sent for names within a
                  >http://localhost:8888/xml/v3/traffic</ulink>
          or
          <ulink url="http://localhost:8888/json/v1/traffic"
-                 >http://localhost:8888/json/v1/traffic</ulink>.
+                 >http://localhost:8888/json/v1/traffic</ulink>.
        </para>
       </listitem>
       <listitem>
        </para>
       </listitem>
       <listitem>
-        <para>
+       <para>
          Built-in "empty" zones did not correctly inherit the
          "allow-transfer" ACL from the options or view. [RT #38310]
-        </para>
+       </para>
       </listitem>
       <listitem>
        <para>
          Several bugs have been fixed in the RPZ implementation:
        </para>
        <itemizedlist>
-          <listitem>
+         <listitem>
            <para>
              Policy zones that did not specifically require recursion
              could be treated as if they did; consequently, setting