+4053. [security] Revoking a managed trust anchor and supplying
+ an untrusted replacement could cause named
+ to crash with an assertion failure.
+ (CVE-2015-1349) [RT #38344]
+
4052. [bug] Fix a leak of query fetchlock. [RT #38454]
4049. [bug] CDS and CDNSKEY had the wrong attributes. [RT #38491]
<sect2 id="relnotes_security">
<title>Security Fixes</title>
<itemizedlist>
+ <listitem>
+ <para>
+ On servers configured to perform DNSSEC validation using
+ managed trust anchors (i.e., keys configured explicitly
+ via <command>managed-keys</command>, or implicitly
+ via <command>dnssec-validation auto;</command> or
+ <command>dnssec-lookaside auto;</command>), revoking
+ a trust anchor and sending a new untrusted replacement
+ could cause <command>named</command> to crash with an
+ assertion failure. This could occur in the event of a
+ botched key rollover, or potentially as a result of a
+ deliberate attack if the attacker was in position to
+ monitor the victim's DNS traffic.
+ </para>
+ <para>
+ This flaw was discovered by Jan-Piet Mens, and is
+ disclosed in CVE-2015-1349. [RT #38344]
+ </para>
+ </listitem>
<listitem>
<para>
A flaw in delegation handling could be exploited to put
namebuf, tag);
trustkey = ISC_TRUE;
}
+ } else {
+ /*
+ * No previously known key, and the key is not
+ * secure, so skip it.
+ */
+ continue;
}
/* Delete old version */
trust_key(zone, keyname, &dnskey, mctx);
}
- if (!deletekey) {
+ if (secure && !deletekey) {
INSIST(newkey || updatekey);
set_refreshkeytimer(zone, &keydata, now);
}
projects / thirdparty / bind9.git / commitdiff
