<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem"><p>
+ If a server is configured with a response policy zone (RPZ)
+ that rewrites an answer with local data, and is also configured
+ for DNS64 address mapping, a NULL pointer can be read
+ triggering a server crash. This flaw is disclosed in
+ CVE-2017-3135. [RT #44434]
+ </p></li>
<li class="listitem"><p>
A coding error in the <code class="option">nxdomain-redirect</code>
feature could lead to an assertion failure if the redirection
lookup. This flaw is disclosed in CVE-2016-9778. [RT #43837]
</p></li>
<li class="listitem"><p>
- Named could mishandle authority sections that were missing
- RRSIGs triggering an assertion failure. This flaw is
- disclosed in CVE-2016-9444. [RT # 43632]
+ <span class="command"><strong>named</strong></span> could mishandle authority sections
+ with missing RRSIGs, triggering an assertion failure. This
+ flaw is disclosed in CVE-2016-9444. [RT #43632]
</p></li>
<li class="listitem"><p>
- Named mishandled some responses where covering RRSIG
- records are returned without the requested data
- resulting in a assertion failure. This flaw is disclosed in
- CVE-2016-9147. [RT #43548]
+ <span class="command"><strong>named</strong></span> mishandled some responses where
+ covering RRSIG records were returned without the requested
+ data, resulting in an assertion failure. This flaw is
+ disclosed in CVE-2016-9147. [RT #43548]
</p></li>
<li class="listitem"><p>
- Named incorrectly tried to cache TKEY records which could
- trigger a assertion failure when there was a class mismatch.
- This flaw is disclosed in CVE-2016-9131. [RT #43522]
+ <span class="command"><strong>named</strong></span> incorrectly tried to cache TKEY
+ records which could trigger an assertion failure when there was
+ a class mismatch. This flaw is disclosed in CVE-2016-9131.
+ [RT #43522]
</p></li>
<li class="listitem"><p>
It was possible to trigger assertions when processing
- a response. This flaw is disclosed in CVE-2016-8864. [RT #43465]
+ responses containing answers of type DNAME. This flaw is
+ disclosed in CVE-2016-8864. [RT #43465]
</p></li>
</ul></div>
</div>
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>
- None.
+ A synthesized CNAME record appearing in a response before the
+ associated DNAME could be cached, when it should not have been.
+ This was a regression introduced while addressing CVE-2016-8864.
+ [RT #44318]
</p></li></ul></div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem"><p>
+ If a server is configured with a response policy zone (RPZ)
+ that rewrites an answer with local data, and is also configured
+ for DNS64 address mapping, a NULL pointer can be read
+ triggering a server crash. This flaw is disclosed in
+ CVE-2017-3135. [RT #44434]
+ </p></li>
<li class="listitem"><p>
A coding error in the <code class="option">nxdomain-redirect</code>
feature could lead to an assertion failure if the redirection
lookup. This flaw is disclosed in CVE-2016-9778. [RT #43837]
</p></li>
<li class="listitem"><p>
- Named could mishandle authority sections that were missing
- RRSIGs triggering an assertion failure. This flaw is
- disclosed in CVE-2016-9444. [RT # 43632]
+ <span class="command"><strong>named</strong></span> could mishandle authority sections
+ with missing RRSIGs, triggering an assertion failure. This
+ flaw is disclosed in CVE-2016-9444. [RT #43632]
</p></li>
<li class="listitem"><p>
- Named mishandled some responses where covering RRSIG
- records are returned without the requested data
- resulting in a assertion failure. This flaw is disclosed in
- CVE-2016-9147. [RT #43548]
+ <span class="command"><strong>named</strong></span> mishandled some responses where
+ covering RRSIG records were returned without the requested
+ data, resulting in an assertion failure. This flaw is
+ disclosed in CVE-2016-9147. [RT #43548]
</p></li>
<li class="listitem"><p>
- Named incorrectly tried to cache TKEY records which could
- trigger a assertion failure when there was a class mismatch.
- This flaw is disclosed in CVE-2016-9131. [RT #43522]
+ <span class="command"><strong>named</strong></span> incorrectly tried to cache TKEY
+ records which could trigger an assertion failure when there was
+ a class mismatch. This flaw is disclosed in CVE-2016-9131.
+ [RT #43522]
</p></li>
<li class="listitem"><p>
It was possible to trigger assertions when processing
- a response. This flaw is disclosed in CVE-2016-8864. [RT #43465]
+ responses containing answers of type DNAME. This flaw is
+ disclosed in CVE-2016-8864. [RT #43465]
</p></li>
</ul></div>
</div>
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>
- None.
+ A synthesized CNAME record appearing in a response before the
+ associated DNAME could be cached, when it should not have been.
+ This was a regression introduced while addressing CVE-2016-8864.
+ [RT #44318]
</p></li></ul></div>
</div>
<div class="section">
projects / thirdparty / bind9.git / commitdiff
