<em class="replaceable"><code>identity</code></em> field.
The <em class="replaceable"><code>name</code></em> field
is ignored, but should be the same as the
- <em class="replaceable"><code>identity</code></em> field.
+ <em class="replaceable"><code>identity</code></em> field or
+ "."
The <code class="varname">self</code> nametype is
most useful when allowing using one key per
name to update, where the key has the same
and converts it machine.realm allowing the machine
to update machine.realm. The REALM to be matched
is specified in the <em class="replaceable"><code>identity</code></em>
- field.
+ field. The name field should be set to "."
</p>
</td>
</tr>
and converts it machine.realm allowing the machine
to update machine.realm. The REALM to be matched
is specified in the <em class="replaceable"><code>identity</code></em>
- field.
+ field. The name field should be set to "."
</p>
</td>
</tr>
converts it to machine.realm allowing the machine
to update subdomains of machine.realm. The REALM
to be matched is specified in the
- <em class="replaceable"><code>identity</code></em> field.
+ <em class="replaceable"><code>identity</code></em> field. The
+ name field should be set to "."
</p>
</td>
</tr>
Allow updates that have been sent via TCP and
for which the standard mapping from the initiating
IP address into the IN-ADDR.ARPA and IP6.ARPA
- namespaces match the name to be updated.
+ namespaces match the name to be updated. The
+ name field should be set to "."
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
- <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
+ <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem">
<p>
Addresses could be referenced after being freed during resolver
processing, causing an assertion failure. The chances of this
resolution increased them. This bug is disclosed in
CVE-2017-3145. [RT #46839]
</p>
- </li></ul></div>
+ </li>
+<li class="listitem">
+ <p>
+ update-policy rules that otherwise ignore the name field now
+ require that it be set to "." to ensure that any type list
+ present is properly interpreted. If the name field was omitted
+ from the rule declaration and a type list was present it wouldn't
+ be interpreted as expected.
+ </p>
+ </li>
+</ul></div>
</div>
<div class="section">
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
- <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
+ <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem">
<p>
Addresses could be referenced after being freed during resolver
processing, causing an assertion failure. The chances of this
resolution increased them. This bug is disclosed in
CVE-2017-3145. [RT #46839]
</p>
- </li></ul></div>
+ </li>
+<li class="listitem">
+ <p>
+ update-policy rules that otherwise ignore the name field now
+ require that it be set to "." to ensure that any type list
+ present is properly interpreted. If the name field was omitted
+ from the rule declaration and a type list was present it wouldn't
+ be interpreted as expected.
+ </p>
+ </li>
+</ul></div>
</div>
<div class="section">
projects / thirdparty / bind9.git / commitdiff
