From: Evan Hunt Date: Thu, 24 Mar 2016 19:11:53 +0000 (-0700) Subject: [master] remove pre-9.11.0a1 security fixes from 9.11 release notes X-Git-Tag: v9.11.0a2~108 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=936bfae6d59f4ebae1f9bddb9516233268e58000;p=thirdparty%2Fbind9.git [master] remove pre-9.11.0a1 security fixes from 9.11 release notes --- diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml index 33c49929336..390571ca37c 100644 --- a/doc/arm/notes.xml +++ b/doc/arm/notes.xml @@ -45,148 +45,7 @@ - Duplicate EDNS COOKIE options in a response could trigger - an assertion failure. This flaw is disclosed in CVE-2016-2088. - [RT #41809] - - - - - Insufficient testing when parsing a message allowed - records with an incorrect class to be be accepted, - triggering a REQUIRE failure when those records - were subsequently cached. This flaw is disclosed - in CVE-2015-8000. [RT #40987] - - - - - Incorrect reference counting could result in an INSIST - failure if a socket error occurred while performing a - lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945] - - - - - An incorrect boundary check in the OPENPGPKEY rdatatype - could trigger an assertion failure. This flaw is disclosed - in CVE-2015-5986. [RT #40286] - - - - - A buffer accounting error could trigger an assertion failure - when parsing certain malformed DNSSEC keys. - - - This flaw was discovered by Hanno Böck of the Fuzzing - Project, and is disclosed in CVE-2015-5722. [RT #40212] - - - - - A specially crafted query could trigger an assertion failure - in message.c. - - - This flaw was discovered by Jonathan Foote, and is disclosed - in CVE-2015-5477. [RT #40046] - - - - - On servers configured to perform DNSSEC validation, an - assertion failure could be triggered on answers from - a specially configured server. - - - This flaw was discovered by Breno Silveira Soares, and is - disclosed in CVE-2015-4620. [RT #39795] - - - - - On servers configured to perform DNSSEC validation using - managed trust anchors (i.e., keys configured explicitly - via managed-keys, or implicitly - via dnssec-validation auto; or - dnssec-lookaside auto;), revoking - a trust anchor and sending a new untrusted replacement - could cause named to crash with an - assertion failure. This could occur in the event of a - botched key rollover, or potentially as a result of a - deliberate attack if the attacker was in position to - monitor the victim's DNS traffic. - - - This flaw was discovered by Jan-Piet Mens, and is - disclosed in CVE-2015-1349. [RT #38344] - - - - - A flaw in delegation handling could be exploited to put - named into an infinite loop, in which - each lookup of a name server triggered additional lookups - of more name servers. This has been addressed by placing - limits on the number of levels of recursion - named will allow (default 7), and - on the number of queries that it will send before - terminating a recursive query (default 50). - - - The recursion depth limit is configured via the - option, and the query limit - via the option. - - - The flaw was discovered by Florian Maury of ANSSI, and is - disclosed in CVE-2014-8500. [RT #37580] - - - - - Two separate problems were identified in BIND's GeoIP code that - could lead to an assertion failure. One was triggered by use of - both IPv4 and IPv6 address families, the other by referencing - a GeoIP database in named.conf which was - not installed. Both are covered by CVE-2014-8680. [RT #37672] - [RT #37679] - - - A less serious security flaw was also found in GeoIP: changes - to the geoip-directory option in - named.conf were ignored when running - rndc reconfig. In theory, this could allow - named to allow access to unintended clients. - - - - - Specific APL data could trigger an INSIST. This flaw - is disclosed in CVE-2015-8704. [RT #41396] - - - - - Certain errors that could be encountered when printing out - or logging an OPT record containing a CLIENT-SUBNET option - could be mishandled, resulting in an assertion failure. - This flaw is disclosed in CVE-2015-8705. [RT #41397] - - - - - Malformed control messages can trigger assertions in named - and rndc. This flaw is disclosed in CVE-2016-1285. [RT - #41666] - - - - - The resolver could abort with an assertion failure due to - improper DNAME handling when parsing fetch reply - messages. This flaw is disclosed in CVE-2016-1286. [RT #41753] + None.