upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Mention CVE-2023-50868 in CHANGES entry 6322

Browse source 
Since CVE-2023-50868 does not have a dedicated fix in BIND 9, mention
its CVE identifier in the CHANGES entry for CVE-2023-50387 (KeyTrap),
which accompanied the code change that addresses both of these
vulnerabilities.
This commit is contained in:
Michał Kępień 2024-02-14 14:49:49 +01:00
parent 8610799317
commit 2fd20bbaf5
No known key found for this signature in database
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -85,6 +85,10 @@
condition due to DNS validation taking a long time.
(CVE-2023-50387) [GL #4424]
The same code change also addresses another problem:
preparing NSEC3 closest encloser proofs could exhaust
available CPU resources. (CVE-2023-50868) [GL #4459]
6321. [security] Change 6315 inadvertently introduced regressions that
could cause named to crash. [GL #4234]