upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-12 23:09:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

4575. [security] Dns64 with break-dnssec yes; can result in a

Browse source 
assertion failure. (CVE-2017-3136) [RT #44653]

(cherry picked from commit 3bce12e4b6)
This commit is contained in:
Mark Andrews 2017-02-15 12:18:51 +11:00
parent dd6c979eff
commit 764240ca07
2 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGES
View file

@ -1,3 +1,5 @@
4575. [security] Dns64 with break-dnssec yes; can result in a
assertion failure. (CVE-2017-3136) [RT #44653]
--- 9.10.5rc1 released ---

1
bin/named/query.c
View file

@ -8257,6 +8257,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
result = query_dns64(client, &fname, rdataset,
sigrdataset, dbuf,
DNS_SECTION_ANSWER);
noqname = NULL;
dns_rdataset_disassociate(rdataset);
dns_message_puttemprdataset(client->message, &rdataset);
if (result == ISC_R_NOMORE) {