upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-27 20:25:55 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Add CHANGES and release note for [GL #4242]

Browse source
This commit is contained in:
Artem Boldariev 2023-08-07 18:16:29 +03:00 committed by Michal Nowak
parent 18efa454a9
commit 86df0993d7
No known key found for this signature in database
2 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
CHANGES
View file

@ -1,3 +1,6 @@
6246. [security] Fix use-after-free error in TLS DNS code when sending
data. (CVE-2023-4236) [GL #4242]
6245. [security] Limit the amount of recursion that can be performed
by isccc_cc_fromwire. (CVE-2023-3341) [GL #4152]

9
doc/notes/notes-current.rst
View file

@ -23,6 +23,15 @@ Security Fixes
ISC would like to thank Eric Sesterhenn from X41 D-Sec GmbH for
bringing this vulnerability to our attention. :gl:`#4152`
- Previously, it was possible to remotely trigger a use-after-free error
in the DNS-over-TLS transport code, specifically in the code
responsible for sending data to the remote peer. This has been fixed.
(CVE-2023-4236)
ISC would like to thank Robert Story from USC/ISI Root Server
Operations for bringing this vulnerability to our attention.
:gl:`#4242`
New Features
~~~~~~~~~~~~