upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-08 20:02:06 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add CHANGES and release notes for GL #2028

Browse source
This commit is contained in:
Mark Andrews 2020-07-16 09:15:20 +10:00 committed by Michał Kępień
parent 70a71de9c9
commit e576baad9d
2 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -28,7 +28,9 @@
derived from the client query processing timeout
configured for a resolver. [GL #2024]
5476. [placeholder]
5476. [security] It was possible to trigger an assertion failure when
verifying the response to a TSIG-signed request.
(CVE-2020-8622) [GL #2028]
5475. [bug] Fix RPZ wildcard passthru ignored when a rejection
would overwrite a passthru action matching some

7
doc/notes/notes-current.rst
View file

@ -29,6 +29,13 @@ Security Fixes
ISC would like to thank Joseph Gullo for bringing this vulnerability
to our attention. [GL #1997]
- It was possible to trigger an assertion failure when verifying the
response to a TSIG-signed request. This was disclosed in
CVE-2020-8622.
ISC would like to thank Dave Feldman, Jeff Warren, and Joel Cunningham
of Oracle for bringing this vulnerability to our attention. [GL #2028]
Known Issues
~~~~~~~~~~~~