upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
bind9/lib
History
Ondřej Surý 39a4ad2330
Validate DNS message CLASS early in request processing 
Reject requests with unsupported or misused CLASS values before
further processing.  Only IN, CH, HS, RESERVED0 (for DNS Cookies),
ANY (for TKEY negotiation), and NONE (for DNS UPDATE) are accepted;
all other classes return NOTIMP.  Misuse of NONE or ANY outside
their allowed contexts returns FORMERR.

This adds further protection against bugs of the same general class
as YWH-PGM40640-70 and YWH-PGM40640-73.

(cherry picked from commit 0a687451505037e9f9a850c9cb113aed4995b03f)
2026-05-07 13:09:18 +02:00
..
dns Disable UPDATE and NOTIFY for non-IN classes 2026-05-07 13:09:18 +02:00
isc Remove OpenSSL memory tracking support from the tls.c module 2026-05-06 13:57:52 +00:00
isccc Remove redundant parentheses from the return statement 2024-11-19 14:26:52 +01:00
isccfg Disable recursion for non-IN classes 2026-05-07 13:09:18 +02:00
ns Validate DNS message CLASS early in request processing 2026-05-07 13:09:18 +02:00
.gitignore The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
Makefile.am Move irs_resconf into libdns and remove libirs 2023-02-24 09:38:59 +00:00