mirror of
https://git.busybox.net/buildroot.git
synced 2024-12-11 22:33:29 +08:00
89a5d21627
Fixes the following security issues: - (9.11.18) DNS rebinding protection was ineffective when BIND 9 is configured as a forwarding DNS server. Found and responsibly reported by Tobias Klein. [GL #1574] - (9.11.19) To prevent exhaustion of server resources by a maliciously configured domain, the number of recursive queries that can be triggered by a request before aborting recursion has been further limited. Root and top-level domain servers are no longer exempt from the max-recursion-queries limit. Fetches for missing name server address records are limited to 4 for any domain. This issue was disclosed in CVE-2020-8616. [GL #1388] - (9.11.19) Replaying a TSIG BADTIME response as a request could trigger an assertion failure. This was disclosed in CVE-2020-8617. [GL #1703] Also update the COPYRIGHT hash for a change of copyright year and adjust the spacing for the new agreements. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
---|---|---|
.. | ||
0001-cross.patch | ||
bind.hash | ||
bind.mk | ||
Config.in | ||
named.service | ||
S81named |