upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-26 08:39:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
24134 commits 18 branches 854 tags 440 MiB
Commit graph

113 commits

Author SHA1 Message Date
Mark Andrews
aa1a7e1e58 4424. [experimental] Named now sends _ta-XXXX.<trust-anchor>/NULL queries 
to provide feedback to the trust-anchor administrators
                        about how key rollovers are progressing as per
                        draft-ietf-dnsop-edns-key-tag-02.  This can be
                        disabled using 'trust-anchor-telemetry no;'.
                        [RT #40583]

(cherry picked from commit f20179857a)
 2016-07-22 20:16:59 +10:00
Mark Andrews
9bfd1c3cfb grammar 
(cherry picked from commit 8f7881684b)
 2016-07-14 09:42:58 +10:00
Mark Andrews
7cfdeb95b3 add [RT #42694] 2016-07-13 11:36:33 +10:00
Mark Andrews
f149905e47 whitespace 2016-07-13 11:24:54 +10:00
Mark Andrews
8dbe2bedce add CVE-2016-2775 2016-07-12 01:17:44 +10:00
Mark Andrews
aacf0753e9 add note for rt42694 2016-07-07 13:53:16 +10:00
Evan Hunt
67ea1259df [v9_10] spelling 2016-05-25 18:45:39 -07:00
Evan Hunt
c50901e0aa [v9_10] extend release notes 2016-05-25 18:44:14 -07:00
Evan Hunt
707bcb08a7 [v9_10] log message when using ISC DLV 
4352.	[cleanup]	The ISC DNSSEC Lookaside Validation (DLV) service
			is scheduled to be disabled in 2017.  A warning is
			now logged when named is configured to use it,
			either explicitly or via "dnssec-lookaside auto;"
			[RT #42207]
 2016-05-04 14:38:01 -07:00
Jeremy C. Reed
896b3933d0 [v9_10] some release notes updates 
mention that the document summarizes "significant" changes
since obviously it misses a lot.
Also refer to the CHANGES file.

Added a few bugs. Wording some discussed via email, phone call, and jabber.
 2016-03-30 13:38:20 -04:00
Evan Hunt
72a5d063b7 [v9_10] more release note corrections 2016-03-24 16:41:41 -07:00
Evan Hunt
4290eeb44c [v9_10] fixes for release notes 2016-03-24 14:42:40 -07:00
Mark Andrews
3f119b3df1 note rrsig regeneration 
(cherry picked from commit 98c5690bd9)
 2016-03-11 12:27:55 +11:00
Jeremy C. Reed
d64f7b7dcb add resource record type added, typo fix, new contrib software, and named -V 2016-03-08 09:42:45 -05:00
Mark Andrews
b712215fcb 9.10.4b1 2016-03-08 11:53:41 +11:00
Mark Andrews
96085d274e add AVC 2016-03-04 18:17:57 +11:00
Evan Hunt
db06cd726c [v9_10] recursively clean empty interior nodes when deleting database records 
4324.	[bug]		When deleting records from a zone database, interior
			nodes could be left empty but not deleted, damaging
			search performance afterward. [RT #40997]

(cherry picked from commit 44c86318ed)
 2016-03-03 21:15:21 -08:00
Mark Andrews
ca3d4db1a5 re-order security list into reverse order 2016-02-29 12:44:35 +11:00
Mark Andrews
7cd300abd6 4322. [security] Duplicate EDNS COOKIE options in a response could 
trigger an assertion failure. (CVE-2016-2088)
                        [RT #41809]

(cherry picked from commit 455c0848f8)
 2016-02-27 11:46:16 +11:00
Mukund Sivaraman
456e1eadd2 Fix resolver assertion failure due to improper DNAME handling (CVE-2016-1286) (#41753) 
(cherry picked from commit 5995fec51c)
 2016-02-22 12:24:15 +05:30
Mark Andrews
e7e15d1302 4318. [security] Malformed control messages can trigger assertions 
in named and rndc. (CVE-2016-1285) [RT #41666]

(cherry picked from commit a2b15b3305)
 2016-02-18 12:12:02 +11:00
Evan Hunt
f88b79ab08 [v9_10] remove reporter's name per his request 2016-01-29 10:37:45 -08:00
Evan Hunt
6f39162aaf [v9_10] fix ticket number 2016-01-05 09:08:57 -08:00
Evan Hunt
79e824b2eb [v9_10] fix use after free on xfr timeout 
4289.	[bug]		The server could crash due to memory being used
			after it was freed if a zone transfer timed out.
			[RT #41297]
 2016-01-04 22:06:05 -08:00
Tinderbox User
e11aa3e52c fix tag mismatch 2016-01-05 01:30:22 +00:00
Evan Hunt
0dd38adbe7 [v9_10] Merge branch 'v9_10' of ssh://repo/proj/git/prod/bind9 into v9_10 2016-01-04 16:10:05 -08:00
Evan Hunt
b4cf962eef [v9_10] fixed bogus server regression 
4288.	[bug]		Fixed a regression in resolver.c:possibly_mark()
			which caused known-bogus servers to be queried
			anyway. [RT #41321]
 2016-01-04 16:01:38 -08:00
Evan Hunt
e81fd88813 [v9_10] clean up relnotes to include only things added since 9.10.3 2016-01-04 16:00:33 -08:00
Tinderbox User
add1f7a8d2 update copyright notice / whitespace 2016-01-04 23:45:56 +00:00
Evan Hunt
ae14e490cc [v9_10] clean up notes 2016-01-03 21:22:55 -08:00
Mark Andrews
a9eeaea7d6 4286. [security] render_ecs errors were mishandled when printing out 
a OPT record resulting in a assertion failure.
                        (CVE-2015-8705) [RT #41397]

(cherry picked from commit 3e0c1603a8)
 2015-12-31 22:19:31 +11:00
Mark Andrews
b248438052 remove period 2015-12-31 14:34:44 +11:00
Mark Andrews
8725470692 4285. [security] Specific APL data could trigger a INSIST. 
(CVE-2015-8704) [RT #41396]

(cherry picked from commit 1b3d211802)
 2015-12-31 13:45:36 +11:00
Evan Hunt
a65eda95d0 [v9_10] fix geoip options 
4284.	[bug]		Some GeoIP options were incorrectly documented
			using abbreviated forms which were not accepted by
			named.  The code has been updated to allow both
			long and abbreviated forms. [RT #41381]
 2015-12-26 10:51:30 -08:00
Mukund Sivaraman
f2d05dbb6f Update notes.xml for #40996 
(cherry picked from commit 6960e7fd12)
 2015-12-15 18:07:06 +05:30
Evan Hunt
4db36f766e [v9_10] disallow map zones in response-policy 
4269.	[bug]		Zones using "map" format master files currently
			don't work as policy zones.  This limitation has
			now been documented; attempting to use such zones
			in "response-policy" statements is now a
			configuration error.  [RT #38321]
 2015-12-02 21:10:43 -08:00
Mark Andrews
19cce81c83 update description 
(cherry picked from commit 7bde79b32a)
 2015-12-03 15:43:12 +11:00
Mark Andrews
2b478a7e20 Add CVE-2015-8461 
(cherry picked from commit ff2f98076c)
 2015-12-03 15:31:47 +11:00
Mark Andrews
ef070eb5e7 spelling 
(cherry picked from commit cbc660172d)
 2015-11-20 14:55:48 +11:00
Mark Andrews
a089f3bc84 note the address changes for H.ROOT-SERVERS.NET 
(cherry picked from commit b57276f89e)
 2015-11-18 11:09:13 +11:00
Evan Hunt
76ac8417e1 [v9_10] typo 2015-11-16 18:21:41 -08:00
Mark Andrews
3a4c24c4a5 4260. [security] Insufficient testing when parsing a message allowed 
records with an incorrect class to be be accepted,
                        triggering a REQUIRE failure when those records
                        were subsequently cached. (CVE-2015-8000) [RT #4098]

(cherry picked from commit c8821d124c)
 2015-11-16 13:21:54 +11:00
Mark Andrews
96195d06ec cleanup trailing white space in SGML like files 2015-10-22 16:11:02 +11:00
Tinderbox User
92c7eabe72 update copyright notice / whitespace 2015-10-06 23:45:53 +00:00
Evan Hunt
cb2b92bcd0 [v9_10] upgrade doc toolchain 
4237.	[doc]		Upgraded documentation toolchain to use DocBook 5
			and dblatex. [RT #40766]
 2015-10-05 22:00:42 -07:00
Mukund Sivaraman
450f4f0ef8 Fix notes and CHANGES for #40761 
(cherry picked from commit 56ebb560a1)
 2015-10-06 05:45:39 +05:30
Mukund Sivaraman
4039647930 Update the default value for number of UDP listeners (#40761) 
(cherry picked from commit 930719e876)
 2015-10-03 07:13:14 +05:30
Mark Andrews
7677f0083f 4217. [protocol] Add support for CSYNC. [RT #40532] 
(cherry picked from commit f6e45a5c54)
 2015-09-18 23:47:54 +10:00
Mark Andrews
5641a85a11 4214. [protocol] Add support for TALINK. [RT #40544] 
(cherry picked from commit e0a30050c8)
 2015-09-18 07:45:47 +10:00
Mark Andrews
8431a9d3c1 4199. [protocol] Add support for NINFO, RKEY, SINK, TA. 
[RT #40545] [RT #40547] [RT #40561] [RT #40563]

(cherry picked from commit 5a49f61ca9)
 2015-09-11 17:36:18 +10:00