Tinderbox User
e01f04d64f
regen v9_9
2015-08-16 01:13:36 +00:00
Evan Hunt
593fe634ce
[v9_9] fix the o umlaut for HTML and TXT too
2015-08-14 19:58:21 -07:00
Tinderbox User
0bdc6b5f60
regen v9_9
2015-08-14 01:12:38 +00:00
Tinderbox User
1820a3a14a
update copyright notice / whitespace
2015-08-13 23:46:17 +00:00
Evan Hunt
0fd8edc3c7
[v9_9] add CVE number
2015-08-13 15:31:39 -07:00
Tinderbox User
c85be0c8ec
document omlaut
...
(cherry picked from commit f619a2035b
2015-08-14 06:45:33 +10:00
Tinderbox User
4103379b9f
support umlaut 'o'
...
(cherry picked from commit a73d9c0b4d
2015-08-14 05:52:23 +10:00
Evan Hunt
08de7b3790
[v9_9] xml doesn't define ö
2015-08-12 18:16:50 -07:00
Evan Hunt
75f4d49205
[v9_9] fix length check in OPENPGPKEY
...
4170. [security] An incorrect boundary check in the OPENPGPKEY
rdatatype could trigger an assertion failure.
[RT #40286 ]
2015-08-11 20:02:45 -07:00
Tinderbox User
2efa02bae5
regen v9_9
2015-08-08 01:17:32 +00:00
Evan Hunt
0d83784a75
[v9_9] address buffer accounting error
...
4168. [security] A buffer accounting error could trigger an
assertion failure when parsing certain malformed
DNSSEC keys. (CVE-2015-5722) [RT #40212 ]
(cherry picked from commit ce9f893e21
2015-08-07 13:22:40 -07:00
Tinderbox User
c0fef5552a
regen v9_9
2015-08-07 01:15:03 +00:00
Evan Hunt
7a4e4c17a3
[v9_9] remove spurious "None"
2015-08-06 14:17:05 -07:00
Evan Hunt
f30ac9e0f1
[v9_9] revert incorrect 'correction'
2015-08-05 12:15:44 -07:00
Tinderbox User
0cd1091ce6
regen v9_9
2015-08-01 01:16:11 +00:00
Evan Hunt
c61fd79b0a
[v9_9] corrected relnotes -- assertion in name.c not message.c
2015-07-31 12:03:49 -07:00
Tinderbox User
7e8a691744
regenerate
2015-07-31 14:02:36 +00:00
Tinderbox User
e846218545
regen v9_9
2015-07-31 13:31:50 +00:00
Tinderbox User
06325cd2e2
regen v9_9
2015-07-24 01:12:20 +00:00
Mark Andrews
9115ff0255
whitespace
2015-07-23 19:52:25 +10:00
Tinderbox User
ff710362d9
regen v9_9
2015-07-21 01:12:42 +00:00
Evan Hunt
9ff2198baf
[v9_9] add missing doc section on max-recursion-{depth,queries}
2015-07-20 15:30:26 -07:00
Tinderbox User
059561425f
regen v9_9
2015-07-15 01:12:12 +00:00
Mark Andrews
3fa6d28ea3
add CVE-2015-5477
2015-07-15 08:01:11 +10:00
Tinderbox User
aa1535671f
regen v9_9
2015-07-10 01:12:20 +00:00
Evan Hunt
ea36796f82
[v9_9] DDoS mitigation features
...
3938. [func] Added quotas to be used in recursive resolvers
that are under high query load for names in zones
whose authoritative servers are nonresponsive or
are experiencing a denial of service attack.
- "fetches-per-server" limits the number of
simultaneous queries that can be sent to any
single authoritative server. The configured
value is a starting point; it is automatically
adjusted downward if the server is partially or
completely non-responsive. The algorithm used to
adjust the quota can be configured via the
"fetch-quota-params" option.
- "fetches-per-zone" limits the number of
simultaneous queries that can be sent for names
within a single domain. (Note: Unlike
"fetches-per-server", this value is not
self-tuning.)
- New stats counters have been added to count
queries spilled due to these quotas.
These options are not available by default;
use "configure --enable-fetchlimit" (or
--enable-developer) to include them in the build.
See the ARM for details of these options. [RT #37125 ]
2015-07-08 23:00:58 -07:00
Tinderbox User
363cc9876a
regen v9_9
2015-07-08 01:12:11 +00:00
Mark Andrews
5e210b5fe5
4158. [protocol] Support the printing of EDNS COOKIE options.
...
[RT #39928 ]
2015-07-07 15:49:36 +10:00
Tinderbox User
e12e9426c1
regen v9_9
2015-06-25 01:12:23 +00:00
Mark Andrews
07ab217f7f
4143. [bug] serial-query-rate was not effective for notify.
...
[RT #39858 ]
(cherry picked from commit be4b9178f0
2015-06-24 20:55:30 +10:00
Tinderbox User
e2e9af23ac
regen v9_9
2015-06-19 01:12:51 +00:00
Mukund Sivaraman
e6b7e545b5
Add comma
...
(cherry picked from commit f4d1c19691f38cbc4cc9
2015-06-17 12:26:40 +05:30
Mark Andrews
0bf16e3d36
add release notes for CVE-2015-4620
...
(cherry picked from commit 572e95f52a
2015-06-17 11:22:03 +10:00
Tinderbox User
ed2fcdc27f
regen v9_9
2015-06-06 01:17:24 +00:00
Mark Andrews
1aeff7e839
update rpz doc as per rt39703
2015-06-05 11:18:20 +10:00
Tinderbox User
ceed6cbf1a
regen v9_9
2015-06-05 01:12:25 +00:00
Tinderbox User
007cc2f36f
regen v9_9
2015-05-29 01:12:09 +00:00
Tinderbox User
11884ddefe
Merge branch 'v9_9' of ssh://repo.isc.org/proj/git/prod/bind9 into v9_9
2015-05-29 01:08:49 +00:00
Tinderbox User
2a71b08491
update copyright notice / whitespace
2015-05-28 23:46:13 +00:00
Tinderbox User
baecf74879
regen v9_9
2015-05-28 01:12:04 +00:00
Mark Andrews
f381cb86da
4127. [protocol] CDS and CDNSKEY need to be signed by the key signing
...
key as per RFC 7344, Section 4.1. [RT #37215 ]
(cherry picked from commit 598b502695
2015-05-27 15:45:46 +10:00
Mark Andrews
aec5c211a9
4117. [protocol] Add EMPTY.AS112.ARPA as per RFC 7534.
...
(cherry picked from commit 8f20f6c9d7
2015-05-15 08:23:43 +10:00
Tinderbox User
985cabe465
regen v9_9
2015-05-05 01:12:43 +00:00
Tinderbox User
7dc09dd9ab
regen v9_9
2015-04-25 01:16:00 +00:00
Mark Andrews
63cab783fa
4109. [port] linux: support reading the local port range from
...
net.ipv4.ip_local_port_range. [RT # 39379]
2015-04-25 08:28:17 +10:00
Tinderbox User
8fae5f5da8
regen v9_9
2015-04-16 01:12:15 +00:00
Evan Hunt
ef6df1745c
[v9_9] fix +split with dig +short
...
4101. [bug] dig: the +split option didn't work with +short.
[RT #39291 ]
2015-04-15 10:09:01 -07:00
Tinderbox User
4ef68de38f
regen v9_9
2015-04-09 01:12:30 +00:00
Evan Hunt
df3550ef06
[v9_9] hold a reference on fetch context during query
...
4094. [bug] A race during shutdown or reconfiguration could
cause an assertion in mem.c. [RT #38979 ]
(cherry picked from commit 2cfe85e6ee33ec97102b6e2e80c86f827bba8594)
(cherry picked from commit 4426003759850ebef210abd2fa339b57ddda3355)
2015-04-08 13:54:05 -07:00
Tinderbox User
84e03d24a4
regen v9_9
2015-04-07 01:12:29 +00:00
