mirror of
https://github.com/isc-projects/bind9.git
synced 2026-03-06 23:40:25 -05:00
2f37ab1dac
Intertwining release notes from different BIND releases in a single XML file has caused confusion in the past due to different (and often arbitrary) approaches to keeping/removing release notes from older releases on different BIND branches. Divide doc/arm/notes.xml into per-version sections to simplify determining the set of changes introduced by a given release and to make adding/reviewing release notes less error-prone.
34 lines
1.2 KiB
XML
34 lines
1.2 KiB
XML
<!--
|
|
- Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
-
|
|
- This Source Code Form is subject to the terms of the Mozilla Public
|
|
- License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
-
|
|
- See the COPYRIGHT file distributed with this work for additional
|
|
- information regarding copyright ownership.
|
|
-->
|
|
|
|
<section xml:id="relnotes-9.15.5"><info><title>Notes for BIND 9.15.5</title></info>
|
|
|
|
<section xml:id="relnotes-9.15.5-security"><info><title>Security Fixes</title></info>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>
|
|
<command>named</command> could crash with an assertion failure
|
|
if a forwarder returned a referral, rather than resolving the
|
|
query, when QNAME minimization was enabled. This flaw is
|
|
disclosed in CVE-2019-6476. [GL #1051]
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
A flaw in DNSSEC verification when transferring mirror zones
|
|
could allow data to be incorrectly marked valid. This flaw
|
|
is disclosed in CVE-2019-6475. [GL #1252]
|
|
</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</section>
|
|
|
|
</section>
|