git.libre-soc.org Git - buildroot.git/commit

author	Peter Korsgaard <peter@korsgaard.com>
	Sat, 1 May 2021 11:02:59 +0000 (13:02 +0200)
committer	Yann E. MORIN <yann.morin.1998@free.fr>
	Sat, 1 May 2021 12:57:33 +0000 (14:57 +0200)
commit	862609b389dbcae688fd23d31973653741dd48e6
tree	27fff570c6fbb47047c17ee031e6c370d0794740	tree
parent	ea8c74000883e102c5642f35013dbc8bd14a235d	commit \| diff

package/bind: security bump to version 9.11.31

Fixes the following security issues:

- A malformed incoming IXFR transfer could trigger an assertion failure in
  named, causing it to quit abnormally.  (CVE-2021-25214)

- named crashed when a DNAME record placed in the ANSWER section during
  DNAME chasing turned out to be the final answer to a client query.
  (CVE-2021-25215)

- When a server's configuration set the tkey-gssapi-keytab or
  tkey-gssapi-credential option, a specially crafted GSS-TSIG query could
  cause a buffer overflow in the ISC implementation of SPNEGO (a protocol
  enabling negotiation of the security mechanism used for GSSAPI
  authentication).  This flaw could be exploited to crash named binaries
  compiled for 64-bit platforms, and could enable remote code execution when
  named was compiled for 32-bit platforms.  (CVE-2021-25216)

For more details, see the release notes:
https://downloads.isc.org/isc/bind9/9.11.31/RELEASE-NOTES-bind-9.11.31.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/bind/bind.hash		diff \| blob \| history
package/bind/bind.mk		diff \| blob \| history