Age | Commit message (Collapse) | Author | Files | Lines |
|
triggerable assertion failure in pk11.c
Change-Id: Idb5f01dbc5d4f4827a2d420e5c4720f36e81540e
|
|
Free ctx on invalid siglen
Change-Id: I7682b5711d9799f117021c3dc96881593311b061
|
|
Free eckey on siglen mismatch
Change-Id: Ib10c4b6fc1edd71ad9a3306db22754b99a08e3e5
|
|
Limit the amount of database lookups that can be triggered in
fctx_getaddresses() (i.e. when determining the name server addresses to
query next) by setting a hard limit on the number of NS RRs processed
for any delegation encountered. Without any limit in place, named can
be forced to perform large amounts of database lookups per each query
received, which severely impacts resolver performance.
The limit used (20) is an arbitrary value that is considered to be big
enough for any sane DNS delegation.
(cherry picked from commit 3a44097f)
Change-Id: I91033c9ff4a70c55b32c80e9eb3cf35309b79384
|
|
DNAME to be processed to resolve itself
See merge request isc-private/bind9!281
https://kb.isc.org/v1/docs/cve-2021-25215
Change-Id: Ibd8d0ee0e637eda7d4540c567dca6a7569f04058
|
|
See merge request isc-private/bind9!235
https://kb.isc.org/v1/docs/cve-2020-8625
Change-Id: Ic341e6aa2d32084c7c50f53dff9e70a219b5ddd6
|
|
forwarding [TEST] [v9.16]
See merge request isc-projects/bind9!4042
https://kb.isc.org/v1/docs/cve-2020-8621
Change-Id: I754eb4efae881f57f5dea2bfada27d4208e0c4b7
|
|
Change-Id: I927c881925cd7d9bc9a275fd846505d503b43a9b
|
|
Change-Id: I122b98d3f939c6e8533ee78070a065b6bec17085
|
|
Change-Id: I04261b1d3d81ead0a7732834f02fc4219d86f5aa
|
|
Change-Id: I9862c8cce19b946c136679f28ba5ecbf59eed586
|