Training courses

Kernel and Embedded Linux

Bootlin training courses

Embedded Linux, kernel,
Yocto Project, Buildroot, real-time,
graphics, boot time, debugging...

Bootlin logo

Elixir Cross Referencer

Open Menu /external/mpl/bind/dist/doc/arm/notes-sec-fixes.xml 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<!--
 - Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 -
 - This Source Code Form is subject to the terms of the Mozilla Public
 - License, v. 2.0. If a copy of the MPL was not distributed with this
 - file, You can obtain one at http://mozilla.org/MPL/2.0/.
 -
 - See the COPYRIGHT file distributed with this work for additional
 - information regarding copyright ownership.
-->

<section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
  <itemizedlist>
    <listitem>
      <para>
        A race condition could trigger an assertion failure when
        a large number of incoming packets were being rejected.
        This flaw is disclosed in CVE-2019-6471. [GL #942]
      </para>
    </listitem>
    <listitem>
      <para>
	<command>named</command> could crash with an assertion failure
	if a forwarder returned a referral, rather than resolving the
	query, when QNAME minimization was enabled.  This flaw is
	disclosed in CVE-2019-6476. [GL #1501]
      </para>
    </listitem>
    <listitem>
      <para>
	A flaw in DNSSEC verification when transferring mirror zones
	could allow data to be incorrectly marked valid. This flaw
	is disclosed in CVE-2019-6475. [GL #16P]
      </para>
    </listitem>
  </itemizedlist>
</section>