0b2a0db4dc
BIND 9.5.2-P2 is a SECURITY PATCH for BIND 9.5.2. It addresses two potential cache poisoning vulnerabilities, both of which could allow a validating recursive nameserver to cache data which had not been authenticated or was invalid. CVE identifiers: CVE-2009-4022, CVE-2010-0097 CERT advisories: VU#418861, VU#360341 Changes since 9.5.2-P1: 2831. [security] Do not attempt to validate or cache out-of-bailiwick data returned with a secure answer; it must be re-fetched from its original source and validated in that context. [RT #20819] 2828. [security] Cached CNAME or DNAME RR could be returned to clients without DNSSEC validation. [RT #20737] 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712] |
||
|---|---|---|
| .. | ||
| files | ||
| patches | ||
| buildlink3.mk | ||
| builtin.mk | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| MESSAGE | ||
| options.mk | ||
| PLIST | ||