mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-04 06:10:16 +03:00
bind: security bump to version 9.11.1-P2
Fixes the following security issues: CVE-2017-3142: An error in TSIG authentication can permit unauthorized zone transfers An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: * providing an AXFR of a zone to an unauthorized recipient * accepting bogus NOTIFY packets https://kb.isc.org/article/AA-01504/74/CVE-2017-3142 CVE-2017-3041: An error in TSIG authentication can permit unauthorized dynamic updates An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. https://kb.isc.org/article/AA-01503/74/CVE-2017-3143 Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is contained in:
Peter Korsgaard
committed by
Thomas Petazzoni
Thomas Petazzoni
parent
d2a151cea0
commit
a0c53973f8
@@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
BIND_VERSION = 9.11.1-P1
|
||||
BIND_VERSION = 9.11.1-P2
|
||||
BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION)
|
||||
# bind does not support parallel builds.
|
||||
BIND_MAKE = $(MAKE1)
|
||||
|
||||
Reference in New Issue
Block a user