diff options
Diffstat (limited to 'doc/arm/Bv9ARM.ch09.html')
-rw-r--r-- | doc/arm/Bv9ARM.ch09.html | 32 |
1 files changed, 23 insertions, 9 deletions
diff --git a/doc/arm/Bv9ARM.ch09.html b/doc/arm/Bv9ARM.ch09.html index d1f0328b099c8..3511016ed7d63 100644 --- a/doc/arm/Bv9ARM.ch09.html +++ b/doc/arm/Bv9ARM.ch09.html @@ -45,7 +45,7 @@ <div class="toc"> <p><b>Table of Contents</b></p> <dl> -<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2563593">Release Notes for BIND Version 9.9.8-P2</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2563593">Release Notes for BIND Version 9.9.8-P3</a></span></dt> <dd><dl> <dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_intro">Introduction</a></span></dt> <dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_download">Download</a></span></dt> @@ -60,7 +60,7 @@ </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2563593"></a>Release Notes for BIND Version 9.9.8-P2</h2></div></div></div> +<a name="id2563593"></a>Release Notes for BIND Version 9.9.8-P3</h2></div></div></div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> <a name="relnotes_intro"></a>Introduction</h3></div></div></div> @@ -68,6 +68,11 @@ This document summarizes changes since BIND 9.9.8: </p> <p> + BIND 9.9.8-P3 addresses the security issue described in CVE-2015-8704. + It also fixes a serious regression in authoritative server selection + that was introduced in 9.9.8. + </p> +<p> BIND 9.9.8-P2 addresses security issues described in CVE-2015-3193 (OpenSSL), CVE-2015-8000 and CVE-2015-8461. </p> @@ -91,13 +96,13 @@ <a name="relnotes_security"></a>Security Fixes</h3></div></div></div> <div class="itemizedlist"><ul type="disc"> <li><p> - Named is potentially vulnerable to the OpenSSL vulnerabilty - described in CVE-2015-3193. + Specific APL data could trigger an INSIST. This flaw + was discovered by Brian Mitchell and is disclosed in + CVE-2015-8704. [RT #41396] </p></li> <li><p> - Incorrect reference counting could result in an INSIST - failure if a socket error occurred while performing a - lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945] + Named is potentially vulnerable to the OpenSSL vulnerabilty + described in CVE-2015-3193. </p></li> <li><p> Insufficient testing when parsing a message allowed @@ -106,6 +111,11 @@ were subsequently cached. This flaw is disclosed in CVE-2015-8000. [RT #40987] </p></li> +<li><p> + Incorrect reference counting could result in an INSIST + failure if a socket error occurred while performing a + lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945] + </p></li> </ul></div> </div> <div class="sect2" lang="en"> @@ -123,7 +133,11 @@ <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> <a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div> -<div class="itemizedlist"><ul type="disc"><li><p>None</p></li></ul></div> +<div class="itemizedlist"><ul type="disc"><li><p> + Authoritative servers that were marked as bogus (e.g. blackholed + in configuration or with invalid addresses) were being queried + anyway. [RT #41321] + </p></li></ul></div> </div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> @@ -163,6 +177,6 @@ </tr> </table> </div> -<p style="text-align: center;">BIND 9.9.8-P2 (Extended Support Version)</p> +<p style="text-align: center;">BIND 9.9.8-P3 (Extended Support Version)</p> </body> </html> |