diff options
Diffstat (limited to 'doc/arm/notes.html')
| -rw-r--r-- | doc/arm/notes.html | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/doc/arm/notes.html b/doc/arm/notes.html index fe1f686b83472..77019262df24a 100644 --- a/doc/arm/notes.html +++ b/doc/arm/notes.html @@ -21,7 +21,7 @@ </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="article" lang="en"><div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2542126"></a>Release Notes for BIND Version 9.9.8-P2</h2></div></div></div> +<a name="id2542126"></a>Release Notes for BIND Version 9.9.8-P3</h2></div></div></div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> <a name="relnotes_intro"></a>Introduction</h3></div></div></div> @@ -29,6 +29,11 @@ This document summarizes changes since BIND 9.9.8: </p> <p> + BIND 9.9.8-P3 addresses the security issue described in CVE-2015-8704. + It also fixes a serious regression in authoritative server selection + that was introduced in 9.9.8. + </p> +<p> BIND 9.9.8-P2 addresses security issues described in CVE-2015-3193 (OpenSSL), CVE-2015-8000 and CVE-2015-8461. </p> @@ -52,13 +57,13 @@ <a name="relnotes_security"></a>Security Fixes</h3></div></div></div> <div class="itemizedlist"><ul type="disc"> <li><p> - Named is potentially vulnerable to the OpenSSL vulnerabilty - described in CVE-2015-3193. + Specific APL data could trigger an INSIST. This flaw + was discovered by Brian Mitchell and is disclosed in + CVE-2015-8704. [RT #41396] </p></li> <li><p> - Incorrect reference counting could result in an INSIST - failure if a socket error occurred while performing a - lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945] + Named is potentially vulnerable to the OpenSSL vulnerabilty + described in CVE-2015-3193. </p></li> <li><p> Insufficient testing when parsing a message allowed @@ -67,6 +72,11 @@ were subsequently cached. This flaw is disclosed in CVE-2015-8000. [RT #40987] </p></li> +<li><p> + Incorrect reference counting could result in an INSIST + failure if a socket error occurred while performing a + lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945] + </p></li> </ul></div> </div> <div class="sect2" lang="en"> @@ -84,7 +94,11 @@ <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> <a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div> -<div class="itemizedlist"><ul type="disc"><li><p>None</p></li></ul></div> +<div class="itemizedlist"><ul type="disc"><li><p> + Authoritative servers that were marked as bogus (e.g. blackholed + in configuration or with invalid addresses) were being queried + anyway. [RT #41321] + </p></li></ul></div> </div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> |