Hi, NSD 4.3.4rc1 pre-release is available: https://nlnetlabs.nl/downloads/nsd/nsd-4.3.4rc1.tar.gz sha256 225d4a635170ac6836759b39544ea14a7a44ccc0a1a3a1d748cb0cdc7b7c6fc5 pgp https://nlnetlabs.nl/downloads/nsd/nsd-4.3.4rc1.tar.gz.asc
This release fixes CVE-2020-28935, this solves a problem where the pidfile is altered by a symlink, and fails if a symlink is encountered. See https://nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt for more information. Also there are bug fixes and the syntax of the RR type ZONEMD can be used in zonefiles. 4.3.4 ================ FEATURES: - Merge PR #141: ZONEMD RR type. BUG FIXES: - Fix #129: ambiguous use of errno, in log message if sendmmsg fails. - Fix #128: Fix that the invalid port number is logged for sendmmsg failed: Invalid argument. - Fix #127: two minor `-Wcast-qual` cleanups - Fix #126: minor header hygiene - Fix #125: include config.h in compat/setproctitle.c and fix prototype of `setproctitle` - Fix #133: fix 0-init of local ( stack ) buffer. - Fix missing parenthesis on size of fix to init buffer. - Fix #134: IPV4_MINIMAL_RESPONSE_SIZE vs EDNS_MAX_MESSAGE_LEN. - Fix to add missing closest encloser NSEC3 for wildcard nodata type DS answer. - Remove unused init_cfg_parse routine from configlexer. - Fix #138: NSD returns non-EDNS answer when QUESTION is empty. - Fix #142: NODATA answers missin SOA in authority section after CNAME chain. - Fix for CVE-2020-28935 : Fix that symlink does not interfere with chown of pidfile. Best regards, Wouter _______________________________________________ nsd-users mailing list [email protected] https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users
