CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2024/02/13 07:13:32
Modified files:
net/isc-bind : Tag: OPENBSD_7_4 Makefile distinfo
net/isc-bind/patches: Tag: OPENBSD_7_4
patch-lib_isc_netmgr_netmgr_c
Log message:
update to isc-bind-9.18.24
Validating DNS messages containing a lot of DNSSEC signatures could
cause excessive CPU load, leading to a denial-of-service condition.
(CVE-2023-50387)
Preparing an NSEC3 closest encloser proof could cause excessive CPU
load, leading to a denial-of-service condition. (CVE-2023-50868)
Parsing DNS messages with many different names could cause excessive CPU
load. (CVE-2023-4408)
Specific queries could cause named to crash with an assertion failure
when nxdomain-redirect was enabled. (CVE-2023-5517)
A bad interaction between DNS64 and serve-stale could cause named to
crash with an assertion failure, when both of these features were
enabled. (CVE-2023-5679)
Under certain circumstances, the DNS-over-TLS client code incorrectly
attempted to process more than one DNS message at a time, which could
cause named to crash with an assertion failure.
