openSUSE Build Service

Dominique Leuenberger (dimstar_suse) accepted request 525963 from

mrdocs over 6 years ago (revision 127)

Dominique Leuenberger (dimstar_suse) accepted request 521995 from

Marcus Meissner (msmeissn) over 6 years ago (revision 126)

- Enable JSON statistics

Dominique Leuenberger (dimstar_suse) accepted request 510389 from

Dirk Mueller (dirkmueller) almost 7 years ago (revision 125)

Dominique Leuenberger (dimstar_suse) accepted request 507946 from

mrdocs almost 7 years ago (revision 124)

Dominique Leuenberger (dimstar_suse) accepted request 496968 from

Marcus Meissner (msmeissn) almost 7 years ago (revision 123)

a- Fix named init script to dynamically find the location of the
   openssl engines (boo#1040027). (forwarded request 496935 from dimstar)

Yuchen Lin (maxlin_factory) accepted request 482314 from

Marcus Meissner (msmeissn) about 7 years ago (revision 122)

Dominique Leuenberger (dimstar_suse) accepted request 459475 from

Marcus Meissner (msmeissn) about 7 years ago (revision 121)

Dominique Leuenberger (dimstar_suse) accepted request 457428 from

Navin Kukreja (nkukreja) about 7 years ago (revision 120)

Dominique Leuenberger (dimstar_suse) accepted request 452040 from

Dirk Mueller (dirkmueller) over 7 years ago (revision 119)

Dominique Leuenberger (dimstar_suse) accepted request 438333 from

Marcus Meissner (msmeissn) over 7 years ago (revision 118)

Apply cve-2016-8864.patch to fix CVE-2016-8864 (bsc#1007829). (forwarded request 438189 from psimons)

Dominique Leuenberger (dimstar_suse) accepted request 430623 from

Ismail Dönmez (namtrac) over 7 years ago (revision 117)

Dominique Leuenberger (dimstar_suse) accepted request 404235 from

Factory Maintainer (factory-maintainer) almost 8 years ago (revision 116)

Automatic submission by obs-autosubmit

Dominique Leuenberger (dimstar_suse) accepted request 390129 from

Rusmir Duško (nemysis) about 8 years ago (revision 115)

Dominique Leuenberger (dimstar_suse) accepted request 370068 from

Reinhard Max (rmax) about 8 years ago (revision 114)

- Security update 9.10.3-P3:
  * CVE-2016-1285, bsc#970072: assert failure on input parsing can
    cause premature exit.
  * CVE-2016-1286, bsc#970073: An error when parsing signature
    records for DNAME can lead to named exiting due to an assertion
    failure.
  * CVE-2016-2088, bsc#970074: a deliberately misconstructed packet
    containing multiple cookie options to cause named to terminate
    with an assertion failure.

Dominique Leuenberger (dimstar_suse) accepted request 361595 from

Dirk Mueller (dirkmueller) about 8 years ago (revision 113)

Dominique Leuenberger (dimstar_suse) accepted request 354931 from

Reinhard Max (rmax) over 8 years ago (revision 112)

- Security update 9.10.3-P3:
  * Specific APL data could trigger an INSIST (CVE-2015-8704,
    bsc#962189).
  * Certain errors that could be encountered when printing out or
    logging an OPT record containing a CLIENT-SUBNET option could
    be mishandled, resulting in an assertion failure
    (CVE-2015-8705, bsc#962190).
  * Authoritative servers that were marked as bogus (e.g.
    blackholed in configuration or with invalid addresses) were
    being queried anyway.

Dominique Leuenberger (dimstar_suse) accepted request 350227 from

Reinhard Max (rmax) over 8 years ago (revision 111)

- Update to version 9.10.3-P2 to fix a remote denial of service by
  misparsing incoming responses (CVE-2015-8000, bsc#958861).

Dominique Leuenberger (dimstar_suse) accepted request 336452 from

Reinhard Max (rmax) over 8 years ago (revision 110)

- Avoid double %setup, it confuses some versions of quilt.
- Summary/description update (forwarded request 336332 from jengelh)

Dominique Leuenberger (dimstar_suse) accepted request 333033 from

Lars Müller (lmuelle) over 8 years ago (revision 109)

Dominique Leuenberger (dimstar_suse) accepted request 319467 from

Lars Müller (lmuelle) almost 9 years ago (revision 108)

- Update to version 9.10.2-P3
  Security Fixes
  * A specially crafted query could trigger an assertion failure in message.c.
    This flaw was discovered by Jonathan Foote, and is disclosed in
    CVE-2015-5477. [RT #39795]
  * On servers configured to perform DNSSEC validation, an assertion failure
    could be triggered on answers from a specially configured server.
    This flaw was discovered by Breno Silveira Soares, and is disclosed
    in CVE-2015-4620. [RT #39795]
  Bug Fixes
  * Asynchronous zone loads were not handled correctly when the zone load was
    already in progress; this could trigger a crash in zt.c. [RT #37573]
  * Several bugs have been fixed in the RPZ implementation:
    + Policy zones that did not specifically require recursion could be treated
      as if they did; consequently, setting qname-wait-recurse no; was
      sometimes ineffective. This has been corrected. In most configurations,
      behavioral changes due to this fix will not be noticeable. [RT #39229]
    + The server could crash if policy zones were updated (e.g. via
      rndc reload or an incoming zone transfer) while RPZ processing
      was still ongoing for an active query. [RT #39415]
    + On servers with one or more policy zones configured as slaves, if a
      policy zone updated during regular operation (rather than at startup)
      using a full zone reload, such as via AXFR, a bug could allow the RPZ
      summary data to fall out of sync, potentially leading to an assertion
      failure in rpz.c when further incremental updates were made to the zone,
      such as via IXFR. [RT #39567]
    + The server could match a shorter prefix than what was
      available in CLIENT-IP policy triggers, and so, an unexpected
      action could be taken. This has been corrected. [RT #39481]
    + The server could crash if a reload of an RPZ zone was initiated while

Places

Revisions of bind

Places