-
Tue Mar 12 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-14.4
- Rebuild with correct z-stream tag again
-
Wed Feb 28 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-14.3
- Rebuild together with bind-dyndb-ldap to adjust ABI changes
-
Mon Feb 19 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-14.2
- Import tests for large DNS messages fix
- Add downstream change complementing CVE-2023-50387
-
Mon Feb 12 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-14.1
- Prevent increased CPU load on large DNS messages (CVE-2023-4408)
- Prevent assertion failure when nxdomain-redirect is used with
RFC 1918 reverse zones (CVE-2023-5517)
- Prevent assertion failure if DNS64 and serve-stale is used (CVE-2023-5679)
- Specific recursive query patterns may lead to an out-of-memory
condition (CVE-2023-6516)
- Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387
CVE-2023-50868)
-
Wed Sep 20 2023 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-14
- Limit the amount of recursion possible in control channel (CVE-2023-3341)
-
Mon Jun 26 2023 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-13
- Prevent possible endless loop when refreshing stale data (CVE-2023-2911)
-
Tue Jun 20 2023 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-12
- Strengten cache cleaning to prevent overflowing configured limit
(CVE-2023-2828)
-
Mon Feb 27 2023 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-11
- Correct backport issue in statistics rendering fix (#2126912)
-
Sat Feb 25 2023 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-10
- Handle subtle difference between upstream and rhel (CVE-2022-3094)
-
Wed Feb 08 2023 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-9
- Prevent flooding with UPDATE requests (CVE-2022-3094)
- Handle RRSIG queries when server-stale is active (CVE-2022-3736)
- Fix crash when soft-quota is reached and serve-stale is active (CVE-2022-3924)