deepcrayon
/
buildroot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
buildroot/package/bind
History
Peter Korsgaard e14d89d5e0 bind: security bump to version 9.11-P1 
Fixes the following security issues:

CVE-2017-3140 is a denial-of-service vulnerability affecting 9.9.10,
9.10.5, 9.11.0->9.11.1, 9.9.10-S1, and 9.10.5-S1 when configured with
Response Policy Zones (RPZ) utilizing NSIP or NSDNAME rules.

https://kb.isc.org/article/AA-01495/74/CVE-2017-3140

CVE-2017-3141 is a Windows privilege escalation vector affecting
9.2.6-P2+, 9.3.2-P1+, 9.4.x, 9.5.x, 9.6.x, 9.7.x, 9.8.x, 9.9.0->9.9.10,
9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, and 9.10.5-S1.  The
BIND Windows installer failed to properly quote the service paths,
possibly allowing a local user to achieve privilege escalation, if
allowed by file system permissions.

https://kb.isc.org/article/AA-01496/74/CVE-2017-3141

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 		2017-06-20 23:14:16 +02:00
..
0002-cross.patch bind: not available for static builds 2014-11-28 12:07:52 +01:00
0003-Rename-ptrsize-to-ptr_size.patch bind: rename ptrsize to ptr_size in the code 2016-01-26 23:05:40 +01:00
Config.in package/b*/Config.in: fix help text wrapping 2017-05-11 23:26:49 +02:00
S81named package: Replace 'echo -n' by 'printf' 2015-10-04 00:56:41 +02:00
bind.hash bind: security bump to version 9.11-P1 2017-06-20 23:14:16 +02:00
bind.mk bind: security bump to version 9.11-P1 2017-06-20 23:14:16 +02:00
named.service bind: Add systemd unit file and install it to run at startup. 2015-01-12 22:22:20 +01:00