763345 – net-dns/bind-9.16.10 bump request

Bug 763345 - net-dns/bind-9.16.10 bump request

Summary: net-dns/bind-9.16.10 bump request

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High major
Assignee:	Mikle Kolyada (RETIRED)

URL:	https://downloads.isc.org/isc/bind9/9...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2021-01-04 00:18 UTC by Krzysztof Olędzki
Modified:	2021-01-20 15:34 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Krzysztof Olędzki 2021-01-04 00:18:24 UTC

Bug Fixes in 9.16.10

    Handling of missing DNS COOKIE responses over UDP was tightened by falling back to TCP. [GL #2275]

    The CNAME synthesized from a DNAME was incorrectly followed when the QTYPE was CNAME or ANY. [GL #2280]

    Building with native PKCS#11 support for AEP Keyper has been broken since BIND 9.16.6. This has been fixed. [GL #2315]



Bug Fixes in 9.16.9

    named could crash with an assertion failure if a TCP connection were closed while a request was still being processed. [GL #2227]

    named acting as a resolver could incorrectly treat signed zones with no DS record at the parent as bogus. Such zones should be treated as insecure. This has been fixed. [GL #2236]

    After a Negative Trust Anchor (NTA) is added, BIND performs periodic checks to see if it is still necessary. If BIND encountered a failure while creating a query to perform such a check, it attempted to dereference a NULL pointer, resulting in a crash. [GL #2244]

    A problem obtaining glue records could prevent a stub zone from functioning properly, if the authoritative server for the zone were configured for minimal responses. [GL #1736]

    UV_EOF is no longer treated as a TCP4RecvErr or a TCP6RecvErr. [GL #2208]