drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Knot
Name: |
Mehrere Probleme in Knot |
|
ID: |
FEDORA-2017-038e821698 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 25 |
|
Datum: |
Do, 9. März 2017, 16:42 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
Knot |
|
Originalnachricht |
Name : knot Product : Fedora 25 Version : 2.4.1 Release : 1.fc25 URL : http://www.knot-dns.cz Summary : High-performance authoritative DNS server Description : Knot DNS is a high-performance authoritative DNS server implementation.
------------------------------------------------------------------------------- - Update Information:
Knot Resolver 1.2.3 (2017-02-23) ================================ Bugfixes -------- - Disable storing GLUE records into the cache even in the (non- default) QUERY_PERMISSIVE mode - iterate: skip answer RRs that don't match the query - layer/iterate: some additional processing for referrals - lib/resolve: zonecut fetching error was fixed Knot Resolver 1.2.2 (2017-02-10) ================================ Bugfixes: --------- - Fix -k argument processing to avoid out-of-bounds memory accesses - lib/resolve: fix zonecut fetching for explicit DS queries - hints: more NULL checks - Fix TA bootstrapping for multiple TAs in the IANA XML file Testing: -------- - Update tests to run tests with and without QNAME minimization Knot Resolver 1.2.1 (2017-02-01) ==================================== Security: --------- - Under certain conditions, a cached negative answer from a CD query would be reused to construct response for non-CD queries, resulting in Insecure status instead of Bogus. Only 1.2.0 release was affected. Documentation ------------- - Update the typo in the documentation: The query trace policy is named policy.QTRACE (and not policy.TRACE) Bugfixes: --------- - lua: make the map command check its arguments Knot DNS 2.4.1 (2017-02-10) =========================== Bugfixes: -------- - Transfer of a huge rrset goes into an infinite loop - Huge response over TCP contains useless TC bit instead of SERVFAIL - Failed to build utilities with disabled daemon - Memory leaks during keys removal - Rough TSIG packet reservation causes early truncation - Minor out-of-bounds string termination write in rrset dump - Server crash during stop if failed to open timers DB - Poor minimum UDP-max-size configuration check - Failed to receive one-record-per-message IXFR-style AXFR - Kdig timeouts when receiving RCODE != NOERROR on subsequent transfer message Improvements: ------------- - Speed-up of rdata addition into a huge rrset - Introduce check of minumum timeout for next refresh - Dnsproxy module can forward all queries without local resolving ---- Latest upstream release. Includes bugfixes for DNSSEC key management. ---- Latest upstream versions with bunch of impotant bugfixes. ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade knot' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
|
|
|
|