path: root/package/python3
diff options
authorGravatar Peter Korsgaard <peter@korsgaard.com>2021-02-18 09:22:26 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2021-02-22 14:35:10 +0100
commit6376decbda3b1373dfaa5a67ff5cb37f0276a7dc (patch)
tree2b73b77da1245f2c0dc1e08e2d0569fc95dcd210 /package/python3
parente41b170b328cc086334948ff3b8038075e2c09ce (diff)
package/bind: security bump to version 9.11.28
Fixes the following security issue: - CVE-2020-8625: When tkey-gssapi-keytab or tkey-gssapi-credential was configured, a specially crafted GSS-TSIG query could cause a buffer overflow in the ISC implementation of SPNEGO (a protocol enabling negotiation of the security mechanism to use for GSSAPI authentication). This flaw could be exploited to crash named. Theoretically, it also enabled remote code execution, but achieving the latter is very difficult in real-world conditions For details, see the advisory: https://kb.isc.org/docs/cve-2020-8625 In addition, 9.11.26-27 fixed a number of issues, see the release notes for details: https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.html Drop now upstreamed patches, update the GPG key for the 2021-2022 variant and update the COPYRIGHT hash for a change of year: -Copyright (C) 1996-2020 Internet Systems Consortium, Inc. ("ISC") +Copyright (C) 1996-2021 Internet Systems Consortium, Inc. ("ISC") Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/python3')
0 files changed, 0 insertions, 0 deletions