Domain Name System (DNS) Server (named)

Edit Package bind

Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols and provides an openly redistributable
reference implementation of the major components of the Domain Name
System. This package includes the components to operate a DNS server.

Refresh
Refresh
Source Files
Filename Size Changed
bind-9.18.24.tar.xz 0005515528 5.26 MB
bind-9.18.24.tar.xz.asc 0000000833 833 Bytes
bind-ldapdump-use-valid-host.patch 0000002541 2.48 KB
bind.changes 0000196013 191 KB
bind.conf 0000000444 444 Bytes
bind.keyring 0000009606 9.38 KB
bind.spec 0000022014 21.5 KB
dlz-schema.txt 0000006292 6.14 KB
dnszone-schema.txt 0000005637 5.5 KB
named.conf 0000000090 90 Bytes
named.root 0000003310 3.23 KB
vendor-files.tar.bz2 0000020398 19.9 KB
Latest Revision
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1146454 from Jorik Cronenberg's avatar Jorik Cronenberg (jcronenberg) (revision 205)
- Update to release 9.18.24
  Security Fixes:
  * Validating DNS messages containing a lot of DNSSEC signatures
    could cause excessive CPU load, leading to a denial-of-service
    condition. This has been fixed. (CVE-2023-50387)
    [bsc#1219823]
  * Preparing an NSEC3 closest encloser proof could cause excessiv
    CPU load, leading to a denial-of-service condition. This has
    been fixed. (CVE-2023-50868)
    [bsc#1219826]
  * Parsing DNS messages with many different names could cause
    excessive CPU load. This has been fixed. (CVE-2023-4408)
    [bsc#1219851]
  * Specific queries could cause named to crash with an assertion
    failure when nxdomain-redirect was enabled. This has been
    fixed. (CVE-2023-5517)
    [bsc#1219852]
  * A bad interaction between DNS64 and serve-stale could cause
    named to crash with an assertion failure, when both of these
    features were enabled. This has been fixed. (CVE-2023-5679)
    [bsc#1219853]
  * Query patterns that continuously triggered cache database
    maintenance could cause an excessive amount of memory to be
    allocated, exceeding max-cache-size and potentially leading to
    all available memory on the host running named being exhausted
    This has been fixed. (CVE-2023-6516)
    [bsc#1219854]
  * Under certain circumstances, the DNS-over-TLS client code
    incorrectly attempted to process more than one DNS message at a
    time, which could cause named to crash with an assertion
    failure. This has been fixed.
  Bug Fixes:
  * The counters exported via the statistics channel were changed
    back to 64-bit signed values; they were being inadvertently
    truncated to unsigned 32-bit values since BIND 9.15.0.
Comments 2


openSUSE Build Service is sponsored by