Commit 7ea45838 authored by Mark Andrews's avatar Mark Andrews Committed by Michał Kępień

Add release notes entry

parent 83965f70
......@@ -14,6 +14,14 @@ Notes for BIND 9.17.2
Security Fixes
~~~~~~~~~~~~~~
- To prevent exhaustion of server resources by a maliciously configured
domain, the number of recursive queries that can be triggered by a
request before aborting recursion has been further limited. Root and
top-level domain servers are no longer exempt from the
``max-recursion-queries`` limit. Fetches for missing name server
address records are limited to 4 for any domain. This issue was
disclosed in CVE-2020-8616. [GL #1388]
- Replaying a TSIG BADTIME response as a request could trigger an
assertion failure. This was disclosed in CVE-2020-8617. [GL #1703]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment