jonathan/bind
1
0
Fork 0
forked from rpms/bind
Code Pull Requests Activity
The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
56 Commits 6 Branches 47 Tags 1.2 MiB
C 52.8%
Roff 23.8%
Shell 23.2%
Makefile 0.2%
12f1cd3444
Go to file
Petr Menšík 12f1cd3444 Fix CVE-2023-2911 
6192.	[security]	A query that prioritizes stale data over lookup
			triggers a fetch to refresh the stale data in cache.
			If the fetch is aborted for exceeding the recursion
			quota, it was possible for 'named' to enter an infinite
			callback loop and crash due to stack overflow. This has
			been fixed. (CVE-2023-2911) [GL #4089]

Resolves: CVE-2023-2911
2023-07-19 18:24:02 +02:00
tests Merged update from upstream sources 2021-01-12 20:05:29 +00:00
.gitignore Update 9.16.23 2021-11-23 11:26:51 +01:00
bind93-rh490837.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind97-exportlib.patch RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
bind97-rh645544.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.5-dlz-64bit.patch RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
bind-9.5-PIE.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.9.1-P2-dlz-libdb.patch RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
bind-9.10-dist-native-pkcs11.patch Update to 9.16.16 2021-07-22 00:31:03 +02:00
bind-9.11-feature-test-named.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.11-fips-disable.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.11-fips-tests.patch Update to 9.16.13 2021-05-04 14:08:10 +02:00
bind-9.11-kyua-pkcs11.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.11-rh1666814.patch Remove merged changes and update changed patch 2021-11-23 11:27:00 +01:00
bind-9.11-tests-variants.patch Update to 9.16.16 2021-07-22 00:31:03 +02:00
bind-9.11.12.tar.gz.asc RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
bind-9.14-config-pkcs11.patch Update to 9.16.13 2021-05-04 14:08:10 +02:00
bind-9.14-json-c.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.14.7.tar.gz.asc Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.16-CVE-2021-25220-test.patch Add tests for forwarder cache poisoning scenarios 2022-04-11 18:07:08 +02:00
bind-9.16-CVE-2021-25220.patch Tighten cache protection against record from forwarders 2022-04-11 18:00:59 +02:00
bind-9.16-CVE-2022-0396.patch [CVE-2022-0396] Resolve #3112 TCP sockets stuck in CLOSE_WAIT 2022-03-25 21:03:37 +01:00
bind-9.16-CVE-2022-2795.patch Bound the amount of work performed for delegations 2022-10-04 19:52:37 +02:00
bind-9.16-CVE-2022-3080.patch Fix CVE-2022-3080 2022-09-22 22:14:55 +02:00
bind-9.16-CVE-2022-3094-1.patch Fix small differences to upstream patches 2023-02-25 03:10:37 +01:00
bind-9.16-CVE-2022-3094-2.patch Prevent flooding with UPDATE requests 2023-02-08 18:47:31 +01:00
bind-9.16-CVE-2022-3094-3.patch Prevent flooding with UPDATE requests 2023-02-08 18:47:31 +01:00
bind-9.16-CVE-2022-3094-test.patch Fix small differences to upstream patches 2023-02-25 03:10:37 +01:00
bind-9.16-CVE-2022-3736.patch Handle RRSIG queries when server-stale is active 2023-02-09 17:28:30 +01:00
bind-9.16-CVE-2022-3924.patch Fix crash when soft-quota is reached and serve-stale is active 2023-02-09 17:52:04 +01:00
bind-9.16-CVE-2022-38177.patch Fix CVE-2022-38177 2022-09-22 22:14:56 +02:00
bind-9.16-CVE-2022-38178.patch Fix CVE-2022-38178 2022-09-22 22:14:56 +02:00
bind-9.16-CVE-2023-2828.patch Fix CVE-2023-2828 2023-07-19 18:09:09 +02:00
bind-9.16-CVE-2023-2911-1.patch Fix CVE-2023-2911 2023-07-19 18:24:02 +02:00
bind-9.16-CVE-2023-2911-2.patch Fix CVE-2023-2911 2023-07-19 18:24:02 +02:00
bind-9.16-CVE-2023-2911-3.patch Fix CVE-2023-2911 2023-07-19 18:24:02 +02:00
bind-9.16-redhat_doc.patch Update to 9.16.13 2021-05-04 14:08:10 +02:00
bind-9.16-rh2101712.patch fixup! Have dns_zt_apply lock the zone table 2023-02-27 14:44:05 +01:00
bind-9.16-rh2133889.patch Add include to rwlocktype_t to dns/zt.h 2023-01-21 00:03:05 +01:00
bind.spec Fix CVE-2023-2911 2023-07-19 18:24:02 +02:00
bind.tmpfiles.d RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
Changes.md Merged update from upstream sources 2021-01-22 20:42:08 +00:00
ci.fmf Merged update from upstream sources 2021-01-12 20:05:29 +00:00
codesign2021.txt Merged update from upstream sources 2021-01-22 20:42:08 +00:00
gating.yaml Update gating for RHEL9 2021-08-26 12:45:34 +02:00
generate-rndc-key.sh Merged update from upstream sources 2021-01-22 20:42:08 +00:00
ldap2zone.c RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
makefile-replace-libs.py RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named-chroot-setup.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named-chroot.files Propagate system emphemeral ports to chroot 2021-10-13 12:27:59 +02:00
named-chroot.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named-pkcs11.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named-setup-rndc.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.conf Merged update from upstream sources 2021-01-22 20:42:08 +00:00
named.conf.sample Merged update from upstream sources 2021-01-22 20:42:08 +00:00
named.empty RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.localhost RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.logrotate RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.loopback RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.rfc1912.zones RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.root RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.root.key Merged update from upstream sources 2021-01-22 20:42:08 +00:00
named.rwtab RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.sysconfig RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
README.md Merged update from upstream sources 2021-01-22 20:42:08 +00:00
setup-named-chroot.sh RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
setup-named-softhsm.sh RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
softhsm2.conf.in RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
sources Update 9.16.23 2021-11-23 11:26:51 +01:00
trusted-key.key RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00

README.md

BIND 9

BIND (Berkeley Internet Name Domain) is a complete, highly portable implementation of the DNS (Domain Name System) protocol.

Internet Systems Consortium (https://www.isc.org), a 501(c)(3) public benefit corporation dedicated to providing software and services in support of the Internet infrastructure, developed BIND 9 and is responsible for its ongoing maintenance and improvement.

More details about upstream project can be found on their gitlab. This repository contains only upstream sources and packaging instructions for Fedora Project.

Subpackages

The package contains several subpackages, some of them can be disabled on rebuild.

  • bind -- named daemon providing DNS server
  • bind-utils -- set of tools to analyse DNS responses or update entries (dig, host)
  • bind-doc -- documentation for current bind, BIND 9 Administrator Reference Manual.
  • bind-license -- Shared license for all packages but bind-export-libs.
  • bind-pkcs11 -- named daemon built with native PKCS#11 support. Can be disabled by --without PKCS11.
  • bind-libs and bind-libs-lite -- Shared libraries used by some others programs
  • bind-devel -- Development headers for libs.
  • bind-dlz-* -- Dynamic loadable DLZ plugins with support for external databases

Optional features

  • GSSTSIG -- Support for Kerberos authentication in BIND.
  • LMDB -- Support for dynamic database for managing runtime added zones. Provides faster removal of added zone with much less overhead. But requires lmdb linked to base libs.
  • DLZ -- Support for dynamic loaded modules providing support for features bind-sdb provides, but only small module is required.