rpms/bind - bind - AlmaLinux OS Foundation Git Server

rpms/bind

Fork 1

Commit Graph

Author	SHA1	Message	Date
Petr Menšík	4cefc72f11	Add tests for forwarder cache poisoning scenarios - Check that an NS in an authority section returned from a forwarder which is above the name in a configured "forward first" or "forward only" zone (i.e., net/NS in a response from a forwarder configured for local.net) is not cached. - Test that a DNAME for a parent domain will not be cached when sent in a response from a forwarder configured to answer for a child. - Check that glue is rejected if its name falls below that of zone configured locally. - Check that an extra out-of-bailiwick data in the answer section is not cached (this was already working correctly, but was not explicitly tested before). Related: CVE-2021-25220	2022-04-11 18:07:08 +02:00

Author

SHA1

Message

Date

Petr Menšík

4cefc72f11

Add tests for forwarder cache poisoning scenarios

- Check that an NS in an authority section returned from a forwarder
  which is above the name in a configured "forward first" or "forward
  only" zone (i.e., net/NS in a response from a forwarder configured for
  local.net) is not cached.
- Test that a DNAME for a parent domain will not be cached when sent
  in a response from a forwarder configured to answer for a child.
- Check that glue is rejected if its name falls below that of zone
  configured locally.
- Check that an extra out-of-bailiwick data in the answer section is
  not cached (this was already working correctly, but was not explicitly
  tested before).

Related: CVE-2021-25220

2022-04-11 18:07:08 +02:00

1 Commits