Commit Graph

2 Commits

Author SHA1 Message Date
Petr Menšík dc3f4d28ab Fix small differences to upstream patches
Some small differences went unnoticed and cause system test upforwd
failure. Fix both code change and test to pass.

Resolves: CVE-2022-3094
2023-02-25 03:10:37 +01:00
Petr Menšík a85d02f014 Prevent flooding with UPDATE requests
6064.	[security]	An UPDATE message flood could cause named to exhaust all
			available memory. This flaw was addressed by adding a
			new "update-quota" statement that controls the number of
			simultaneous UPDATE messages that can be processed or
			forwarded. The default is 100. A stats counter has been
			added to record events when the update quota is
			exceeded, and the XML and JSON statistics version
			numbers have been updated. (CVE-2022-3094) [GL #3523]

Resolves: CVE-2022-3094
2023-02-08 18:47:31 +01:00