CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2019/02/21 16:35:34
Modified files: net/isc-bind : Makefile distinfo Log message: security update to isc-bind 9.11.5-P4 CVE-2018-5744: A specially crafted packet can cause named to leak memory ... A failure to free memory can occur when processing messages having a specific combination of EDNS options. By exploiting this condition, an attacker can potentially cause named's memory use to grow without bounds until all memory available to the process is exhausted. Typically a server process is limited as to the amount of memory it can use but if the named process is not limited by the operating system all free memory on the server could be exhausted. ... CVE-2018-5745: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (there is also CVE-2019-6465 but we don't build dlz)