[nsd-users] NSD 4.1.11rc1 maintainers prerelease

W.C.A. Wijngaards wouter at nlnetlabs.nl
Mon Aug 1 07:40:22 UTC 2016


NSD 4.1.11rc1 maintainers prerelease is available:
sha1 ced7b2a5e8d6229496dd8ff6ab1be7d89b820f01
sha256 4414c46fef8221c2d5c910b15b6d8d827243e6f29ca080bd5ff2dc7abe1794d1
pgp http://www.nlnetlabs.nl/downloads/nsd/nsd-4.1.11rc1.tar.gz.asc

This is the maintainers prerelease, for package tests.

This release contains a patch for the unlimited AXFR vulnerability; with
a config option to limit AXFR sizes.

Bug fixes when without IPv6 and for serving DS records with no NS record
in parent-child co-hosted setups.

- When tcp is more than half full, use short timeout for tcp session.
- Patch for {max,min}-{refresh,retry}-time from YAMAGUCHI Takanori.
- Fix #790: size-limit-xfr can stop NSD from downloading infinite zone
  transfer data size, from Toshifumi Sakaguchi.  Fixes CVE-2016-6173
  JVN#63359718 JPCERT#91251865.

- Fix build without IPv6, patch from Zdenek Kaspar.
- Fix #783: Trying to run a root server without having configured it
  silently gives wrong answers.
- Fix #782: Serve DS record but parent zone has no NS record.

Best regards, Wouter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20160801/25487546/attachment.bin>

More information about the nsd-users mailing list