[nsd-users] NSD 4.3.4 released
Wouter Wijngaards
wouter at nlnetlabs.nl
Tue Dec 1 12:40:41 UTC 2020
Hi,
NSD 4.3.4 is available:
https://nlnetlabs.nl/downloads/nsd/nsd-4.3.4.tar.gz
sha256 3be834a97151a7ba8185e46bc37ff12c2f25f399755ae8a2d0e3711801528b50
pgp https://nlnetlabs.nl/downloads/nsd/nsd-4.3.4.tar.gz.asc
This release fixes CVE-2020-28935, this solves a problem where the
pidfile is altered by a symlink, and fails if a symlink is encountered.
See https://nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt for more
information.
Also there are bug fixes and the syntax of the RR type ZONEMD can be
used in zonefiles.
4.3.4
================
FEATURES:
- Merge PR #141: ZONEMD RR type.
BUG FIXES:
- Fix #129: ambiguous use of errno, in log message if sendmmsg fails.
- Fix #128: Fix that the invalid port number is logged for sendmmsg
failed: Invalid argument.
- Fix #127: two minor `-Wcast-qual` cleanups
- Fix #126: minor header hygiene
- Fix #125: include config.h in compat/setproctitle.c and fix
prototype of `setproctitle`
- Fix #133: fix 0-init of local ( stack ) buffer.
- Fix missing parenthesis on size of fix to init buffer.
- Fix #134: IPV4_MINIMAL_RESPONSE_SIZE vs EDNS_MAX_MESSAGE_LEN.
- Fix to add missing closest encloser NSEC3 for wildcard nodata type
DS answer.
- Remove unused init_cfg_parse routine from configlexer.
- Fix #138: NSD returns non-EDNS answer when QUESTION is empty.
- Fix #142: NODATA answers missin SOA in authority section after
CNAME chain.
- Fix for CVE-2020-28935 : Fix that symlink does not interfere
with chown of pidfile.
Best regards, Wouter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20201201/e615878f/attachment.bin>
More information about the nsd-users
mailing list