src - FreeBSD source tree

diff options

author	Gordon Tetlow <gordon@FreeBSD.org>	2025-11-21 21:24:58 +0000
committer	Gordon Tetlow <gordon@FreeBSD.org>	2025-11-26 15:57:33 +0000
commit	2a3a6a1771148a709c2d9694c1d66c41ce8dee79 (patch)
tree	6b8e9fe71dbe15316e132a1050dce525beb09a12 /contrib/bind9/lib/bind/nameser/(public-mirror)
parent	821774dfbdaa12ef072ff7eaea8f9966a7e63935 (diff)

Mitigate YXDOMAIN and nodata non-referral answer poisoning.HEAD main

Add a fix to apply scrubbing of unsolicited NS RRSets (and their respective address records) for YXDOMAIN and nodata non-referral answers. This prevents a malicious actor from exploiting a possible cache poison attack. Obtained from: NLnet Labs Security: CVE-2025-11411

Diffstat (limited to 'contrib/bind9/lib/bind/nameser/(public-mirror)')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: