src - FreeBSD source tree

diff options

author	Gordon Tetlow <gordon@FreeBSD.org>	2025-11-21 21:24:58 +0000
committer	Gordon Tetlow <gordon@FreeBSD.org>	2025-11-26 16:02:20 +0000
commit	2aed524b2329fd4af929c7b6ef97fcdb02391177 (patch)
tree	8a7d3fcd0d995da5d58c23999332a28bcf4bcf3d /contrib/netbsd-tests/ipf
parent	111b60a2fddca6051c6e782c4a9a4da258ed4cdf (diff)

Mitigate YXDOMAIN and nodata non-referral answer poisoning.stable/13

Add a fix to apply scrubbing of unsolicited NS RRSets (and their respective address records) for YXDOMAIN and nodata non-referral answers. This prevents a malicious actor from exploiting a possible cache poison attack. Obtained from: NLnet Labs Security: FreeBSD-SA-25:10.unbound Security: CVE-2025-11411 (cherry picked from commit 2a3a6a1771148a709c2d9694c1d66c41ce8dee79)

Diffstat (limited to 'contrib/netbsd-tests/ipf')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: