[ol7_latest] bind-pkcs11-32:9.11.4-26.P2.el7_9.14.aarch64

This is a version of BIND server built with native PKCS#11 functionality.
It is important to have SoftHSM v2+ installed and some token initialized.
For other supported HSM modules please check the BIND documentation.
This version of BIND binary is supported only in setup with the IPA server.

Changelog (Show File list) (Show related packages)

• Mon Jul 03 2023 Stepan Broz <sbroz@redhat.com> - 2:9.11.4-26.P2.14

  - Prevent the cache going over the configured limit (CVE-2023-2828)

• Wed Dec 14 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.13

  - Tighten cache protection against record from forwarders (CVE-2021-25220)

• Wed Dec 14 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.12

  - Include test of forwarders (CVE-2021-25220)

• Thu Sep 29 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.11

  - Prevent excessive resource use while processing large delegations.
    (CVE-2022-2795)

• Thu Sep 22 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.10

  - Fix memory leak in ECDSA verify processing (CVE-2022-38177)
  - Fix memory leak in EdDSA verify processing (CVE-2022-38178)

• Mon Jan 24 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.9

  - Fix possible assertion failure isc_refcount_current == 0 in free_rbtdb
    (#1935152)

• Thu Oct 14 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.8

  - Prevent a race after zone load (#2011220)

• Tue Jul 13 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.7

  - Apply again patch 172, got removed by mistake

• Mon May 17 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.6

  - Insufficient IXFR checks could lead to assertion failure (CVE-2021-25214)

• Tue Apr 27 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.5

  - Possible assertion failure on DNAME processing (CVE-2021-25215)