[ol8_appstream] bind-pkcs11-32:9.11.36-11.el8_9.1.x86_64

This is a version of BIND server built with native PKCS#11 functionality.
It is important to have SoftHSM v2+ installed and some token initialized.
For other supported HSM modules please check the BIND documentation.

Changelog (Show File list) (Show related packages)

• Mon Feb 26 2024 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-11.1

  - Speed up parsing of DNS messages with many different names (CVE-2023-4408)
  - Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387 CVE-2023-50868)
  - Do not use header_prev in expire_lru_headers

• Tue Sep 19 2023 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-11

  - Prevent exahustion of memory from control channel (CVE-2023-3341)

• Thu Jun 22 2023 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-10

  - Prevent the cache going over the configured limit (CVE-2023-2828)

• Wed Feb 08 2023 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-9

  - Prevent flooding with UPDATE requests (CVE-2022-3094)
  - include upstream test for that change

• Thu Oct 13 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-8

  - Correct regression preventing bind-dyndb-ldap build (#2133889)

• Thu Sep 29 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-7

  - Prevent excessive resource use while processing large delegations.
    (CVE-2022-2795)

• Thu Sep 22 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-6

  - Prevent freeing zone during statistics rendering (#2101712)

• Thu Sep 22 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-5

  - Fix memory leak in ECDSA verify processing (CVE-2022-38177)
  - Fix memory leak in EdDSA verify processing (CVE-2022-38178)

• Wed Apr 13 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-4

  - Tighten cache protection against record from forwarders (CVE-2021-25220)
  - Include test of forwarders

• Thu Feb 10 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-2

  - Reduce memory used per-view on machine with few processors (#2030239)