kho tshiab rau ruaj khov DNS server ceg , as Well as tam sim no nyob rau hauv txoj kev loj hlob sim ceg 9.15.2. Cov ntawv tshaj tawm tshiab hais txog qhov tsis zoo ntawm kev sib tw (CVE-2019-6471) uas tuaj yeem ua rau muaj kev tsis lees paub txog kev pabcuam (txhim kho qhov txheej txheem thaum lees paub) thaum muaj ntau cov pob khoom tuaj raug thaiv.
Tsis tas li ntawd, tus tshiab version 9.14.4 ntxiv kev txhawb nqa rau GeoIP2 API rau kev sib txuas cov chaw khaws ntaub ntawv raws li IP chaw nyob los ntawm lub tuam txhab.
MaxMind (ua haujlwm ntawm kev tsim nrog "--with-geoip2" kev xaiv). GeoIP2 tsis txhawb qee ACLs (xws li network ceev, lub koom haum, thiab lub teb chaws chaws) yav dhau los txhawb nqa rau GeoIP API qub, uas tsis tau tswj hwm los ntawm MaxMind lawm. Cov metrics tshiab dnssec-kos npe thiab dnssec-refresh kuj tau ntxiv nrog cov txee rau tus naj npawb ntawm cov tsim thiab hloov tshiab DNSSEC kos npe.
Tsis tas li ntawd, nws tuaj yeem raug sau tseg DNS server Knot 2.8.3, uas tau ntxiv daim ntawv pov thawj / cov ntaub ntawv tseem ceeb rau TLS rau kdig, nce cov ntaub ntawv cov ntsiab lus ntawm cov ntawv nkag rau offline-KSK kos npe thiab RRL module, thiab nthuav dav DNSSEC configuration checks.
Knot Resolver 4.1.0 hloov tshiab kuj tau tso tawm, uas tshem tawm (CVE-2019-10190, CVE-2019-10191): Muaj peev xwm hla DNSSEC tshawb xyuas rau cov lus nug uas ploj lawm (NXDOMAIN) thiab muaj peev xwm rov thim rov qab DNSSEC-tiv thaiv sau npe mus rau qhov tsis muaj kev tiv thaiv DNSSEC lub xeev ntawm pob ntawv spoofing.
Tau qhov twg los: opennet.ru