Kugadziriswa kwekugadzirisa kumatavi akagadzikana eBIND DNS server 9.16.28 uye 9.18.3 akabudiswa, pamwe nekusunungurwa kutsva kwebazi rekuedza 9.19.1. Mushanduro 9.18.3 uye 9.19.1, kusagadzikana (CVE-2022-1183) mukushandiswa kweDNS-over-HTTPS mechanism, inotsigirwa kubva kubazi 9.18, yakagadziriswa. Kusagadzikana uku kunoita kuti maitiro ane zita aparadzike kana iyo TLS yekubatanidza kune HTTP-based handle ikamiswa nguva isati yakwana. Nyaya iyi inongobata maseva anoshandira DNS pamusoro peHTTPS (DoH) zvikumbiro. Masevha anotambira DNS pamusoro peTLS (DoT) mibvunzo uye asingashandisi DoH haabatike nenyaya iyi.
Kuburitswa 9.18.3 kunowedzerawo akati wandei mashandiro ekuvandudza. Yakawedzerwa rutsigiro rwechipiri vhezheni yekatalogi nzvimbo ("Catalog Zones"), inotsanangurwa muchishanu chinyorwa cheiyo IETF yakatarwa. Zone Directory inopa nzira nyowani yekuchengetedza yechipiri DNS maseva umo, pachinzvimbo chekutsanangura marekodhi akaparadzana ega ega yechipiri sevha pane yechipiri sevha, seti chaiyo yenzvimbo dzechipiri inotamiswa pakati pekutanga uye yechipiri maseva. Avo. Nekumisikidza dhairekitori rekufambisa rakafanana nekufambisa kwenzvimbo dzega, nzvimbo dzakagadzirwa pane yekutanga sevha uye yakanyorwa seyakaverengerwa mudhairekitori inozogadzirwa otomatiki pane yechipiri server pasina chikonzero chekugadzirisa mafaera ekugadzirisa.
Iyo vhezheni nyowani inowedzerawo rutsigiro rweakawedzera "Stale Mhinduro" uye "Stale NXDOMAIN Mhinduro" kukanganisa makodhi, anopihwa kana mhinduro yakare yadzoserwa kubva kucache. yakatumidzwa uye kuchera vane yakavakirwa-mukati yekusimbisa yekunze TLS zvitupa, izvo zvinogona kushandiswa kuita yakasimba kana yekubatana huchokwadi hwakavakirwa paTLS (RFC 9103).
Source: opennet.ru