Cusboonaysiinta saxda ah ee laamaha xasilloon ee BIND DNS server 9.11.22 iyo 9.16.6, iyo sidoo kale laanta tijaabada 9.17.4, taas oo ku jirta horumarka. 5 baylahda ayaa go'an siidaynta cusub. Nuglaanta ugu khatarsan () Meel fog ka keen diidmada adeegga adoo u diraya xirmo gaar ah dekedda TCP ee aqbala isku xirka BIND. Diridda codsiyada AXFR ee aan caadiga ahayn ee weyn dekedda TCP, xaqiiqda ah in maktabadda libuv ee u adeegaya isku xirka TCP ay u gudbin doonto cabbirka server-ka, taasoo keentay in hubinta caddaynta la kiciyo iyo habka uu dhammaanayo.
Nuglaanta kale:
- -Weeraruhu waxa uu kicin karaa hubinta caddaynta oo uu jebin karaa xaliyaha marka uu isku dayayo in uu yareeyo QNAME ka dib marka uu hagayo codsi. Dhibaatadu waxay ka muuqataa kaliya serfarada leh QNAME yaraynta karti u leh oo ku socota qaabka 'horumarka hore'
- -Weeraruhu wuxuu bilaabi karaa hubinta caddaynta iyo joojinta degdegga ah ee socodka shaqada haddii server-ka DNS ee weerarka soo celiyay jawaabaha khaldan ee saxiixa TSIG isagoo ka jawaabaya codsi ka yimid server-ka DNS dhibbanaha.
- -Weeruhu waxa uu kicin karaa hubinta caddaynta iyo joojinta degdegga ah ee maamulaha isaga oo soo diraya codsiyo aag si gaar ah loo nashqadeeyey oo ku saxeexan furaha RSA. Dhibaatadu waxay soo baxdaa kaliya marka la dhisayo serverka leh "-enable-native-pkcs11" doorashada.
- - Weeraryahan awood u leh inuu beddelo waxyaabaha ku jira meelaha qaarkood ee aagagga DNS wuxuu heli karaa mudnaanta dheeraadka ah si uu u beddelo waxyaabaha kale ee aagga DNS.
Source: opennet.ru