Izibuyekezo zokulungisa amagatsha azinzile weseva ye-BIND DNS 9.16.28 kanye ne-9.18.3 zishicilelwe, kanye nokukhishwa okusha kwegatsha lokuhlola 9.19.1. Ezinguqulweni ezingu-9.18.3 kanye no-9.19.1, ukuba sengozini (CVE-2022-1183) ekusetshenzisweni kwendlela ye-DNS-over-HTTPS, esekelwe kusukela kugatsha 9.18, ilungisiwe. Ukuba sengozini kubangela inqubo eshiwo ukuthi iphahlazeke uma uxhumo lwe-TLS kusibambi esisekelwe ku-HTTP lunqanyulwa ngaphambi kwesikhathi. Inkinga ithinta kuphela amaseva anikezela nge-DNS ngaphezulu kwezicelo ze-HTTPS (DoH). Amaseva amukela imibuzo ye-DNS phezu kwe-TLS (DoT) futhi angasebenzisi i-DoH awathintwa yile nkinga.
Ukukhishwa 9.18.3 nakho kwengeza ukuthuthukiswa kokusebenza okumbalwa. Ukwesekwa okwengeziwe kwenguqulo yesibili yezindawo zekhathalogi (βIzindawo Zekhathalogiβ), echazwe ohlakeni lwesihlanu lokucaciswa kwe-IETF. I-Zone Directory inikeza indlela entsha yokugcina amaseva esibili e-DNS lapho, esikhundleni sokuchaza amarekhodi ahlukene wendawo ngayinye yesibili kuseva yesibili, isethi ethile yezindawo zesibili idluliselwa phakathi kwamaseva ayinhloko nawesibili. Labo. Ngokusetha ukudluliswa kwemibhalo okufana nokudluliswa kwezindawo ngazinye, izindawo ezidalwe kuseva eyinhloko futhi zimakwe njengezifakiwe kuhlu lwemibhalo zizodalwa ngokuzenzakalelayo kuseva yesibili ngaphandle kwesidingo sokuhlela amafayela wokumisa.
Inguqulo entsha iphinda yengeze ukusekelwa kwamakhodi ephutha "Empendulo Emile" kanye "Nempendulo Emile ye-NXDOMAIN", akhishwe lapho impendulo endala ibuyiswa kunqolobane. okuqanjwe futhi kumbiwe kunokuqinisekisa okwakhelwe ngaphakathi kwezitifiketi zangaphandle ze-TLS, ezingasetshenziswa ukuze kusetshenziswe ukuqinisekiswa okuqinile noma okusebenzisanayo okusekelwe ku-TLS (RFC 9103).
Source: opennet.ru