Import bind 9.20.24 (previous was 9.20.23)
Security Fixes
==============
Fix DNS64 owner case after DNAME restart. 4de2229364
When BIND 9 is configured to use DNS64 and encounters a DNAME redirect, it
could end up using freed memory for the DNS response owner name. This caused
the response to contain corrupted data. This fix ensures the correct owner
name is used when constructing the synthesized response after a DNAME
redirect.
ISC thanks Qifan Zhang of Palo Alto Networks for reporting the issue. [GL #5934]
New Features
============
Enable PR-Agent reviews on merge requests. 46e4c236a3
Adds a CI job that runs PR-Agent against each merge request opened from the
[143 lines not shown]
tmux/prepare-import.sh - script cleanups
A bunch of minor changes that really affect nothing, but
be sure to never use "test ... -a ...", and avoid using
local "var=$(cmdsub)"
or the status from the cmdsub is ignored, do it in 2 commands
local var
var=$(cmdsub)
[And yes, the quotes are needed in the former version, not in the new.]
Also, after setting a trap to cleanup in case of a signal, remove it
again after the cleanup has been done.
Fix up EHCI handoff from firmware on Sam460ex.
Sam460ex uses an external ULPI PHY. EHCI HCRESET resets only the on-chip
core, never the external PHY, so it inherited the bad state. Workaround
that.
Prevent a DoS attack by stuffing the server with too many fragments that
can lead to resource exhaustion and memory corruption. Reported by Andrew
Griffiths
Make SPPP_KEEPALIVE_INTERVAL configurable for rump_server
This allows changing the keepalive interval when running inside
rump_server, which is useful for testing.
