Major DNS Bug 23.01 with Quad9 on SSL
-
If you want to discuss the merits/worth of DoT that should also be moved to a new thread. It's not relevant to solving this problem. Let's keep this on topic.
-
@jimp Yessir! I'm done though.
-
H haraldinho referenced this topic on
-
There seems to be some good news:
"Jaap Akkerhuis 2023-06-01 12:41:18 UTC
A fix is developed by upstairs. There will be a new release within weeks with this fix. For the inpatients among us, a prerelease is made available https://github.com/NLnetLabs/unbound/issues/887#issuecomment-1570136710." -
T TAC57 referenced this topic on
-
A potential upstream 'fix' or improvement for ASLR:
https://www.freebsd.org/security/advisories/FreeBSD-EN-23:15.sanitizer.asc
II. Problem Description Some of the Sanitizers cannot work correctly when ASLR is enabled. Therefore, at the initialization of such Sanitizers, ASLR is detected via procctl(2). If ASLR is enabled, it is first disabled, and then the main executable containing the Sanitizer is re-executed, after printing an appropriate message. However, the Sanitizers work by intercepting various function calls, and by mistake the already-intercepted procctl(2) function was used. This causes an internal error, which usually results in a segfault.VI. Correction details This issue is corrected as of the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/14/ 1e4798e9677f stable/14-n265803 releng/14.0/ 78b4c762b20b releng/14.0-n265381 stable/13/ 7c25a53a2cb9 stable/13-n256726 - -------------------------------------------------------------------------
๏ธ -
While we are likely to include the patch from that EN in future builds it isn't relevant to Unbound.
They only use those sanitizers for debug/test builds and not for normal/production builds.
