Gitiles
Code Review Sign In
gerrit.nordix.org / thekelleys / dnsmasq / 38440b204db65f9be16c4c3daa7e991e4356f6ed^! / . / CHANGELOG
commit38440b204db65f9be16c4c3daa7e991e4356f6ed[log] [tgz]
authorSimon Kelley <simon@thekelleys.org.uk>Sun Apr 12 21:52:47 2015 +0100
committerSimon Kelley <simon@thekelleys.org.uk>Sun Apr 12 21:52:47 2015 +0100
treec717ce895a19ae9e9415b9e728fc4d488c02e34d
parentad4a8ff7d9097008d7623df8543df435bfddeac8 [diff] [blame]
Fix crash in auth code with odd configuration.

diff --git a/CHANGELOG b/CHANGELOG
index 9af6170..f2142c7 100644
--- a/CHANGELOG
+++ b/CHANGELOG

@@ -68,18 +68,31 @@
 	    Fix broken DNSSEC validation of ECDSA signatures.
 
 	    Add --dnssec-timestamp option, which provides an automatic
-	    way to detect when the system time becomes valid after boot
-	    on systems without an RTC, whilst allowing DNS queries before the
-	    clock is valid so that NTP can run. Thanks to
-	    Kevin Darbyshire-Bryant for developing this idea.
+	    way to detect when the system time becomes valid after 
+	    boot on systems without an RTC, whilst allowing DNS 
+	    queries before the clock is valid so that NTP can run. 
+	    Thanks to Kevin Darbyshire-Bryant for developing this idea.
 
 	    Add --tftp-no-fail option. Thanks to Stefan Tomanek for
 	    the patch.
 
-	    Fix crash caused by looking up servers.bind, CHAOS text record,
-	    when more than about five --servers= lines are in the dnsmasq
-	    config. This causes memory corruption which causes a crash later.
-	    Thanks to Matt Coddington for sterling work chasing this down.
+	    Fix crash caused by looking up servers.bind, CHAOS text 
+	    record, when more than about five --servers= lines are 
+	    in the dnsmasq config. This causes memory corruption 
+	    which causes a crash later. Thanks to Matt Coddington for 
+	    sterling work chasing this down.
+
+	    Fix crash on receipt of certain malformed DNS requests.
+	    Thanks to Nick Sampanis for spotting the problem.
+
+            Fix crash in authoritative DNS code, if a .arpa zone 
+	    is declared as authoritative, and then a PTR query which
+	    is not to be treated as authoritative arrived. Normally, 
+	    directly declaring .arpa zone as authoritative is not 
+	    done, so this crash wouldn't be seen. Instead the 
+	    relevant .arpa zone should be specified as a subnet
+	    in the auth-zone declaration. Thanks to Johnny S. Lee
+	    for the bugreport and initial patch.
 
 	
 version 2.72
@@ -125,10 +138,7 @@
             Fix problem with --local-service option on big-endian platforms
 	    Thanks to Richard Genoud for the patch.
 
-	    Fix crash on receipt of certain malformed DNS requests. Thanks
-	    to Nick Sampanis for spotting the problem.
 	
-
 version 2.71
             Subtle change to error handling to help DNSSEC validation 
 	    when servers fail to provide NODATA answers for