8000 Release v3.6.0 · dnsjava/dnsjava · GitHub
[go: up one dir, main page]
Skip to content

v3.6.0
Compare
Choose a tag to compare
@ibauersachs ibauersachs released this 21 Jul 13:18
· 49 commits to master since this release
v3.6.0
This tag was signed with the committer’s verified signature.
ibauersachs Ingo Bauersachs
GPG key ID: 3449EC3AC2EFE8AA
Verified
Learn about vigilant mode.
fd1d7c9
  • Fix CVE-2024-25638 (GHSA-cfxw-4h78-h7fw)
    Lookup and LookupSession do not sanitize input properly, allowing to smuggle additional responses, even with DNSSEC. I would like to thank Thomas Bellebaum from Fraunhofer AISEC (@bellebaum) and Martin Schanzenbach (@schanzen) for reporting and assisting me with this issue.
  • Fix CVE-2023-50387 (GHSA-crjg-w57m-rqqf)
    Denial-of-Service Algorithmic Complexity Attacks (KeyTrap)
  • Fix CVE-2023-50868 (GHSA-mmwx-rj87-vfgr)
    NSEC3 closest encloser proof can exhaust CPU resources (KeyTrap)
  • Fix running all DNSSEC on the specified executor
  • Add new DNSSEC algorithm constants for SM2SM3 and ECC-GOST12
  • Add A/AAAA record constructor with IP address byte array
  • Validate DS record digest lengths (#250)
  • Fix NPE in SimpleResolver on invalid responses (#277)
  • Add support for JEP 418: Internet-Address Resolution SPI (#290)
  • Full JPMS support (#246)
  • Pluggable I/O for SimpleResolver
    (@chrisruffalo, #253)
  • UDP port leak in SimpleResolver (#318)
  • Fix clean shutdown in app containers when never used (#319)
  • Fix concurrency issue in I/O clients (#315, #323)
  • LookupSession doesn't cache CNAMEs (#316)
  • SimpleResolver can fail with UPDATE response (#322)
  • Replace synchronization in Zone with locks
    (#305, based on work from @srijeet0406 in #306)

Contributors

schanzen, chrisruffalo, and 2 other contributors
Assets 2
Loading
0