Replies: 1 comment 2 replies
-
|
Thanks for asking. This issue has been mitigated in v12.0 itself which you can read in the change log. |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
I searched for the CVEs and the term DNSBOMB yet could not find anything. Thanks for the reference. |
Beta Was this translation helpful? Give feedback.
-
|
Yes, I have not updated the change log with details. Will get it done soon. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I recently came across this page mentioning a new attack called DNSBOMB
https://dnsbomb.net/
The page mentions two CVEs regarding the issue but the links are broken.
Though it requires IP spoofing and some owned domains for amplification and impacting only public domain servers, the article mentions that the authors got in contact. I wondered if it is considered to be fixed in the future or a WONTFIX issue.
Beta Was this translation helpful? Give feedback.
All reactions