svn commit: r222416 - in releng: 7.3 7.3/contrib/bind9/lib/dns
7.3/sys/conf 7.4 7.4/contrib/bind9/lib/dns 7.4/sys/conf 8.1
8.1/contrib/bind9/lib/dns 8.1/sys/conf 8.2
8.2/contrib/bind9/lib/dns 8.2/s...
Simon L. Nielsen
simon at FreeBSD.org
Sat May 28 08:44:40 UTC 2011
Author: simon
Date: Sat May 28 08:44:39 2011
New Revision: 222416
URL: http://svn.freebsd.org/changeset/base/222416
Log:
Fix an off by one which can result in a assertion failure in BIND
related to large RRSIG RRsets and Negative Caching. This can cause
named to crash.
Security: FreeBSD-SA-11:02.bind
Security: CVE-2011-1910
Security: https://www.isc.org/software/bind/advisories/cve-2011-1910
Obtained from: ISC
Approved by: so (simon)
Modified:
releng/7.3/UPDATING
releng/7.3/contrib/bind9/lib/dns/ncache.c
releng/7.3/sys/conf/newvers.sh
releng/7.4/UPDATING
releng/7.4/contrib/bind9/lib/dns/ncache.c
releng/7.4/sys/conf/newvers.sh
releng/8.1/UPDATING
releng/8.1/contrib/bind9/lib/dns/ncache.c
releng/8.1/sys/conf/newvers.sh
releng/8.2/UPDATING
releng/8.2/contrib/bind9/lib/dns/ncache.c
releng/8.2/sys/conf/newvers.sh
Modified: releng/7.3/UPDATING
==============================================================================
--- releng/7.3/UPDATING Sat May 28 08:43:24 2011 (r222415)
+++ releng/7.3/UPDATING Sat May 28 08:44:39 2011 (r222416)
@@ -8,6 +8,10 @@ Items affecting the ports and packages s
/usr/ports/UPDATING. Please read that file before running
portupgrade.
+20110528: p6 FreeBSD-SA-11:02.bind
+ Fix BIND remote DoS with large RRSIG RRsets and negative
+ caching.
+
20110420: p5 FreeBSD-SA-11:01.mountd
Fix CIDR parsing bug in mountd ACLs.
Modified: releng/7.3/contrib/bind9/lib/dns/ncache.c
==============================================================================
--- releng/7.3/contrib/bind9/lib/dns/ncache.c Sat May 28 08:43:24 2011 (r222415)
+++ releng/7.3/contrib/bind9/lib/dns/ncache.c Sat May 28 08:44:39 2011 (r222416)
@@ -160,7 +160,7 @@ dns_ncache_add(dns_message_t *message, d
*/
isc_buffer_availableregion(&buffer,
&r);
- if (r.length < 2)
+ if (r.length < 3)
return (ISC_R_NOSPACE);
isc_buffer_putuint16(&buffer,
rdataset->type);
Modified: releng/7.3/sys/conf/newvers.sh
==============================================================================
--- releng/7.3/sys/conf/newvers.sh Sat May 28 08:43:24 2011 (r222415)
+++ releng/7.3/sys/conf/newvers.sh Sat May 28 08:44:39 2011 (r222416)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="7.3"
-BRANCH="RELEASE-p5"
+BRANCH="RELEASE-p6"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/7.4/UPDATING
==============================================================================
--- releng/7.4/UPDATING Sat May 28 08:43:24 2011 (r222415)
+++ releng/7.4/UPDATING Sat May 28 08:44:39 2011 (r222416)
@@ -8,6 +8,10 @@ Items affecting the ports and packages s
/usr/ports/UPDATING. Please read that file before running
portupgrade.
+20110528: p2 FreeBSD-SA-11:02.bind
+ Fix BIND remote DoS with large RRSIG RRsets and negative
+ caching.
+
20110420: p1 FreeBSD-SA-11:01.mountd
Fix CIDR parsing bug in mountd ACLs.
Modified: releng/7.4/contrib/bind9/lib/dns/ncache.c
==============================================================================
--- releng/7.4/contrib/bind9/lib/dns/ncache.c Sat May 28 08:43:24 2011 (r222415)
+++ releng/7.4/contrib/bind9/lib/dns/ncache.c Sat May 28 08:44:39 2011 (r222416)
@@ -175,7 +175,7 @@ dns_ncache_add(dns_message_t *message, d
*/
isc_buffer_availableregion(&buffer,
&r);
- if (r.length < 2)
+ if (r.length < 3)
return (ISC_R_NOSPACE);
isc_buffer_putuint16(&buffer,
rdataset->type);
Modified: releng/7.4/sys/conf/newvers.sh
==============================================================================
--- releng/7.4/sys/conf/newvers.sh Sat May 28 08:43:24 2011 (r222415)
+++ releng/7.4/sys/conf/newvers.sh Sat May 28 08:44:39 2011 (r222416)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="7.4"
-BRANCH="RELEASE-p1"
+BRANCH="RELEASE-p2"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/8.1/UPDATING
==============================================================================
--- releng/8.1/UPDATING Sat May 28 08:43:24 2011 (r222415)
+++ releng/8.1/UPDATING Sat May 28 08:44:39 2011 (r222416)
@@ -15,6 +15,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.
debugging tools present in HEAD were left in place because
sun4v support still needs work to become production ready.
+20110528: p4 FreeBSD-SA-11:02.bind
+ Fix BIND remote DoS with large RRSIG RRsets and negative
+ caching.
+
20110420: p3 FreeBSD-SA-11:01.mountd
Fix CIDR parsing bug in mountd ACLs.
Modified: releng/8.1/contrib/bind9/lib/dns/ncache.c
==============================================================================
--- releng/8.1/contrib/bind9/lib/dns/ncache.c Sat May 28 08:43:24 2011 (r222415)
+++ releng/8.1/contrib/bind9/lib/dns/ncache.c Sat May 28 08:44:39 2011 (r222416)
@@ -185,7 +185,7 @@ dns_ncache_addoptout(dns_message_t *mess
*/
isc_buffer_availableregion(&buffer,
&r);
- if (r.length < 2)
+ if (r.length < 3)
return (ISC_R_NOSPACE);
isc_buffer_putuint16(&buffer,
rdataset->type);
Modified: releng/8.1/sys/conf/newvers.sh
==============================================================================
--- releng/8.1/sys/conf/newvers.sh Sat May 28 08:43:24 2011 (r222415)
+++ releng/8.1/sys/conf/newvers.sh Sat May 28 08:44:39 2011 (r222416)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="8.1"
-BRANCH="RELEASE-p3"
+BRANCH="RELEASE-p4"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/8.2/UPDATING
==============================================================================
--- releng/8.2/UPDATING Sat May 28 08:43:24 2011 (r222415)
+++ releng/8.2/UPDATING Sat May 28 08:44:39 2011 (r222416)
@@ -15,6 +15,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.
debugging tools present in HEAD were left in place because
sun4v support still needs work to become production ready.
+20110528: p2 FreeBSD-SA-11:02.bind
+ Fix BIND remote DoS with large RRSIG RRsets and negative
+ caching.
+
20110420: p1 FreeBSD-SA-11:01.mountd
Fix CIDR parsing bug in mountd ACLs.
Modified: releng/8.2/contrib/bind9/lib/dns/ncache.c
==============================================================================
--- releng/8.2/contrib/bind9/lib/dns/ncache.c Sat May 28 08:43:24 2011 (r222415)
+++ releng/8.2/contrib/bind9/lib/dns/ncache.c Sat May 28 08:44:39 2011 (r222416)
@@ -186,7 +186,7 @@ dns_ncache_addoptout(dns_message_t *mess
*/
isc_buffer_availableregion(&buffer,
&r);
- if (r.length < 2)
+ if (r.length < 3)
return (ISC_R_NOSPACE);
isc_buffer_putuint16(&buffer,
rdataset->type);
Modified: releng/8.2/sys/conf/newvers.sh
==============================================================================
--- releng/8.2/sys/conf/newvers.sh Sat May 28 08:43:24 2011 (r222415)
+++ releng/8.2/sys/conf/newvers.sh Sat May 28 08:44:39 2011 (r222416)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="8.2"
-BRANCH="RELEASE-p1"
+BRANCH="RELEASE-p2"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
More information about the svn-src-all
mailing list