svn commit: r253837 - in vendor/bind9/dist: . lib/dns/rdata/generic
Erwin Lansing
erwin at FreeBSD.org
Wed Jul 31 11:42:43 UTC 2013
Author: erwin
Date: Wed Jul 31 11:42:42 2013
New Revision: 253837
URL: http://svnweb.freebsd.org/changeset/base/253837
Log:
Vendor import of BIND 9.8.5-P2
Approved by: delphij (mentor, implicit)
Sponsored by: DK Hostmaster A/S
Modified:
vendor/bind9/dist/CHANGES
vendor/bind9/dist/lib/dns/rdata/generic/keydata_65533.c
vendor/bind9/dist/version
Modified: vendor/bind9/dist/CHANGES
==============================================================================
--- vendor/bind9/dist/CHANGES Wed Jul 31 11:36:20 2013 (r253836)
+++ vendor/bind9/dist/CHANGES Wed Jul 31 11:42:42 2013 (r253837)
@@ -1,3 +1,9 @@
+ --- 9.8.5-P2 released ---
+
+3621. [security] Incorrect bounds checking on private type 'keydata'
+ can lead to a remotely triggerable REQUIRE failure
+ (CVE-2013-4854). [RT #34238]
+
--- 9.8.5-P1 released ---
3584. [security] Caching data from an incompletely signed zone could
Modified: vendor/bind9/dist/lib/dns/rdata/generic/keydata_65533.c
==============================================================================
--- vendor/bind9/dist/lib/dns/rdata/generic/keydata_65533.c Wed Jul 31 11:36:20 2013 (r253836)
+++ vendor/bind9/dist/lib/dns/rdata/generic/keydata_65533.c Wed Jul 31 11:42:42 2013 (r253837)
@@ -176,7 +176,7 @@ fromwire_keydata(ARGS_FROMWIRE) {
UNUSED(options);
isc_buffer_activeregion(source, &sr);
- if (sr.length < 4)
+ if (sr.length < 16)
return (ISC_R_UNEXPECTEDEND);
isc_buffer_forward(source, sr.length);
Modified: vendor/bind9/dist/version
==============================================================================
--- vendor/bind9/dist/version Wed Jul 31 11:36:20 2013 (r253836)
+++ vendor/bind9/dist/version Wed Jul 31 11:42:42 2013 (r253837)
@@ -9,4 +9,4 @@ MAJORVER=9
MINORVER=8
PATCHVER=5
RELEASETYPE=-P
-RELEASEVER=1
+RELEASEVER=2
More information about the svn-src-all
mailing list