svn commit: r253696 - stable/8/contrib/bind9/lib/dns/rdata/generic
Xin LI
delphij at FreeBSD.org
Fri Jul 26 22:53:18 UTC 2013
Author: delphij
Date: Fri Jul 26 22:53:17 2013
New Revision: 253696
URL: http://svnweb.freebsd.org/changeset/base/253696
Log:
Fix Denial of Service vulnerability in named(8). [13:07]
Security: CVE-2013-4854
Security: FreeBSD-SA-13:07.bind
Approved by: so
Modified:
stable/8/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c
Modified: stable/8/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c
==============================================================================
--- stable/8/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Fri Jul 26 22:43:09 2013 (r253695)
+++ stable/8/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Fri Jul 26 22:53:17 2013 (r253696)
@@ -176,7 +176,7 @@ fromwire_keydata(ARGS_FROMWIRE) {
UNUSED(options);
isc_buffer_activeregion(source, &sr);
- if (sr.length < 4)
+ if (sr.length < 16)
return (ISC_R_UNEXPECTEDEND);
isc_buffer_forward(source, sr.length);
More information about the svn-src-stable
mailing list