diff options
| author | tron <tron> | 2015-09-03 20:03:06 +0000 |
|---|---|---|
| committer | tron <tron> | 2015-09-03 20:03:06 +0000 |
| commit | b00358682bcd1962dfc7b2f34c50822f9e596fdf (patch) | |
| tree | 6944431462f8ff8dde41ed958ebfefa1a9310744 | |
| parent | c90e4ac7cb43f34d1aedd68f93cb5fa8271363eb (diff) | |
| download | pkgsrc-b00358682bcd1962dfc7b2f34c50822f9e596fdf.tar.gz | |
Pullup ticket #4810 - requested by sevan & taca
net/bind99: security update
Revisions pulled up:
- net/bind99/Makefile 1.47-1.48
- net/bind99/distinfo 1.31-1.32
- net/bind99/patches/patch-lib_dns_hmac_link.c deleted
- net/bind99/patches/patch-lib_dns_include_dst_dst.h deleted
- net/bind99/patches/patch-lib_dns_ncache.c deleted
- net/bind99/patches/patch-lib_dns_openssldh_link.c deleted
- net/bind99/patches/patch-lib_dns_openssldsa_link.c deleted
- net/bind99/patches/patch-lib_dns_opensslecdsa_link.c deleted
- net/bind99/patches/patch-lib_dns_opensslsslrsa_link.c deleted
- net/bind99/patches/patch-lib_dns_rdata_generic_openpgpkey_61.c deleted
- net/bind99/patches/patch-lib_dns_resolver.c deleted
---
Module Name: pkgsrc
Committed By: sevan
Date: Wed Sep 2 19:44:28 UTC 2015
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Added Files:
pkgsrc/net/bind99/patches: patch-lib_dns_hmac_link.c
patch-lib_dns_include_dst_dst.h patch-lib_dns_ncache.c
patch-lib_dns_openssldh_link.c patch-lib_dns_openssldsa_link.c
patch-lib_dns_opensslecdsa_link.c
patch-lib_dns_opensslsslrsa_link.c
patch-lib_dns_rdata_generic_openpgpkey_61.c
patch-lib_dns_resolver.c
Log Message:
Patch CVE-2015-5722 & CVE-2015-5986
Bump rev
CVE-2015-5722 - Parsing malformed keys may cause BIND to exit due to a failed
assertion in buffer.c
https://kb.isc.org/article/AA-01287/0
CVE-2015-5986 - An incorrect boundary check can trigger a REQUIRE assertion
failure in openpgpkey_61.c
https://kb.isc.org/article/AA-01291/0
Reviewed by wiz@
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Sep 3 00:35:03 UTC 2015
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Removed Files:
pkgsrc/net/bind99/patches: patch-lib_dns_hmac_link.c
patch-lib_dns_include_dst_dst.h patch-lib_dns_ncache.c
patch-lib_dns_openssldh_link.c patch-lib_dns_openssldsa_link.c
patch-lib_dns_opensslecdsa_link.c
patch-lib_dns_opensslsslrsa_link.c
patch-lib_dns_rdata_generic_openpgpkey_61.c
patch-lib_dns_resolver.c
Log Message:
Update bind99 to 9.9.7pl3 (BIND 9.9.7-P3).
(These security fixes are already done by bind-9.9.7pl2nb1.)
--- 9.9.7-P3 released ---
4170. [security] An incorrect boundary check in the OPENPGPKEY
rdatatype could trigger an assertion failure.
(CVE-2015-5986) [RT #40286]
4168. [security] A buffer accounting error could trigger an
assertion failure when parsing certain malformed
DNSSEC keys. (CVE-2015-5722) [RT #40212]
| -rw-r--r-- | net/bind99/Makefile | 4 | ||||
| -rw-r--r-- | net/bind99/distinfo | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/net/bind99/Makefile b/net/bind99/Makefile index 552bd788a04..88f76980201 100644 --- a/net/bind99/Makefile +++ b/net/bind99/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.44.2.2 2015/08/01 08:50:30 tron Exp $ +# $NetBSD: Makefile,v 1.44.2.3 2015/09/03 20:03:06 tron Exp $ DISTNAME= bind-${BIND_VERSION} PKGNAME= ${DISTNAME:S/-P/pl/} @@ -14,7 +14,7 @@ CONFLICTS+= host-[0-9]* MAKE_JOBS_SAFE= no -BIND_VERSION= 9.9.7-P2 +BIND_VERSION= 9.9.7-P3 .include "../../mk/bsd.prefs.mk" diff --git a/net/bind99/distinfo b/net/bind99/distinfo index 2ea5e1c7106..5b82f7577dd 100644 --- a/net/bind99/distinfo +++ b/net/bind99/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.28.4.2 2015/08/01 08:50:30 tron Exp $ +$NetBSD: distinfo,v 1.28.4.3 2015/09/03 20:03:06 tron Exp $ -SHA1 (bind-9.9.7-P2.tar.gz) = 2c3620765911c154340f4d19ec5c8978edb84942 -RMD160 (bind-9.9.7-P2.tar.gz) = a6d2c6738281895a6ed87e5a168c7e35e7fc5fac -Size (bind-9.9.7-P2.tar.gz) = 7935877 bytes +SHA1 (bind-9.9.7-P3.tar.gz) = 44786ddeb1b35eb61d521c9e46375dae7d85f378 +RMD160 (bind-9.9.7-P3.tar.gz) = a6506df81a2a8e7ab81b1eece846d906deac64eb +Size (bind-9.9.7-P3.tar.gz) = 7939885 bytes SHA1 (patch-bin_dig_dighost.c) = a18a3d98c85ce8962024d53e01159fd95f99cae4 SHA1 (patch-bin_tests_system_Makefile.in) = 483fca89658263f5c1f974ce1151721835355aa8 SHA1 (patch-config.threads.in) = 227b83efe9cb3e301aaac9b97cf42f1fb8ad06b2 |