diff options
| author | tonnerre <tonnerre@pkgsrc.org> | 2008-05-11 00:00:57 +0000 |
|---|---|---|
| committer | tonnerre <tonnerre@pkgsrc.org> | 2008-05-11 00:00:57 +0000 |
| commit | 7b9f66b40a495e3870674342e2ba57504e9c2711 (patch) | |
| tree | 0f91a68c02ac4dc0079a450a4a32ba494f876b38 /net/bind8 | |
| parent | 2c34c3429b4244d19cd573ab0e8b0dd62490af77 (diff) | |
| download | pkgsrc-7b9f66b40a495e3870674342e2ba57504e9c2711.tar.gz | |
Fix CVE-2008-0122 for libbind (as contained in bind). A misplaced boundary
check can be abused for implementation specific exploitation: depending on
the use of libbind, this can result in denial of service or even remote
code execution.
Diffstat (limited to 'net/bind8')
| -rw-r--r-- | net/bind8/Makefile | 3 | ||||
| -rw-r--r-- | net/bind8/distinfo | 3 | ||||
| -rw-r--r-- | net/bind8/patches/patch-ao | 16 |
3 files changed, 20 insertions, 2 deletions
diff --git a/net/bind8/Makefile b/net/bind8/Makefile index 5ba5a8f73d6..def3e6d3ec9 100644 --- a/net/bind8/Makefile +++ b/net/bind8/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.39 2007/11/17 12:04:13 rillig Exp $ +# $NetBSD: Makefile,v 1.40 2008/05/11 00:00:57 tonnerre Exp $ DISTNAME= bind-${BIND_VERSION} PKGNAME= ${DISTNAME}pl1 +PKGREVISION= 1 CATEGORIES= net MASTER_SITES= ftp://ftp.isc.org/isc/bind8/src/${BIND_VERSION}/ DISTFILES= bind-src.tar.gz bind-doc.tar.gz diff --git a/net/bind8/distinfo b/net/bind8/distinfo index aecaa014a47..ff422eb61f9 100644 --- a/net/bind8/distinfo +++ b/net/bind8/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.21 2007/09/10 19:05:01 adrianp Exp $ +$NetBSD: distinfo,v 1.22 2008/05/11 00:00:57 tonnerre Exp $ SHA1 (bind/8.4.7/8.4.7-p1.patch) = 21ace372a55ff10166c3aaefb9ca25889b8e9c99 RMD160 (bind/8.4.7/8.4.7-p1.patch) = 09787da6ebf107f680963ead6b9998f734244951 @@ -22,3 +22,4 @@ SHA1 (patch-ak) = db59ad1cda56adfffb75336781c4bd1ad1c79733 SHA1 (patch-al) = f03b3b5480d9294673cdb86cf0f45f48ce9ea895 SHA1 (patch-am) = 7acd974e10388dba0dcb44c28f2f03e18b7a1c28 SHA1 (patch-an) = 41b63a50756d9f73152fc8a48dbf93657064e90f +SHA1 (patch-ao) = 85ee16824e849ad227e04dbf71808446769438af diff --git a/net/bind8/patches/patch-ao b/net/bind8/patches/patch-ao new file mode 100644 index 00000000000..215ee201064 --- /dev/null +++ b/net/bind8/patches/patch-ao @@ -0,0 +1,16 @@ +$NetBSD: patch-ao,v 1.1 2008/05/11 00:00:57 tonnerre Exp $ + +--- src/lib/inet/inet_network.c.orig 2004-03-17 01:20:24.000000000 +0100 ++++ src/lib/inet/inet_network.c +@@ -84,9 +84,9 @@ again: + } + if (!digit) + return (INADDR_NONE); ++ if (pp >= parts + 4 || val > 0xffU) ++ return (INADDR_NONE); + if (*cp == '.') { +- if (pp >= parts + 4 || val > 0xffU) +- return (INADDR_NONE); + *pp++ = val, cp++; + goto again; + } |