diff options
| author | tonnerre <tonnerre@pkgsrc.org> | 2008-05-11 00:00:57 +0000 |
|---|---|---|
| committer | tonnerre <tonnerre@pkgsrc.org> | 2008-05-11 00:00:57 +0000 |
| commit | 7b9f66b40a495e3870674342e2ba57504e9c2711 (patch) | |
| tree | 0f91a68c02ac4dc0079a450a4a32ba494f876b38 /net/bind9 | |
| parent | 2c34c3429b4244d19cd573ab0e8b0dd62490af77 (diff) | |
| download | pkgsrc-7b9f66b40a495e3870674342e2ba57504e9c2711.tar.gz | |
Fix CVE-2008-0122 for libbind (as contained in bind). A misplaced boundary
check can be abused for implementation specific exploitation: depending on
the use of libbind, this can result in denial of service or even remote
code execution.
Diffstat (limited to 'net/bind9')
| -rw-r--r-- | net/bind9/Makefile | 4 | ||||
| -rw-r--r-- | net/bind9/distinfo | 3 | ||||
| -rw-r--r-- | net/bind9/patches/patch-ap | 16 |
3 files changed, 20 insertions, 3 deletions
diff --git a/net/bind9/Makefile b/net/bind9/Makefile index 87bd9b2a6b6..78c574572c3 100644 --- a/net/bind9/Makefile +++ b/net/bind9/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.96 2008/04/12 22:43:08 jlam Exp $ +# $NetBSD: Makefile,v 1.97 2008/05/11 00:00:59 tonnerre Exp $ DISTNAME= bind-${BIND_VERSION} PKGNAME= ${DISTNAME:S/-P1/pl1/} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= net MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ diff --git a/net/bind9/distinfo b/net/bind9/distinfo index 8fa2be25df6..93fd2dec68a 100644 --- a/net/bind9/distinfo +++ b/net/bind9/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.34 2007/08/08 18:32:46 reed Exp $ +$NetBSD: distinfo,v 1.35 2008/05/11 00:00:59 tonnerre Exp $ SHA1 (bind-9.4.1-P1.tar.gz) = c65bfd3d6ff1dd78b678fe350e323bfb6d47fe1b RMD160 (bind-9.4.1-P1.tar.gz) = ced75a96098d78a7fdd8cc1d1e3daf2ad142ee9f @@ -14,3 +14,4 @@ SHA1 (patch-al) = eb6a52d3f865639447ec6f9019c0ea1d2122b772 SHA1 (patch-am) = bb267f13dbd30d492f4dfcf9c278b941efa97bed SHA1 (patch-an) = 6ec6ede602292ef2eaf5f0891e97576218bd8c3e SHA1 (patch-ao) = 9a1ed7b37befdd8e29d233fe55cd62362df3c50e +SHA1 (patch-ap) = 800486318acbaae22d04ac6e2b7ccddd150fde90 diff --git a/net/bind9/patches/patch-ap b/net/bind9/patches/patch-ap new file mode 100644 index 00000000000..8e4642918d5 --- /dev/null +++ b/net/bind9/patches/patch-ap @@ -0,0 +1,16 @@ +$NetBSD: patch-ap,v 1.3 2008/05/11 00:00:59 tonnerre Exp $ + +--- lib/bind/inet/inet_network.c.orig 2005-04-27 07:00:54.000000000 +0200 ++++ lib/bind/inet/inet_network.c +@@ -84,9 +84,9 @@ again: + } + if (!digit) + return (INADDR_NONE); ++ if (pp >= parts + 4 || val > 0xffU) ++ return (INADDR_NONE); + if (*cp == '.') { +- if (pp >= parts + 4 || val > 0xffU) +- return (INADDR_NONE); + *pp++ = val, cp++; + goto again; + } |