diff options
author | tonnerre <tonnerre@pkgsrc.org> | 2008-05-11 00:00:57 +0000 |
---|---|---|
committer | tonnerre <tonnerre@pkgsrc.org> | 2008-05-11 00:00:57 +0000 |
commit | 7b9f66b40a495e3870674342e2ba57504e9c2711 (patch) | |
tree | 0f91a68c02ac4dc0079a450a4a32ba494f876b38 /net | |
parent | 2c34c3429b4244d19cd573ab0e8b0dd62490af77 (diff) | |
download | pkgsrc-7b9f66b40a495e3870674342e2ba57504e9c2711.tar.gz |
Fix CVE-2008-0122 for libbind (as contained in bind). A misplaced boundary
check can be abused for implementation specific exploitation: depending on
the use of libbind, this can result in denial of service or even remote
code execution.
Diffstat (limited to 'net')
-rw-r--r-- | net/bind8/Makefile | 3 | ||||
-rw-r--r-- | net/bind8/distinfo | 3 | ||||
-rw-r--r-- | net/bind8/patches/patch-ao | 16 | ||||
-rw-r--r-- | net/bind9/Makefile | 4 | ||||
-rw-r--r-- | net/bind9/distinfo | 3 | ||||
-rw-r--r-- | net/bind9/patches/patch-ap | 16 |
6 files changed, 40 insertions, 5 deletions
diff --git a/net/bind8/Makefile b/net/bind8/Makefile index 5ba5a8f73d6..def3e6d3ec9 100644 --- a/net/bind8/Makefile +++ b/net/bind8/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.39 2007/11/17 12:04:13 rillig Exp $ +# $NetBSD: Makefile,v 1.40 2008/05/11 00:00:57 tonnerre Exp $ DISTNAME= bind-${BIND_VERSION} PKGNAME= ${DISTNAME}pl1 +PKGREVISION= 1 CATEGORIES= net MASTER_SITES= ftp://ftp.isc.org/isc/bind8/src/${BIND_VERSION}/ DISTFILES= bind-src.tar.gz bind-doc.tar.gz diff --git a/net/bind8/distinfo b/net/bind8/distinfo index aecaa014a47..ff422eb61f9 100644 --- a/net/bind8/distinfo +++ b/net/bind8/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.21 2007/09/10 19:05:01 adrianp Exp $ +$NetBSD: distinfo,v 1.22 2008/05/11 00:00:57 tonnerre Exp $ SHA1 (bind/8.4.7/8.4.7-p1.patch) = 21ace372a55ff10166c3aaefb9ca25889b8e9c99 RMD160 (bind/8.4.7/8.4.7-p1.patch) = 09787da6ebf107f680963ead6b9998f734244951 @@ -22,3 +22,4 @@ SHA1 (patch-ak) = db59ad1cda56adfffb75336781c4bd1ad1c79733 SHA1 (patch-al) = f03b3b5480d9294673cdb86cf0f45f48ce9ea895 SHA1 (patch-am) = 7acd974e10388dba0dcb44c28f2f03e18b7a1c28 SHA1 (patch-an) = 41b63a50756d9f73152fc8a48dbf93657064e90f +SHA1 (patch-ao) = 85ee16824e849ad227e04dbf71808446769438af diff --git a/net/bind8/patches/patch-ao b/net/bind8/patches/patch-ao new file mode 100644 index 00000000000..215ee201064 --- /dev/null +++ b/net/bind8/patches/patch-ao @@ -0,0 +1,16 @@ +$NetBSD: patch-ao,v 1.1 2008/05/11 00:00:57 tonnerre Exp $ + +--- src/lib/inet/inet_network.c.orig 2004-03-17 01:20:24.000000000 +0100 ++++ src/lib/inet/inet_network.c +@@ -84,9 +84,9 @@ again: + } + if (!digit) + return (INADDR_NONE); ++ if (pp >= parts + 4 || val > 0xffU) ++ return (INADDR_NONE); + if (*cp == '.') { +- if (pp >= parts + 4 || val > 0xffU) +- return (INADDR_NONE); + *pp++ = val, cp++; + goto again; + } diff --git a/net/bind9/Makefile b/net/bind9/Makefile index 87bd9b2a6b6..78c574572c3 100644 --- a/net/bind9/Makefile +++ b/net/bind9/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.96 2008/04/12 22:43:08 jlam Exp $ +# $NetBSD: Makefile,v 1.97 2008/05/11 00:00:59 tonnerre Exp $ DISTNAME= bind-${BIND_VERSION} PKGNAME= ${DISTNAME:S/-P1/pl1/} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= net MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ diff --git a/net/bind9/distinfo b/net/bind9/distinfo index 8fa2be25df6..93fd2dec68a 100644 --- a/net/bind9/distinfo +++ b/net/bind9/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.34 2007/08/08 18:32:46 reed Exp $ +$NetBSD: distinfo,v 1.35 2008/05/11 00:00:59 tonnerre Exp $ SHA1 (bind-9.4.1-P1.tar.gz) = c65bfd3d6ff1dd78b678fe350e323bfb6d47fe1b RMD160 (bind-9.4.1-P1.tar.gz) = ced75a96098d78a7fdd8cc1d1e3daf2ad142ee9f @@ -14,3 +14,4 @@ SHA1 (patch-al) = eb6a52d3f865639447ec6f9019c0ea1d2122b772 SHA1 (patch-am) = bb267f13dbd30d492f4dfcf9c278b941efa97bed SHA1 (patch-an) = 6ec6ede602292ef2eaf5f0891e97576218bd8c3e SHA1 (patch-ao) = 9a1ed7b37befdd8e29d233fe55cd62362df3c50e +SHA1 (patch-ap) = 800486318acbaae22d04ac6e2b7ccddd150fde90 diff --git a/net/bind9/patches/patch-ap b/net/bind9/patches/patch-ap new file mode 100644 index 00000000000..8e4642918d5 --- /dev/null +++ b/net/bind9/patches/patch-ap @@ -0,0 +1,16 @@ +$NetBSD: patch-ap,v 1.3 2008/05/11 00:00:59 tonnerre Exp $ + +--- lib/bind/inet/inet_network.c.orig 2005-04-27 07:00:54.000000000 +0200 ++++ lib/bind/inet/inet_network.c +@@ -84,9 +84,9 @@ again: + } + if (!digit) + return (INADDR_NONE); ++ if (pp >= parts + 4 || val > 0xffU) ++ return (INADDR_NONE); + if (*cp == '.') { +- if (pp >= parts + 4 || val > 0xffU) +- return (INADDR_NONE); + *pp++ = val, cp++; + goto again; + } |