summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authortonnerre <tonnerre@pkgsrc.org>2008-05-11 00:00:57 +0000
committertonnerre <tonnerre@pkgsrc.org>2008-05-11 00:00:57 +0000
commit7b9f66b40a495e3870674342e2ba57504e9c2711 (patch)
tree0f91a68c02ac4dc0079a450a4a32ba494f876b38 /net
parent2c34c3429b4244d19cd573ab0e8b0dd62490af77 (diff)
downloadpkgsrc-7b9f66b40a495e3870674342e2ba57504e9c2711.tar.gz
Fix CVE-2008-0122 for libbind (as contained in bind). A misplaced boundary
check can be abused for implementation specific exploitation: depending on the use of libbind, this can result in denial of service or even remote code execution.
Diffstat (limited to 'net')
-rw-r--r--net/bind8/Makefile3
-rw-r--r--net/bind8/distinfo3
-rw-r--r--net/bind8/patches/patch-ao16
-rw-r--r--net/bind9/Makefile4
-rw-r--r--net/bind9/distinfo3
-rw-r--r--net/bind9/patches/patch-ap16
6 files changed, 40 insertions, 5 deletions
diff --git a/net/bind8/Makefile b/net/bind8/Makefile
index 5ba5a8f73d6..def3e6d3ec9 100644
--- a/net/bind8/Makefile
+++ b/net/bind8/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.39 2007/11/17 12:04:13 rillig Exp $
+# $NetBSD: Makefile,v 1.40 2008/05/11 00:00:57 tonnerre Exp $
DISTNAME= bind-${BIND_VERSION}
PKGNAME= ${DISTNAME}pl1
+PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.isc.org/isc/bind8/src/${BIND_VERSION}/
DISTFILES= bind-src.tar.gz bind-doc.tar.gz
diff --git a/net/bind8/distinfo b/net/bind8/distinfo
index aecaa014a47..ff422eb61f9 100644
--- a/net/bind8/distinfo
+++ b/net/bind8/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.21 2007/09/10 19:05:01 adrianp Exp $
+$NetBSD: distinfo,v 1.22 2008/05/11 00:00:57 tonnerre Exp $
SHA1 (bind/8.4.7/8.4.7-p1.patch) = 21ace372a55ff10166c3aaefb9ca25889b8e9c99
RMD160 (bind/8.4.7/8.4.7-p1.patch) = 09787da6ebf107f680963ead6b9998f734244951
@@ -22,3 +22,4 @@ SHA1 (patch-ak) = db59ad1cda56adfffb75336781c4bd1ad1c79733
SHA1 (patch-al) = f03b3b5480d9294673cdb86cf0f45f48ce9ea895
SHA1 (patch-am) = 7acd974e10388dba0dcb44c28f2f03e18b7a1c28
SHA1 (patch-an) = 41b63a50756d9f73152fc8a48dbf93657064e90f
+SHA1 (patch-ao) = 85ee16824e849ad227e04dbf71808446769438af
diff --git a/net/bind8/patches/patch-ao b/net/bind8/patches/patch-ao
new file mode 100644
index 00000000000..215ee201064
--- /dev/null
+++ b/net/bind8/patches/patch-ao
@@ -0,0 +1,16 @@
+$NetBSD: patch-ao,v 1.1 2008/05/11 00:00:57 tonnerre Exp $
+
+--- src/lib/inet/inet_network.c.orig 2004-03-17 01:20:24.000000000 +0100
++++ src/lib/inet/inet_network.c
+@@ -84,9 +84,9 @@ again:
+ }
+ if (!digit)
+ return (INADDR_NONE);
++ if (pp >= parts + 4 || val > 0xffU)
++ return (INADDR_NONE);
+ if (*cp == '.') {
+- if (pp >= parts + 4 || val > 0xffU)
+- return (INADDR_NONE);
+ *pp++ = val, cp++;
+ goto again;
+ }
diff --git a/net/bind9/Makefile b/net/bind9/Makefile
index 87bd9b2a6b6..78c574572c3 100644
--- a/net/bind9/Makefile
+++ b/net/bind9/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.96 2008/04/12 22:43:08 jlam Exp $
+# $NetBSD: Makefile,v 1.97 2008/05/11 00:00:59 tonnerre Exp $
DISTNAME= bind-${BIND_VERSION}
PKGNAME= ${DISTNAME:S/-P1/pl1/}
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= net
MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
diff --git a/net/bind9/distinfo b/net/bind9/distinfo
index 8fa2be25df6..93fd2dec68a 100644
--- a/net/bind9/distinfo
+++ b/net/bind9/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.34 2007/08/08 18:32:46 reed Exp $
+$NetBSD: distinfo,v 1.35 2008/05/11 00:00:59 tonnerre Exp $
SHA1 (bind-9.4.1-P1.tar.gz) = c65bfd3d6ff1dd78b678fe350e323bfb6d47fe1b
RMD160 (bind-9.4.1-P1.tar.gz) = ced75a96098d78a7fdd8cc1d1e3daf2ad142ee9f
@@ -14,3 +14,4 @@ SHA1 (patch-al) = eb6a52d3f865639447ec6f9019c0ea1d2122b772
SHA1 (patch-am) = bb267f13dbd30d492f4dfcf9c278b941efa97bed
SHA1 (patch-an) = 6ec6ede602292ef2eaf5f0891e97576218bd8c3e
SHA1 (patch-ao) = 9a1ed7b37befdd8e29d233fe55cd62362df3c50e
+SHA1 (patch-ap) = 800486318acbaae22d04ac6e2b7ccddd150fde90
diff --git a/net/bind9/patches/patch-ap b/net/bind9/patches/patch-ap
new file mode 100644
index 00000000000..8e4642918d5
--- /dev/null
+++ b/net/bind9/patches/patch-ap
@@ -0,0 +1,16 @@
+$NetBSD: patch-ap,v 1.3 2008/05/11 00:00:59 tonnerre Exp $
+
+--- lib/bind/inet/inet_network.c.orig 2005-04-27 07:00:54.000000000 +0200
++++ lib/bind/inet/inet_network.c
+@@ -84,9 +84,9 @@ again:
+ }
+ if (!digit)
+ return (INADDR_NONE);
++ if (pp >= parts + 4 || val > 0xffU)
++ return (INADDR_NONE);
+ if (*cp == '.') {
+- if (pp >= parts + 4 || val > 0xffU)
+- return (INADDR_NONE);
+ *pp++ = val, cp++;
+ goto again;
+ }