summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authortonnerre <tonnerre@pkgsrc.org>2008-03-19 22:55:21 +0000
committertonnerre <tonnerre@pkgsrc.org>2008-03-19 22:55:21 +0000
commitfc39e60feab8de6b55b65c4c6a056d2ab93475d3 (patch)
treea2d12be7290a5629a37a3d4b45c224fb107630ea /net
parent59c4b873a4a15b05ed1e424baa886284523d6302 (diff)
downloadpkgsrc-fc39e60feab8de6b55b65c4c6a056d2ab93475d3.tar.gz
Fix a Denial-of-Service vulnerability in maradns version 1.2.12.06
Crafted CNAME entries can be used to DoS MaraDNS without this patch See CVE-2008-0061 for more details Approved-by: wiz
Diffstat (limited to 'net')
-rw-r--r--net/maradns/Makefile3
-rw-r--r--net/maradns/distinfo3
-rw-r--r--net/maradns/patches/patch-am34
3 files changed, 38 insertions, 2 deletions
diff --git a/net/maradns/Makefile b/net/maradns/Makefile
index 0c65f2edde8..6d322f90a57 100644
--- a/net/maradns/Makefile
+++ b/net/maradns/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.19 2007/08/12 01:14:30 joerg Exp $
+# $NetBSD: Makefile,v 1.20 2008/03/19 22:55:21 tonnerre Exp $
DISTNAME= maradns-1.2.12.06
+PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= http://www.maradns.org/download/1.2/${DISTNAME:S/maradns-//}/
EXTRACT_SUFX= .tar.bz2
diff --git a/net/maradns/distinfo b/net/maradns/distinfo
index c8181482ffe..0a8b1cc0e05 100644
--- a/net/maradns/distinfo
+++ b/net/maradns/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.9 2007/08/12 01:14:30 joerg Exp $
+$NetBSD: distinfo,v 1.10 2008/03/19 22:55:21 tonnerre Exp $
SHA1 (maradns-1.2.12.06.tar.bz2) = bb94f2bcb612fe6c8f47ef6721051a57840a386e
RMD160 (maradns-1.2.12.06.tar.bz2) = 8c88fd87bff54c0121348e19a5255869622228a6
@@ -12,3 +12,4 @@ SHA1 (patch-ai) = 7bf925bef4d0b9682af9ccea8779bab686987e2d
SHA1 (patch-aj) = b8c98de240712dad2f396e25bee6b6564a0a6e5e
SHA1 (patch-ak) = f7fe72709a91a74dd6ff841f7155da0bd665162e
SHA1 (patch-al) = 72faa0c34b44fffb49a079e958816692f6c90c5f
+SHA1 (patch-am) = 725e408c7d395d65fe4adc0d3d7e018c2c6a6c17
diff --git a/net/maradns/patches/patch-am b/net/maradns/patches/patch-am
new file mode 100644
index 00000000000..d8a18143c53
--- /dev/null
+++ b/net/maradns/patches/patch-am
@@ -0,0 +1,34 @@
+$NetBSD: patch-am,v 1.1 2008/03/19 22:55:21 tonnerre Exp $
+
+--- server/MaraDNS.c.orig 2007-05-17 06:01:44.000000000 +0200
++++ server/MaraDNS.c
+@@ -636,7 +636,8 @@ int udpsuccess(rr *where, int id, int so
+ is buggy if we round-robin rotate data when we allow more than
+ one additional record to be create per answer/authoritative
+ record. */
+- if(rotate_2nd != 0 && max_ar_chain == 1 && rotate_last != 0) {
++ if(rotate_2nd != 0 && max_ar_chain == 1 && rotate_last != 0
++ && first_rr_type != RR_NS) {
+ /* If it makes sense to do a round-robin rotation, do so.
+ * Make rotate_1st, which was the first record, the last
+ * record; make rotate_2nd, which was the second record,
+@@ -900,7 +901,8 @@ int udpsuccess(rr *where, int id, int so
+ rotate_last = where;
+ where = where->next;
+ /* If it makes sense to do a round-robin rotation, do so */
+- if(where == 0 && rotate_2nd != 0 && max_ar_chain == 1) {
++ if(where == 0 && rotate_2nd != 0 && max_ar_chain == 1
++ && first_rr_type != RR_NS) {
+ /* For records in the cache, we need to make sure that
+ the custodian properly points to the first record
+ in the chain or we will leak memory */
+@@ -1113,7 +1115,8 @@ int add_answer(rr *where,js_string *most
+ is buggy if we round-robin rotate data when we allow more than
+ one additional record to be create per answer/authoritative
+ record. */
+- if(rotate_2nd != 0 && max_ar_chain == 1 && rotate_done == 0) {
++ if(rotate_2nd != 0 && max_ar_chain == 1 && rotate_done == 0
++ && first_rr_type != RR_NS) {
+ rotate_done = 1;
+ /* If it makes sense to do a round-robin rotation */
+ rotate_1st->next = where;