Date: Fri, 26 Jul 2013 22:40:17 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r253692 - head/contrib/bind9/lib/dns/rdata/generic releng/8.4 releng/8.4/contrib/bind9/lib/dns/rdata/generic releng/8.4/sys/conf Message-ID: <201307262240.r6QMeHBX062246@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Fri Jul 26 22:40:17 2013 New Revision: 253692 URL: http://svnweb.freebsd.org/changeset/base/253692 Log: Fix Denial of Service vulnerability in named(8). [13:07] Security: CVE-2013-4854 Security: FreeBSD-SA-13:07.bind Approved by: so Modified: head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Changes in other areas also in this revision: Modified: releng/8.4/UPDATING releng/8.4/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c releng/8.4/sys/conf/newvers.sh Modified: head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c ============================================================================== --- head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Fri Jul 26 22:04:11 2013 (r253691) +++ head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Fri Jul 26 22:40:17 2013 (r253692) @@ -176,7 +176,7 @@ fromwire_keydata(ARGS_FROMWIRE) { UNUSED(options); isc_buffer_activeregion(source, &sr); - if (sr.length < 4) + if (sr.length < 16) return (ISC_R_UNEXPECTEDEND); isc_buffer_forward(source, sr.length);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307262240.r6QMeHBX062246>