Date: Sat, 28 May 2011 08:44:39 +0000 (UTC) From: "Simon L. Nielsen" <simon@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r222416 - in releng: 7.3 7.3/contrib/bind9/lib/dns 7.3/sys/conf 7.4 7.4/contrib/bind9/lib/dns 7.4/sys/conf 8.1 8.1/contrib/bind9/lib/dns 8.1/sys/conf 8.2 8.2/contrib/bind9/lib/dns 8.2/s... Message-ID: <201105280844.p4S8ieZL076195@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: simon Date: Sat May 28 08:44:39 2011 New Revision: 222416 URL: http://svn.freebsd.org/changeset/base/222416 Log: Fix an off by one which can result in a assertion failure in BIND related to large RRSIG RRsets and Negative Caching. This can cause named to crash. Security: FreeBSD-SA-11:02.bind Security: CVE-2011-1910 Security: https://www.isc.org/software/bind/advisories/cve-2011-1910 Obtained from: ISC Approved by: so (simon) Modified: releng/7.3/UPDATING releng/7.3/contrib/bind9/lib/dns/ncache.c releng/7.3/sys/conf/newvers.sh releng/7.4/UPDATING releng/7.4/contrib/bind9/lib/dns/ncache.c releng/7.4/sys/conf/newvers.sh releng/8.1/UPDATING releng/8.1/contrib/bind9/lib/dns/ncache.c releng/8.1/sys/conf/newvers.sh releng/8.2/UPDATING releng/8.2/contrib/bind9/lib/dns/ncache.c releng/8.2/sys/conf/newvers.sh Modified: releng/7.3/UPDATING ============================================================================== --- releng/7.3/UPDATING Sat May 28 08:43:24 2011 (r222415) +++ releng/7.3/UPDATING Sat May 28 08:44:39 2011 (r222416) @@ -8,6 +8,10 @@ Items affecting the ports and packages s /usr/ports/UPDATING. Please read that file before running portupgrade. +20110528: p6 FreeBSD-SA-11:02.bind + Fix BIND remote DoS with large RRSIG RRsets and negative + caching. + 20110420: p5 FreeBSD-SA-11:01.mountd Fix CIDR parsing bug in mountd ACLs. Modified: releng/7.3/contrib/bind9/lib/dns/ncache.c ============================================================================== --- releng/7.3/contrib/bind9/lib/dns/ncache.c Sat May 28 08:43:24 2011 (r222415) +++ releng/7.3/contrib/bind9/lib/dns/ncache.c Sat May 28 08:44:39 2011 (r222416) @@ -160,7 +160,7 @@ dns_ncache_add(dns_message_t *message, d */ isc_buffer_availableregion(&buffer, &r); - if (r.length < 2) + if (r.length < 3) return (ISC_R_NOSPACE); isc_buffer_putuint16(&buffer, rdataset->type); Modified: releng/7.3/sys/conf/newvers.sh ============================================================================== --- releng/7.3/sys/conf/newvers.sh Sat May 28 08:43:24 2011 (r222415) +++ releng/7.3/sys/conf/newvers.sh Sat May 28 08:44:39 2011 (r222416) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="7.3" -BRANCH="RELEASE-p5" +BRANCH="RELEASE-p6" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/7.4/UPDATING ============================================================================== --- releng/7.4/UPDATING Sat May 28 08:43:24 2011 (r222415) +++ releng/7.4/UPDATING Sat May 28 08:44:39 2011 (r222416) @@ -8,6 +8,10 @@ Items affecting the ports and packages s /usr/ports/UPDATING. Please read that file before running portupgrade. +20110528: p2 FreeBSD-SA-11:02.bind + Fix BIND remote DoS with large RRSIG RRsets and negative + caching. + 20110420: p1 FreeBSD-SA-11:01.mountd Fix CIDR parsing bug in mountd ACLs. Modified: releng/7.4/contrib/bind9/lib/dns/ncache.c ============================================================================== --- releng/7.4/contrib/bind9/lib/dns/ncache.c Sat May 28 08:43:24 2011 (r222415) +++ releng/7.4/contrib/bind9/lib/dns/ncache.c Sat May 28 08:44:39 2011 (r222416) @@ -175,7 +175,7 @@ dns_ncache_add(dns_message_t *message, d */ isc_buffer_availableregion(&buffer, &r); - if (r.length < 2) + if (r.length < 3) return (ISC_R_NOSPACE); isc_buffer_putuint16(&buffer, rdataset->type); Modified: releng/7.4/sys/conf/newvers.sh ============================================================================== --- releng/7.4/sys/conf/newvers.sh Sat May 28 08:43:24 2011 (r222415) +++ releng/7.4/sys/conf/newvers.sh Sat May 28 08:44:39 2011 (r222416) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="7.4" -BRANCH="RELEASE-p1" +BRANCH="RELEASE-p2" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/8.1/UPDATING ============================================================================== --- releng/8.1/UPDATING Sat May 28 08:43:24 2011 (r222415) +++ releng/8.1/UPDATING Sat May 28 08:44:39 2011 (r222416) @@ -15,6 +15,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. debugging tools present in HEAD were left in place because sun4v support still needs work to become production ready. +20110528: p4 FreeBSD-SA-11:02.bind + Fix BIND remote DoS with large RRSIG RRsets and negative + caching. + 20110420: p3 FreeBSD-SA-11:01.mountd Fix CIDR parsing bug in mountd ACLs. Modified: releng/8.1/contrib/bind9/lib/dns/ncache.c ============================================================================== --- releng/8.1/contrib/bind9/lib/dns/ncache.c Sat May 28 08:43:24 2011 (r222415) +++ releng/8.1/contrib/bind9/lib/dns/ncache.c Sat May 28 08:44:39 2011 (r222416) @@ -185,7 +185,7 @@ dns_ncache_addoptout(dns_message_t *mess */ isc_buffer_availableregion(&buffer, &r); - if (r.length < 2) + if (r.length < 3) return (ISC_R_NOSPACE); isc_buffer_putuint16(&buffer, rdataset->type); Modified: releng/8.1/sys/conf/newvers.sh ============================================================================== --- releng/8.1/sys/conf/newvers.sh Sat May 28 08:43:24 2011 (r222415) +++ releng/8.1/sys/conf/newvers.sh Sat May 28 08:44:39 2011 (r222416) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="8.1" -BRANCH="RELEASE-p3" +BRANCH="RELEASE-p4" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/8.2/UPDATING ============================================================================== --- releng/8.2/UPDATING Sat May 28 08:43:24 2011 (r222415) +++ releng/8.2/UPDATING Sat May 28 08:44:39 2011 (r222416) @@ -15,6 +15,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. debugging tools present in HEAD were left in place because sun4v support still needs work to become production ready. +20110528: p2 FreeBSD-SA-11:02.bind + Fix BIND remote DoS with large RRSIG RRsets and negative + caching. + 20110420: p1 FreeBSD-SA-11:01.mountd Fix CIDR parsing bug in mountd ACLs. Modified: releng/8.2/contrib/bind9/lib/dns/ncache.c ============================================================================== --- releng/8.2/contrib/bind9/lib/dns/ncache.c Sat May 28 08:43:24 2011 (r222415) +++ releng/8.2/contrib/bind9/lib/dns/ncache.c Sat May 28 08:44:39 2011 (r222416) @@ -186,7 +186,7 @@ dns_ncache_addoptout(dns_message_t *mess */ isc_buffer_availableregion(&buffer, &r); - if (r.length < 2) + if (r.length < 3) return (ISC_R_NOSPACE); isc_buffer_putuint16(&buffer, rdataset->type); Modified: releng/8.2/sys/conf/newvers.sh ============================================================================== --- releng/8.2/sys/conf/newvers.sh Sat May 28 08:43:24 2011 (r222415) +++ releng/8.2/sys/conf/newvers.sh Sat May 28 08:44:39 2011 (r222416) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="8.2" -BRANCH="RELEASE-p1" +BRANCH="RELEASE-p2" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201105280844.p4S8ieZL076195>