Date: Mon, 3 Aug 2009 00:39:16 GMT From: Josh Carroll <josh.carroll@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/137374: dns/bind9-sdb-postgresql needs base bind version bump for DoS vulnerability Message-ID: <200908030039.n730dGtX089853@www.freebsd.org> Resent-Message-ID: <200908030040.n730e6o6025832@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 137374 >Category: ports >Synopsis: dns/bind9-sdb-postgresql needs base bind version bump for DoS vulnerability >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Aug 03 00:40:06 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Josh Carroll >Release: 7.2-RELEASE >Organization: n/a >Environment: FreeBSD pflog.net 7.2-RELEASE-p1 FreeBSD 7.2-RELEASE-p1 #11: Wed Jun 10 10:25:37 EDT 2009 root@pflog.net:/usr/obj/usr/src/sys/PFLOG amd64 >Description: Per the announcement at isc.org, there is a remotely exploitable DoS vulnerability in bind 9, including the 9.4.3-P2 version. Attached is a path for the dns/bind9-sdb-postgresql port to bump it to the 9.4.3-P3 version, which addresses this vulnerability. Details about the problem can be found here: https://www.isc.org/node/474 Thanks, Josh >How-To-Repeat: https://www.isc.org/node/474 has details >Fix: Patch attached to bump from 9.4.3-P2 to 9.4.3-P3. Patch attached with submission follows: diff -urN bind9-sdb-postgresql/Makefile bind9-sdb-postgresql.new/Makefile --- bind9-sdb-postgresql/Makefile 2009-03-25 20:44:56.000000000 -0400 +++ bind9-sdb-postgresql.new/Makefile 2009-07-28 18:35:03.000000000 -0400 @@ -6,7 +6,7 @@ # PORTNAME= bind9 -PORTVERSION= 9.4.3.2 +PORTVERSION= 9.4.3.3 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} MASTER_SITE_SUBDIR= bind9/${ISCVERSION} @@ -21,7 +21,7 @@ CONFLICTS= bind9-9.* bind9-sdb-ldap-* host-* # ISC releases things like 9.3.0rc1, which our versioning doesn't like -ISCVERSION= 9.4.3-P2 +ISCVERSION= 9.4.3-P3 GNU_CONFIGURE= yes CONFIGURE_ARGS= --localstatedir=/var --disable-linux-caps --with-openssl \ diff -urN bind9-sdb-postgresql/distinfo bind9-sdb-postgresql.new/distinfo --- bind9-sdb-postgresql/distinfo 2009-03-25 20:44:56.000000000 -0400 +++ bind9-sdb-postgresql.new/distinfo 2009-07-28 18:35:30.000000000 -0400 @@ -1,6 +1,6 @@ -MD5 (bind-9.4.3-P2.tar.gz) = 91dff2af18475e14863051c93255a59a -SHA256 (bind-9.4.3-P2.tar.gz) = fb7c9964942ecc07606bb8d4361bf9d9bd8091e059fea1b56e6a0972f99b1ba1 -SIZE (bind-9.4.3-P2.tar.gz) = 6544865 -MD5 (bind-9.4.3-P2.tar.gz.asc) = 354aebc01f95440506d5de50305f0b9d -SHA256 (bind-9.4.3-P2.tar.gz.asc) = f8c6e3f749affdfd042929abab40d3a83dec74d0271555c2bdbb72d24a954477 -SIZE (bind-9.4.3-P2.tar.gz.asc) = 479 +MD5 (bind-9.4.3-P3.tar.gz) = ed357d3d18dcfa97723f91d9219caa8c +SHA256 (bind-9.4.3-P3.tar.gz) = cf1186b9f9bb993053e49f7c9bc22a1f218266cc6112d4e668a56ab8861a2b6d +SIZE (bind-9.4.3-P3.tar.gz) = 6544968 +MD5 (bind-9.4.3-P3.tar.gz.asc) = af8615dadd69bc94dbfa41a0dbff37ef +SHA256 (bind-9.4.3-P3.tar.gz.asc) = c973d143a49e585a3cb9cf8f2019f234317593d7a7be76b52dc83e127dd10208 +SIZE (bind-9.4.3-P3.tar.gz.asc) = 481 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200908030039.n730dGtX089853>