From owner-svn-src-all@FreeBSD.ORG Wed Jul 29 00:13:47 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5FAF8106564A; Wed, 29 Jul 2009 00:13:47 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 4CB298FC13; Wed, 29 Jul 2009 00:13:47 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n6T0Dl1h047827; Wed, 29 Jul 2009 00:13:47 GMT (envelope-from dougb@svn.freebsd.org) Received: (from dougb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n6T0Dlu1047825; Wed, 29 Jul 2009 00:13:47 GMT (envelope-from dougb@svn.freebsd.org) Message-Id: <200907290013.n6T0Dlu1047825@svn.freebsd.org> From: Doug Barton Date: Wed, 29 Jul 2009 00:13:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-6@freebsd.org X-SVN-Group: stable-6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r195934 - stable/6/contrib/bind9/bin/named X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2009 00:13:48 -0000 Author: dougb Date: Wed Jul 29 00:13:47 2009 New Revision: 195934 URL: http://svn.freebsd.org/changeset/base/195934 Log: Apply the patch derived from version 9.6.1-P1 which addresses a remote DoS vulnerability: Receipt of a specially-crafted dynamic update message may cause BIND 9 servers to exit. This vulnerability affects all servers -- it is not limited to those that are configured to allow dynamic updates. Access controls will not provide an effective workaround. More details can be found here: https://www.isc.org/node/474 All BIND users are encouraged to update to a patched version ASAP. Modified: stable/6/contrib/bind9/bin/named/update.c Modified: stable/6/contrib/bind9/bin/named/update.c ============================================================================== --- stable/6/contrib/bind9/bin/named/update.c Tue Jul 28 23:59:22 2009 (r195933) +++ stable/6/contrib/bind9/bin/named/update.c Wed Jul 29 00:13:47 2009 (r195934) @@ -863,7 +863,11 @@ temp_check(isc_mem_t *mctx, dns_diff_t * if (type == dns_rdatatype_rrsig || type == dns_rdatatype_sig) covers = dns_rdata_covers(&t->rdata); - else + else if (type == dns_rdatatype_any) { + dns_db_detachnode(db, &node); + dns_diff_clear(&trash); + return (DNS_R_NXRRSET); + } else covers = 0; /*