Date: Wed, 29 Jul 2009 00:13:47 +0000 (UTC) From: Doug Barton <dougb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-6@freebsd.org Subject: svn commit: r195934 - stable/6/contrib/bind9/bin/named Message-ID: <200907290013.n6T0Dlu1047825@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dougb Date: Wed Jul 29 00:13:47 2009 New Revision: 195934 URL: http://svn.freebsd.org/changeset/base/195934 Log: Apply the patch derived from version 9.6.1-P1 which addresses a remote DoS vulnerability: Receipt of a specially-crafted dynamic update message may cause BIND 9 servers to exit. This vulnerability affects all servers -- it is not limited to those that are configured to allow dynamic updates. Access controls will not provide an effective workaround. More details can be found here: https://www.isc.org/node/474 All BIND users are encouraged to update to a patched version ASAP. Modified: stable/6/contrib/bind9/bin/named/update.c Modified: stable/6/contrib/bind9/bin/named/update.c ============================================================================== --- stable/6/contrib/bind9/bin/named/update.c Tue Jul 28 23:59:22 2009 (r195933) +++ stable/6/contrib/bind9/bin/named/update.c Wed Jul 29 00:13:47 2009 (r195934) @@ -863,7 +863,11 @@ temp_check(isc_mem_t *mctx, dns_diff_t * if (type == dns_rdatatype_rrsig || type == dns_rdatatype_sig) covers = dns_rdata_covers(&t->rdata); - else + else if (type == dns_rdatatype_any) { + dns_db_detachnode(db, &node); + dns_diff_clear(&trash); + return (DNS_R_NXRRSET); + } else covers = 0; /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200907290013.n6T0Dlu1047825>