import bind-9.11.26-3.el8
This commit is contained in:
parent
5e58c2dcaa
commit
4fce41eda1
27
SOURCES/bind-9.11-CVE-2020-8625.patch
Normal file
27
SOURCES/bind-9.11-CVE-2020-8625.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From 9f331a945071365ccc0cfba24241c4af6919af30 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Mensik <pemensik@redhat.com>
|
||||
Date: Mon, 15 Feb 2021 12:18:14 +0100
|
||||
Subject: [PATCH] CVE-2020-8625
|
||||
|
||||
5562. [security] Fix off-by-one bug in ISC SPNEGO implementation.
|
||||
(CVE-2020-8625) [GL #2354]
|
||||
---
|
||||
lib/dns/spnego.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
|
||||
index dea108b..13cf15d 100644
|
||||
--- a/lib/dns/spnego.c
|
||||
+++ b/lib/dns/spnego.c
|
||||
@@ -877,7 +877,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
|
||||
return (ASN1_OVERRUN);
|
||||
}
|
||||
|
||||
- data->components = malloc(len * sizeof(*data->components));
|
||||
+ data->components = malloc((len + 1) * sizeof(*data->components));
|
||||
if (data->components == NULL) {
|
||||
return (ENOMEM);
|
||||
}
|
||||
--
|
||||
2.26.2
|
||||
|
@ -68,7 +68,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
|
||||
Name: bind
|
||||
License: MPLv2.0
|
||||
Version: 9.11.26
|
||||
Release: 2%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Release: 3%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Epoch: 32
|
||||
Url: https://www.isc.org/downloads/bind/
|
||||
#
|
||||
@ -154,6 +154,7 @@ Patch174:bind-9.11-fips-disable.patch
|
||||
Patch175:bind-9.11-json-c.patch
|
||||
Patch177:bind-9.11-serve-stale.patch
|
||||
Patch178:bind-9.11-dhcp-time-monotonic.patch
|
||||
Patch179:bind-9.11-CVE-2020-8625.patch
|
||||
|
||||
# SDB patches
|
||||
Patch11: bind-9.3.2b2-sdbsrc.patch
|
||||
@ -548,6 +549,7 @@ are used for building ISC DHCP.
|
||||
%patch175 -p1 -b .json-c
|
||||
%patch177 -p1 -b .serve-stale
|
||||
%patch178 -p1 -b .time-monotonic
|
||||
%patch179 -p1 -b .CVE-2020-8625
|
||||
|
||||
mkdir lib/dns/tests/testdata/dstrandom
|
||||
cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data
|
||||
@ -1599,6 +1601,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Feb 15 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.26-3
|
||||
- Fix off-by-one bug in ISC SPNEGO implementation (CVE-2020-8625)
|
||||
|
||||
* Tue Jan 05 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.26-2
|
||||
- Add DNSTAP support (#1854148), new dnstap-read tool
|
||||
- Add JSON support in statistics-channel (#1899257)
|
||||
|
Loading…
Reference in New Issue
Block a user