import bind-9.11.26-4.el8_4
This commit is contained in:
CentOS Sources
parent
e50e0af00e
commit
7ea3346926
40
SOURCES/bind-9.11-CVE-2021-25215.patch
Normal file
40
SOURCES/bind-9.11-CVE-2021-25215.patch
Normal file
@ -0,0 +1,40 @@
|
||||
From 6fc38d1c75ce5a6172267e6ca162c4fdc09657ad Mon Sep 17 00:00:00 2001
|
||||
From: Petr Mensik <pemensik@redhat.com>
|
||||
Date: Tue, 27 Apr 2021 10:56:12 +0200
|
||||
Subject: [PATCH 2/2] CVE-2021-25215
|
||||
|
||||
5616. [security] named crashed when a DNAME record placed in the ANSWER
|
||||
section during DNAME chasing turned out to be the final
|
||||
answer to a client query. (CVE-2021-25215) [GL #2540]
|
||||
---
|
||||
bin/named/query.c | 13 ++++++++++---
|
||||
1 file changed, 10 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/bin/named/query.c b/bin/named/query.c
|
||||
index a95f5ad..11a888e 100644
|
||||
--- a/bin/named/query.c
|
||||
+++ b/bin/named/query.c
|
||||
@@ -9301,10 +9301,17 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
|
||||
if (noqname != NULL)
|
||||
query_addnoqnameproof(client, noqname);
|
||||
/*
|
||||
- * We shouldn't ever fail to add 'rdataset'
|
||||
- * because it's already in the answer.
|
||||
+ * 'rdataset' will only be non-NULL here if the ANSWER section
|
||||
+ * of the message to be sent to the client already contains an
|
||||
+ * RRset with the same owner name and the same type as
|
||||
+ * 'rdataset'. This should never happen, with one exception:
|
||||
+ * when chasing DNAME records, one of the DNAME records placed
|
||||
+ * in the ANSWER section may turn out to be the final answer to
|
||||
+ * the client's query, but we have no way of knowing that until
|
||||
+ * now. In such a case, 'rdataset' will be freed later, so we
|
||||
+ * do not need to free it here.
|
||||
*/
|
||||
- INSIST(rdataset == NULL);
|
||||
+ INSIST(rdataset == NULL || qtype == dns_rdatatype_dname);
|
||||
}
|
||||
|
||||
addauth:
|
||||
--
|
||||
2.26.3
|
||||
|
||||
@ -68,7 +68,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
|
||||
Name: bind
|
||||
License: MPLv2.0
|
||||
Version: 9.11.26
|
||||
Release: 3%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Release: 4%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Epoch: 32
|
||||
Url: https://www.isc.org/downloads/bind/
|
||||
#
|
||||
@ -155,6 +155,7 @@ Patch175:bind-9.11-json-c.patch
|
||||
Patch177:bind-9.11-serve-stale.patch
|
||||
Patch178:bind-9.11-dhcp-time-monotonic.patch
|
||||
Patch179:bind-9.11-CVE-2020-8625.patch
|
||||
Patch180:bind-9.11-CVE-2021-25215.patch
|
||||
|
||||
# SDB patches
|
||||
Patch11: bind-9.3.2b2-sdbsrc.patch
|
||||
@ -550,6 +551,7 @@ are used for building ISC DHCP.
|
||||
%patch177 -p1 -b .serve-stale
|
||||
%patch178 -p1 -b .time-monotonic
|
||||
%patch179 -p1 -b .CVE-2020-8625
|
||||
%patch180 -p1 -b .CVE-2021-25215
|
||||
|
||||
mkdir lib/dns/tests/testdata/dstrandom
|
||||
cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data
|
||||
@ -1601,6 +1603,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Apr 27 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.26-4
|
||||
- Possible assertion failure on DNAME processing (CVE-2021-25215)
|
||||
|
||||
* Mon Feb 15 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.26-3
|
||||
- Fix off-by-one bug in ISC SPNEGO implementation (CVE-2020-8625)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user