import bind-9.11.20-5.el8_3.1
This commit is contained in:
CentOS Sources
parent
864e18c0c8
commit
cacdacb017
27
SOURCES/bind-9.11-CVE-2020-8625.patch
Normal file
27
SOURCES/bind-9.11-CVE-2020-8625.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From 9f331a945071365ccc0cfba24241c4af6919af30 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Mensik <pemensik@redhat.com>
|
||||
Date: Mon, 15 Feb 2021 12:18:14 +0100
|
||||
Subject: [PATCH] CVE-2020-8625
|
||||
|
||||
5562. [security] Fix off-by-one bug in ISC SPNEGO implementation.
|
||||
(CVE-2020-8625) [GL #2354]
|
||||
---
|
||||
lib/dns/spnego.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
|
||||
index dea108b..13cf15d 100644
|
||||
--- a/lib/dns/spnego.c
|
||||
+++ b/lib/dns/spnego.c
|
||||
@@ -877,7 +877,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
|
||||
return (ASN1_OVERRUN);
|
||||
}
|
||||
|
||||
- data->components = malloc(len * sizeof(*data->components));
|
||||
+ data->components = malloc((len + 1) * sizeof(*data->components));
|
||||
if (data->components == NULL) {
|
||||
return (ENOMEM);
|
||||
}
|
||||
--
|
||||
2.26.2
|
||||
|
||||
@ -65,7 +65,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
|
||||
Name: bind
|
||||
License: MPLv2.0
|
||||
Version: 9.11.20
|
||||
Release: 5%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Release: 5%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}.1
|
||||
Epoch: 32
|
||||
Url: http://www.isc.org/products/BIND/
|
||||
#
|
||||
@ -163,6 +163,7 @@ Patch181:bind-9.11-CVE-2020-8623.patch
|
||||
# https://gitlab.isc.org/isc-projects/bind9/commit/8e919cf6e47c4f52612069ac0868f8caa5089e74
|
||||
Patch182:bind-9.11-CVE-2020-8624.patch
|
||||
Patch183:bind-9.11-CVE-2020-8624-test.patch
|
||||
Patch184:bind-9.11-CVE-2020-8625.patch
|
||||
|
||||
# SDB patches
|
||||
Patch11: bind-9.3.2b2-sdbsrc.patch
|
||||
@ -526,6 +527,7 @@ are used for building ISC DHCP.
|
||||
%patch181 -p1 -b .CVE-2020-8623
|
||||
%patch182 -p1 -b .CVE-2020-8624
|
||||
%patch183 -p1 -b .CVE-2020-8624-test
|
||||
%patch184 -p1 -b .CVE-2020-8625
|
||||
|
||||
mkdir lib/dns/tests/testdata/dstrandom
|
||||
cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data
|
||||
@ -1534,6 +1536,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Feb 15 2021 Petr Menšík <pemensik@redhat.com> - 32:9.11.20-5.1
|
||||
- Fix off-by-one bug in ISC SPNEGO implementation (CVE-2020-8625)
|
||||
|
||||
* Tue Aug 18 2020 Petr Menšík <pemensik@redhat.com> - 32:9.11.20-5
|
||||
- Fix tsig-request verify (CVE-2020-8622)
|
||||
- Prevent PKCS11 daemon crash on crafted packet (CVE-2020-8623)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user