From 2268381922781da0d991d6187ec3a52fe90ffd56 Mon Sep 17 00:00:00 2001 From: Fedor Vorobev Date: Thu, 22 Jan 2026 16:28:31 +0100 Subject: [PATCH] Backport fix for nameserver line processing. Resolves: RHEL-79714 --- ...perly-process-extra-nameserver-lines.patch | 38 +++++++++++++++++++ bind.spec | 7 +++- 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 bind-9.16-properly-process-extra-nameserver-lines.patch diff --git a/bind-9.16-properly-process-extra-nameserver-lines.patch b/bind-9.16-properly-process-extra-nameserver-lines.patch new file mode 100644 index 0000000..abfa7cf --- /dev/null +++ b/bind-9.16-properly-process-extra-nameserver-lines.patch @@ -0,0 +1,38 @@ +diff --git a/CHANGES b/CHANGES +index 2b12128544..42c13c9dbd 100644 +--- a/CHANGES ++++ b/CHANGES +@@ -1,3 +1,7 @@ ++6173. [bug] Properly process extra "nameserver" lines in ++ resolv.conf otherwise the next line is not properly ++ processed. [GL #4066] ++ + --- 9.16.23 released --- + + 5752. [bug] Fix an assertion failure caused by missing member zones +diff --git a/lib/irs/resconf.c b/lib/irs/resconf.c +index da6066db7b..775f4e86a4 100644 +--- a/lib/irs/resconf.c ++++ b/lib/irs/resconf.c +@@ -286,10 +286,6 @@ resconf_parsenameserver(irs_resconf_t *conf, FILE *fp) { + int cp; + isc_result_t result; + +- if (conf->numns == RESCONFMAXNAMESERVERS) { +- return (ISC_R_SUCCESS); +- } +- + cp = getword(fp, word, sizeof(word)); + if (strlen(word) == 0U) { + return (ISC_R_UNEXPECTEDEND); /* Nothing on line. */ +@@ -301,6 +297,10 @@ resconf_parsenameserver(irs_resconf_t *conf, FILE *fp) { + return (ISC_R_UNEXPECTEDTOKEN); /* Extra junk on line. */ + } + ++ if (conf->numns == RESCONFMAXNAMESERVERS) { ++ return (ISC_R_SUCCESS); ++ } ++ + result = add_server(conf->mctx, word, &conf->nameservers); + if (result != ISC_R_SUCCESS) { + return (result); diff --git a/bind.spec b/bind.spec index 389342d..8bdc957 100644 --- a/bind.spec +++ b/bind.spec @@ -54,7 +54,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: MPLv2.0 Version: 9.16.23 -Release: 38%{?dist} +Release: 39%{?dist} Epoch: 32 Url: https://www.isc.org/downloads/bind/ # @@ -199,6 +199,8 @@ Patch224: bind-9.16-CVE-2025-40780.patch # https://gitlab.isc.org/isc-projects/bind9/commit/50479358efdf432d690415131b74b5df158a9d69 # https://gitlab.isc.org/isc-projects/bind9/commit/33a7db1fe964e55b76b4ac003ecc56cc67028bd9 Patch225: bind-9.16-CVE-2025-40778.patch +# https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7942 +Patch226: bind-9.16-properly-process-extra-nameserver-lines.patch %{?systemd_ordering} # https://fedoraproject.org/wiki/Changes/RPMSuportForSystemdSysusers @@ -1258,6 +1260,9 @@ fi; %endif %changelog +* Thu Jan 22 2026 Fedor Vorobev - 32:9.16.23-39 +- Backport fix for nameserver line processing. (RHEL-79714) + * Fri Dec 12 2025 Petr Menšík - 32:9.16.23-38 - Add sysusers named user creation (RHEL-132053)