diff --git a/SOURCES/bind-9.16-CVE-2022-38177.patch b/SOURCES/bind-9.16-CVE-2022-38177.patch new file mode 100644 index 0000000..d40ea61 --- /dev/null +++ b/SOURCES/bind-9.16-CVE-2022-38177.patch @@ -0,0 +1,27 @@ +From 0095b8a6b09173ab5eb48611dc0233d2a6337dc1 Mon Sep 17 00:00:00 2001 +From: Petr Mensik +Date: Tue, 20 Sep 2022 11:21:45 +0200 +Subject: [PATCH] Fix CVE-2022-38177 + +5961. [security] Fix memory leak in ECDSA verify processing. + (CVE-2022-38177) [GL #3487] +--- + lib/dns/opensslecdsa_link.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c +index 83b5b51..7576e04 100644 +--- a/lib/dns/opensslecdsa_link.c ++++ b/lib/dns/opensslecdsa_link.c +@@ -224,7 +224,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { + siglen = DNS_SIG_ECDSA384SIZE; + + if (sig->length != siglen) +- return (DST_R_VERIFYFAILURE); ++ DST_RET(DST_R_VERIFYFAILURE); + + if (!EVP_DigestFinal_ex(evp_md_ctx, digest, &dgstlen)) + DST_RET (dst__openssl_toresult3(dctx->category, +-- +2.37.3 + diff --git a/SOURCES/bind-9.16-CVE-2022-38178.patch b/SOURCES/bind-9.16-CVE-2022-38178.patch new file mode 100644 index 0000000..eb45109 --- /dev/null +++ b/SOURCES/bind-9.16-CVE-2022-38178.patch @@ -0,0 +1,27 @@ +From bb68864bf05d29df644427ec841bc3db6a336519 Mon Sep 17 00:00:00 2001 +From: Petr Mensik +Date: Tue, 20 Sep 2022 11:22:47 +0200 +Subject: [PATCH] Fix CVE-2022-38178 + +5962. [security] Fix memory leak in EdDSA verify processing. + (CVE-2022-38178) [GL #3487] +--- + lib/dns/openssleddsa_link.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c +index 8b115ec..4f3c2a8 100644 +--- a/lib/dns/openssleddsa_link.c ++++ b/lib/dns/openssleddsa_link.c +@@ -325,7 +325,7 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { + siglen = DNS_SIG_ED448SIZE; + + if (sig->length != siglen) +- return (DST_R_VERIFYFAILURE); ++ DST_RET(DST_R_VERIFYFAILURE); + + isc_buffer_usedregion(buf, &tbsreg); + +-- +2.37.3 + diff --git a/SPECS/bind.spec b/SPECS/bind.spec index 2c9acdc..300114c 100644 --- a/SPECS/bind.spec +++ b/SPECS/bind.spec @@ -68,7 +68,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: MPLv2.0 Version: 9.11.36 -Release: 4%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} +Release: 5%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} Epoch: 32 Url: https://www.isc.org/downloads/bind/ # @@ -160,6 +160,8 @@ Patch183:bind-9.11-rh1980757.patch Patch184: bind-9.15-resolver-ntasks.patch Patch185: bind-9.11-CVE-2021-25220.patch Patch186: bind-9.11-CVE-2021-25220-test.patch +Patch188: bind-9.16-CVE-2022-38177.patch +Patch189: bind-9.16-CVE-2022-38178.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -557,6 +559,8 @@ are used for building ISC DHCP. %patch184 -p1 -b .rh2030239 %patch185 -p1 -b .CVE-2021-25220 %patch186 -p1 -b .CVE-2021-25220-test +%patch188 -p1 -b .CVE-2022-38177 +%patch189 -p1 -b .CVE-2022-38178 mkdir lib/dns/tests/testdata/dstrandom cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data @@ -1609,6 +1613,10 @@ rm -rf ${RPM_BUILD_ROOT} %endif %changelog +* Thu Sep 22 2022 Petr Menšík - 32:9.11.36-5 +- Fix memory leak in ECDSA verify processing (CVE-2022-38177) +- Fix memory leak in EdDSA verify processing (CVE-2022-38178) + * Wed Apr 13 2022 Petr Menšík - 32:9.11.36-4 - Tighten cache protection against record from forwarders (CVE-2021-25220) - Include test of forwarders