The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Go to file
Petr Menšík 5bfe51e649 Do not use header_prev in expire_lru_headers
dns__cacherbt_expireheader can unlink / free header_prev underneath
it.  Use ISC_LIST_TAIL after calling dns__cacherbt_expireheader
instead to get the next pointer to be processed.

(cherry picked from commit 7ce2e86024f022decb2678963538515ca39ab4ab)
(cherry picked from commit f88f21b7d890eb80097f4bd434fedb29c2f9ff63)

This is related to CVE-2023-2828 fix change and fixes small part of it.

; Related: CVE-2023-4408
Related: RHEL-25691
2024-03-27 19:08:50 +01:00
.gitignore Import rpm: c8s 2023-02-27 12:22:41 -05:00
bind93-rh490837.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind97-rh478718.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind97-rh645544.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind97-rh669163.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind99-rh640538.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.3.1rc1-sdb_tools-Makefile.in Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.3.2-redhat_doc.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.3.2b1-fix_sdb_ldap.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.3.2b2-sdbsrc.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.5-dlz-64bit.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.5-PIE.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.9.1-P2-dlz-libdb.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.9.1-P2-multlib-conflict.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.10-dist-native-pkcs11.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.10-sdb.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.10-use-of-strlcat.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-CVE-2021-25220-test.patch Auto sync2gitlab import of bind-9.11.36-7.el8.src.rpm 2022-11-24 08:09:45 +00:00
bind-9.11-CVE-2021-25220.patch Auto sync2gitlab import of bind-9.11.36-7.el8.src.rpm 2022-11-24 08:09:45 +00:00
bind-9.11-CVE-2022-2795.patch Auto sync2gitlab import of bind-9.11.36-7.el8.src.rpm 2022-11-24 08:09:45 +00:00
bind-9.11-CVE-2023-2828-fixup.patch Do not use header_prev in expire_lru_headers 2024-03-27 19:08:50 +01:00
bind-9.11-CVE-2023-2828.patch Fix CVE-2023-2828 2023-07-19 18:16:33 +02:00
bind-9.11-CVE-2023-4408.patch Use hashtable when parsing a message 2024-03-26 18:05:44 +01:00
bind-9.11-CVE-2023-50387.patch Fail the DNSSEC validation on the first failure 2024-03-26 18:07:39 +01:00
bind-9.11-dhcp-time-monotonic.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-engine-pkcs11.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-export-suffix.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-fips-code-includes.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-fips-code.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-fips-disable.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-fips-tests.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-host-idn-disable.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-json-c.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-kyua-pkcs11.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-oot-manual.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-pk11.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-rh1205168.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-rh1410433.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-rh1668682.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-rh1980757.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-rh2101712.patch Auto sync2gitlab import of bind-9.11.36-3.el8_6.3.src.rpm 2022-11-09 04:10:38 +00:00
bind-9.11-rh2133889.patch Auto sync2gitlab import of bind-9.11.36-8.el8.src.rpm 2023-02-18 00:15:37 +00:00
bind-9.11-rt31459.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-rt46047.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-serve-stale.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-stale-cache.patch Do not keep stale records by default 2023-10-09 19:11:01 +02:00
bind-9.11-unit-disable-random.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.11-zone2ldap.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.15-resolver-ntasks.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-9.16-CVE-2022-3094-1.patch Prevent flooding with UPDATE requests 2023-03-30 19:41:23 +02:00
bind-9.16-CVE-2022-3094-2.patch Prevent flooding with UPDATE requests 2023-03-30 19:41:23 +02:00
bind-9.16-CVE-2022-3094-3.patch Prevent flooding with UPDATE requests 2023-03-30 19:41:23 +02:00
bind-9.16-CVE-2022-3094-test.patch test failure conditions 2023-03-30 19:41:23 +02:00
bind-9.16-CVE-2022-38177.patch Auto sync2gitlab import of bind-9.11.36-5.el8.src.rpm 2022-10-03 18:11:31 +00:00
bind-9.16-CVE-2022-38178.patch Auto sync2gitlab import of bind-9.11.36-5.el8.src.rpm 2022-10-03 18:11:31 +00:00
bind-9.16-CVE-2023-3341.patch Fix CVE-2023-3341 2023-09-20 13:33:25 +02:00
bind-9.16-update-b.root-servers.net.patch Update addresses of b.root-servers.net 2024-02-26 13:17:13 +01:00
bind-95-rh452060.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind-96-old-api.patch Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
bind.spec Do not use header_prev in expire_lru_headers 2024-03-27 19:08:50 +01:00
bind.tmpfiles.d Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
dnszone.schema Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
gating.yaml Remove dist-git based test reference from gating 2023-04-04 16:32:12 +02:00
generate-rndc-key.sh Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
ldap2zone.1 Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
ldap2zone.c Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-chroot-setup.service Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-chroot.files Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-chroot.service Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-pkcs11.service Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-sdb-chroot-setup.service Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-sdb-chroot.service Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-sdb.8 Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-sdb.service Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named-setup-rndc.service Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.conf Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.conf.sample Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.empty Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.localhost Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.logrotate Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.loopback Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.rfc1912.zones Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.root Update addresses of b.root-servers.net 2024-02-26 13:17:13 +01:00
named.root.key Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.rwtab Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.service Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
named.sysconfig Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
README.sdb_pgsql Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
setup-named-chroot.sh Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
setup-named-softhsm.sh Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
sources Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
trusted-key.key Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
zone2sqlite.1 Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00
zonetodb.1 Auto sync2gitlab import of bind-9.11.36-4.el8.src.rpm 2022-07-26 12:11:24 +00:00

			PGSQL BIND SDB driver

The postgresql BIND SDB driver is of experimental status and should not be 
used for production systems.

Usage:

o Use the named_sdb process ( put ENABLE_SDB=yes in /etc/sysconfig/named )

o Edit your named.conf to contain a database zone, eg. :
  
zone "pgdb.net." IN {
        type master;
        database "pgsql  bind        pgdb     localhost pguser pgpasswd";
        #                ^- DB name  ^-Table  ^-host    ^-user ^-password
};

o Create the database zone table
  The table must contain the columns "name", "rdtype", and "rdata", and
  is expected to contain a properly constructed zone.  The program "zonetodb"
  creates such a table.
  
  zonetodb usage:
    
    zonetodb origin file dbname dbtable

    where
	origin : zone origin, eg "pgdb.net."
	file   : master zone database file, eg. pgdb.net.db
	dbname : name of postgresql database 
        dbtable: name of table in database

    Eg. to import this zone in the file 'pgdb.net.db' into the 'bind' database 
        'pgdb' table:

---
#pgdb.net.db:
$TTL 1H
@       SOA     localhost.      root.localhost. (       1
                                                3H
                                                1H
                                                1W
                                                1H )
        NS      localhost.
host1   A       192.168.2.1
host2   A       192.168.2.2
host3   A       192.168.2.3
host4   A       192.168.2.4
host5   A       192.168.2.5
host6   A       192.168.2.6
host7   A       192.168.2.7
---

Issue this command as the pgsql user authorized to update the bind database:
 
# zonetodb pgdb.net. pgdb.net.db bind pgdb

will create / update the pgdb table in the 'bind' db:

$ psql -dbind -c 'select * from pgdb;'
      name      | ttl  | rdtype |                        rdata
----------------+------+--------+-----------------------------------------------------
 pgdb.net       | 3600 | SOA    | localhost. root.localhost. 1 10800 3600 604800 3600
 pgdb.net       | 3600 | NS     | localhost.
 host1.pgdb.net | 3600 | A      | 192.168.2.1
 host2.pgdb.net | 3600 | A      | 192.168.2.2
 host3.pgdb.net | 3600 | A      | 192.168.2.3
 host4.pgdb.net | 3600 | A      | 192.168.2.4
 host5.pgdb.net | 3600 | A      | 192.168.2.5
 host6.pgdb.net | 3600 | A      | 192.168.2.6
 host7.pgdb.net | 3600 | A      | 192.168.2.7
(9 rows)

I've tested exactly the above configuration with bind-sdb-9.3.1+ and it works OK.

NOTE: If you use pgsqldb SDB, ensure the postgresql service is started before the named
      service .

USE AT YOUR OWN RISK!