From 195bb063de475c3869b137b2fc50eba1c7c34782 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Thu, 18 Jul 2024 17:33:01 +0200
Subject: [PATCH] Resolve CVE-2024-4076

6403.	[security]	qctx-zversion was not being cleared when it should have
			been leading to an assertion failure if it needed to be
			reused. (CVE-2024-4076) [GL #4507]

Resolves: RHEL-50874
---
 bind-9.18-CVE-2024-4076.patch | 29 +++++++++++++++++++++++++++++
 bind9.16.spec                 |  4 ++++
 2 files changed, 33 insertions(+)
 create mode 100644 bind-9.18-CVE-2024-4076.patch

diff --git a/bind-9.18-CVE-2024-4076.patch b/bind-9.18-CVE-2024-4076.patch
new file mode 100644
index 0000000..2e12135
--- /dev/null
+++ b/bind-9.18-CVE-2024-4076.patch
@@ -0,0 +1,29 @@
+From 274463c5b71db87a615694889da23837ba48db9a Mon Sep 17 00:00:00 2001
+From: Petr Mensik <pemensik@redhat.com>
+Date: Tue, 16 Jul 2024 19:49:26 +0200
+Subject: [PATCH] Resolve CVE-2024-4076
+
+6403.	[security]	qctx-zversion was not being cleared when it should have
+			been leading to an assertion failure if it needed to be
+			reused. (CVE-2024-4076) [GL #4507]
+
+Resolves: CVE-2024-4076
+---
+ lib/ns/query.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/ns/query.c b/lib/ns/query.c
+index 537d332..be4cbb6 100644
+--- a/lib/ns/query.c
++++ b/lib/ns/query.c
+@@ -5325,6 +5325,7 @@ qctx_freedata(query_ctx_t *qctx) {
+ 		ns_client_releasename(qctx->client, &qctx->zfname);
+ 		dns_db_detachnode(qctx->zdb, &qctx->znode);
+ 		dns_db_detach(&qctx->zdb);
++		qctx->zversion = NULL;
+ 	}
+ 
+ 	if (qctx->event != NULL && !qctx->client->nodetach) {
+-- 
+2.45.2
+
diff --git a/bind9.16.spec b/bind9.16.spec
index 8949094..c5f9949 100644
--- a/bind9.16.spec
+++ b/bind9.16.spec
@@ -154,6 +154,8 @@ Patch205: bind-9.16-CVE-2024-1975.patch
 # https://gitlab.isc.org/isc-projects/bind9/commit/fdabf4b9570a60688f9f7d1e88d885f7a3718bca
 # https://gitlab.isc.org/isc-projects/bind9/commit/8ef414a7f38a04cfc11df44adaedaf3126fa3878
 Patch206: bind-9.16-CVE-2024-1737.patch
+# https://gitlab.isc.org/isc-projects/bind9/commit/a61be8eef0ee0ca8fd8036ccb61c6f9b728158ce
+Patch207: bind-9.18-CVE-2024-4076.patch
 
 %{?systemd_ordering}
 Requires:       coreutils
@@ -481,6 +483,7 @@ in HTML and PDF format.
 %patch204 -p1 -b .CVE-2023-6516-test
 %patch205 -p1 -b .CVE-2024-1975
 %patch206 -p1 -b .CVE-2024-1737
+%patch207 -p1 -b .CVE-2024-4076
 
 %if %{with PKCS11}
 %patch135 -p1 -b .config-pkcs11
@@ -1208,6 +1211,7 @@ fi;
 * Thu Jul 18 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-0.20
 - Resolve CVE-2024-1975
 - Resolve CVE-2024-1737
+- Resolve CVE-2024-4076
 
 * Wed May 15 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-0.19
 - Add few more explicit conflicts with bind subpackages (RHEL-2208)