aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJacques Vidrine <nectar@FreeBSD.org>2003-11-27 00:56:06 +0000
committerJacques Vidrine <nectar@FreeBSD.org>2003-11-27 00:56:06 +0000
commit14267b05ef0d98dafe9b4bfd1123d95fce4f2d22 (patch)
treee391a05d741f08322cde1d65a6c298e1756111c0
parentf0668e5da54a2603cd1ce63975c6b756c3e84732 (diff)
downloadsrc-14267b05ef0d98dafe9b4bfd1123d95fce4f2d22.tar.gz
src-14267b05ef0d98dafe9b4bfd1123d95fce4f2d22.zip
Correct a remote denial-of-service attack in named(8).
Notes
Notes: svn path=/releng/4.9/; revision=122997
-rw-r--r--UPDATING12
-rw-r--r--contrib/bind/Version2
-rw-r--r--contrib/bind/bin/named/ns_resp.c12
-rw-r--r--sys/conf/newvers.sh2
4 files changed, 23 insertions, 5 deletions
diff --git a/UPDATING b/UPDATING
index cab075a7069b..2a46a2b5f9f9 100644
--- a/UPDATING
+++ b/UPDATING
@@ -8,6 +8,18 @@ A reverse chronology since 4.0 was released is included, followed by
the common items quick how-tos, followed by entries for versions of
-current prior to 4.0 Release.
+This is for the 4.9 release branch. All entries since 4.9 are an
+itemized list of commits to this branch, numbered from the beginning.
+
+The security advisories related to various patches contain information
+on how to build/install a minimal set of binaries and start/stop a
+minimal number of processes, if possible, for that patch. For those
+updates that don't have an advisory, or to be safe, you can do a full
+build and install as described in the COMMON ITEMS section.
+
+20031126: p1 FreeBSD-SA-03:19.bind
+ Corrected remote denial-of-service vulnerability in named(8).
+
20031028:
FreeBSD 4.9-RELEASE.
diff --git a/contrib/bind/Version b/contrib/bind/Version
index 68b8c56cef46..1d6c5bf1101c 100644
--- a/contrib/bind/Version
+++ b/contrib/bind/Version
@@ -1 +1 @@
-8.3.6-REL
+8.3.6-REL-p1
diff --git a/contrib/bind/bin/named/ns_resp.c b/contrib/bind/bin/named/ns_resp.c
index 0174f9f02034..64dfa26e3d8e 100644
--- a/contrib/bind/bin/named/ns_resp.c
+++ b/contrib/bind/bin/named/ns_resp.c
@@ -271,7 +271,7 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp)
int soacount;
u_int qtype, qclass;
int validanswer, dbflags;
- int cname, lastwascname, externalcname;
+ int cname, lastwascname, externalcname, cachenegative;
int count, founddata, foundname;
int buflen;
int newmsglen;
@@ -911,6 +911,7 @@ tcp_retry:
cname = 0;
lastwascname = 0;
externalcname = 0;
+ cachenegative = 1;
strcpy(aname, qname);
if (count) {
@@ -980,6 +981,7 @@ tcp_retry:
name);
db_detach(&dp);
validanswer = 0;
+ cachenegative = 0;
continue;
}
if (type == T_CNAME &&
@@ -1014,6 +1016,7 @@ tcp_retry:
"last was cname, ignoring auth. and add.");
db_detach(&dp);
validanswer = 0;
+ cachenegative = 0;
break;
}
if (i < arfirst) {
@@ -1029,6 +1032,7 @@ tcp_retry:
sin_ntoa(from));
db_detach(&dp);
validanswer = 0;
+ cachenegative = 0;
continue;
} else if (!ns_samedomain(name,
qp->q_domain)) {
@@ -1042,6 +1046,7 @@ tcp_retry:
sin_ntoa(from));
db_detach(&dp);
validanswer = 0;
+ cachenegative = 0;
continue;
}
if (type == T_NS) {
@@ -1205,8 +1210,9 @@ tcp_retry:
)
)
{
- cache_n_resp(msg, msglen, from, qp->q_name,
- qp->q_class, qp->q_type);
+ if (cachenegative)
+ cache_n_resp(msg, msglen, from, qp->q_name,
+ qp->q_class, qp->q_type);
if (!qp->q_cmsglen && validanswer) {
ns_debug(ns_log_default, 3,
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 62bb4b4d7614..b3605b4e8311 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -36,7 +36,7 @@
TYPE="FreeBSD"
REVISION="4.9"
-BRANCH="RELEASE"
+BRANCH="RELEASE-p1"
RELEASE="${REVISION}-${BRANCH}"
VERSION="${TYPE} ${RELEASE}"