aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon L. B. Nielsen <simon@FreeBSD.org>2009-07-29 00:14:14 +0000
committerSimon L. B. Nielsen <simon@FreeBSD.org>2009-07-29 00:14:14 +0000
commit7cc4540e3901660a7899288dbae64b5440777100 (patch)
tree1f9b402b49fa0be1c2a62bcf2bca8a239792a917
parent90c934b8926926502eca5d72b3f66a9ad00e38d9 (diff)
downloadsrc-7cc4540e3901660a7899288dbae64b5440777100.tar.gz
src-7cc4540e3901660a7899288dbae64b5440777100.zip
Fix BIND named(8) dynamic update message remote DoS.
Obtained from: ISC Security: FreeBSD-SA-09:12.bind Security: CVE-2009-0696 Approved by: so (simon)
Notes
Notes: svn path=/releng/7.2/; revision=195935
-rw-r--r--UPDATING3
-rw-r--r--contrib/bind9/bin/named/update.c6
-rw-r--r--sys/conf/newvers.sh2
3 files changed, 9 insertions, 2 deletions
diff --git a/UPDATING b/UPDATING
index 6a921b2011b1..19b109100088 100644
--- a/UPDATING
+++ b/UPDATING
@@ -8,6 +8,9 @@ Items affecting the ports and packages system can be found in
/usr/ports/UPDATING. Please read that file before running
portupgrade.
+20090729: p3 FreeBSD-SA-09:12.bind
+ Fix BIND named(8) dynamic update message remote DoS.
+
20090624: p2 FreeBSD-EN-09:02.bce, FreeBSD-EN-09:03.fxp,
FreeBSD-EN-09:04.fork
Fix packet length calculation in bce(4). [EN-09:02]
diff --git a/contrib/bind9/bin/named/update.c b/contrib/bind9/bin/named/update.c
index fb6dec2f11e0..8c122d3ef0a3 100644
--- a/contrib/bind9/bin/named/update.c
+++ b/contrib/bind9/bin/named/update.c
@@ -865,7 +865,11 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db,
if (type == dns_rdatatype_rrsig ||
type == dns_rdatatype_sig)
covers = dns_rdata_covers(&t->rdata);
- else
+ else if (type == dns_rdatatype_any) {
+ dns_db_detachnode(db, &node);
+ dns_diff_clear(&trash);
+ return (DNS_R_NXRRSET);
+ } else
covers = 0;
/*
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 22ebb11ee348..bbf24306e398 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="7.2"
-BRANCH="RELEASE-p2"
+BRANCH="RELEASE-p3"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi