aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon L. B. Nielsen <simon@FreeBSD.org>2012-08-06 21:33:11 +0000
committerSimon L. B. Nielsen <simon@FreeBSD.org>2012-08-06 21:33:11 +0000
commite5fdc1ec7143f0788630bf033e0a456ea8542c02 (patch)
treed54e2d43913cf4ad554ac9c79c03ff1a61b56dd6
parent03bfa4c289a83087dec6e108481aca8e39418eb0 (diff)
downloadsrc-e5fdc1ec7143f0788630bf033e0a456ea8542c02.tar.gz
src-e5fdc1ec7143f0788630bf033e0a456ea8542c02.zip
Fix named(8) DNSSEC validation Denial of Service.
Security: FreeBSD-SA-12:05.bind Security: CVE-2012-3817 Obtained from: ISC Approved by: so (simon)
Notes
Notes: svn path=/releng/8.3/; revision=239108
-rw-r--r--UPDATING3
-rw-r--r--contrib/bind9/lib/dns/resolver.c5
-rw-r--r--sys/conf/newvers.sh2
3 files changed, 7 insertions, 3 deletions
diff --git a/UPDATING b/UPDATING
index 39a64129231c..86955c294fd0 100644
--- a/UPDATING
+++ b/UPDATING
@@ -15,6 +15,9 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.x IS SLOW ON IA64 OR SUN4V:
debugging tools present in HEAD were left in place because
sun4v support still needs work to become production ready.
+20120806: p4 FreeBSD-SA-12:05.bind
+ Fix named(8) DNSSEC validation Denial of Service.
+
20120612: p3 FreeBSD-SA-12:03.bind
FreeBSD-SA-12:04.sysret
FreeBSD-EN-12:02.ipv6refcount
diff --git a/contrib/bind9/lib/dns/resolver.c b/contrib/bind9/lib/dns/resolver.c
index dbeb060fbcd8..b2fe3cac9148 100644
--- a/contrib/bind9/lib/dns/resolver.c
+++ b/contrib/bind9/lib/dns/resolver.c
@@ -7991,6 +7991,7 @@ dns_resolver_addbadcache(dns_resolver_t *resolver, dns_name_t *name,
goto cleanup;
bad->type = type;
bad->hashval = hashval;
+ bad->expire = *expire;
isc_buffer_init(&buffer, bad + 1, name->length);
dns_name_init(&bad->name, NULL);
dns_name_copy(name, &bad->name, &buffer);
@@ -8002,8 +8003,8 @@ dns_resolver_addbadcache(dns_resolver_t *resolver, dns_name_t *name,
if (resolver->badcount < resolver->badhash * 2 &&
resolver->badhash > DNS_BADCACHE_SIZE)
resizehash(resolver, &now, ISC_FALSE);
- }
- bad->expire = *expire;
+ } else
+ bad->expire = *expire;
cleanup:
UNLOCK(&resolver->lock);
}
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 7943050731b9..97c66c5b9761 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="8.3"
-BRANCH="RELEASE-p3"
+BRANCH="RELEASE-p4"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi