- Update to 9.9.3P2 fixes CVE-2013-4854, bnc#831899.

* Incorrect bounds checking on private type 'keydata' can lead
    to a remotely triggerable REQUIRE failure.

OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=125
This commit is contained in:
Reinhard Max 2013-08-05 14:51:21 +00:00 committed by Git OBS Bridge
parent 8e89b870e6
commit 28ef07b698
9 changed files with 381 additions and 296 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1baa22e47c3b307c5fcc7aaf6700dd5953b5b9b7737d1e36117545af7bdbb435
size 7459819

View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (NetBSD)
iQEcBAABAgAGBQJRrkT/AAoJEEWseFcYnNvF10kH/2hDHZitnJyuJNbmdgxn76vt
2LLzT+OQwMaq1owbyQHrY3jsKWNgGpB0toRApAyC6y0AJUgNjpNS7xvZcMaZXqam
YQAyib+tGthCtIGOAQxYQae/lhuykip87Xi31jGwZzRnCSwUOHoPJ3iWk8XbM34c
lKzAvsOimnpU8MxAyFPTO792A4INffiuH0UtnmBjSPACguO3/Nx+EJFxgtq7nx+e
NXMKENI0UYxTuwL8MfMnweB69gTQyJOuYUznRfm+CeX3BdhslLzDvWlaVSngaXbP
YTFxLaH/QuXHri1anKWMP8++rWhsNn1n0DvOmiu8DpOslZ4+UmHXyTpGXB3JwYw=
=eKF8
-----END PGP SIGNATURE-----

3
bind-9.9.3-P2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5e8ab06c7b73f38b47ce9ad12ca0afa7c714bbba2f6b7421c26c0d8b84b6c678
size 7459422

11
bind-9.9.3-P2.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (NetBSD)
iQEcBAABAgAGBQJR8sogAAoJEEWseFcYnNvFyMUIAJ3AfF7bF4rUajtXA5cj8HoE
8pQsCvf1nYUoFQv1AwovA6PNc+EpQVtPkpQlItaIdacyN1ewjsoPEMcWdA8Xk0z1
T0CpJIZfAlGl1QZBAqGnxt4KH4kHAuhQiT9S1boIPOdlHJ84NRD94et+hQfdqWIX
dG4vyChOAYlNFwfQd97JyxWjplRT0YbaWQ8YoWh3puH33jC6yX0v8VfY0g0ga7Ul
hz3PIiZo51JkVcWtsy5qf1WAVSqthzy6KB9MsXJZR7i+2H6t/1/7FK/niBPdASQB
czR7gLmjuk/G5dJ1ZkEosJVEILjfLn9rTLKwf2d8dkgJwrZDpMyNMTqSUJgsRHQ=
=Y9CU
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Mon Aug 5 14:50:20 UTC 2013 - max@suse.com
- Update to 9.9.3P2 fixes CVE-2013-4854, bnc#831899.
* Incorrect bounds checking on private type 'keydata' can lead
to a remotely triggerable REQUIRE failure.
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Jul 24 15:37:09 UTC 2013 - max@suse.com Wed Jul 24 15:37:09 UTC 2013 - max@suse.com

View File

@ -18,7 +18,7 @@
Name: bind Name: bind
%define pkg_name bind %define pkg_name bind
%define pkg_vers 9.9.3-P1 %define pkg_vers 9.9.3-P2
BuildRequires: krb5-devel BuildRequires: krb5-devel
BuildRequires: libcap BuildRequires: libcap
BuildRequires: libcap-devel BuildRequires: libcap-devel
@ -32,7 +32,7 @@ BuildRequires: update-desktop-files
Summary: Domain Name System (DNS) Server (named) Summary: Domain Name System (DNS) Server (named)
License: ISC License: ISC
Group: Productivity/Networking/DNS/Servers Group: Productivity/Networking/DNS/Servers
Version: 9.9.3P1 Version: 9.9.3P2
Release: 0 Release: 0
Provides: bind8 Provides: bind8
Provides: bind9 Provides: bind9
@ -667,6 +667,8 @@ fi
%{_bindir}/runidn %{_bindir}/runidn
%{_sbindir}/arpaname %{_sbindir}/arpaname
%{_sbindir}/ddns-confgen %{_sbindir}/ddns-confgen
%{_sbindir}/dnssec-checkds
%{_sbindir}/dnssec-coverage
%{_sbindir}/dnssec-dsfromkey %{_sbindir}/dnssec-dsfromkey
%{_sbindir}/dnssec-keyfromlabel %{_sbindir}/dnssec-keyfromlabel
%{_sbindir}/dnssec-keygen %{_sbindir}/dnssec-keygen
@ -692,6 +694,8 @@ fi
%doc %{_mandir}/man1/nsupdate.1.gz %doc %{_mandir}/man1/nsupdate.1.gz
%doc %{_mandir}/man5/rndc.conf.5.gz %doc %{_mandir}/man5/rndc.conf.5.gz
%doc %{_mandir}/man8/ddns-confgen.8.gz %doc %{_mandir}/man8/ddns-confgen.8.gz
%doc %{_mandir}/man8/dnssec-checkds.8.gz
%doc %{_mandir}/man8/dnssec-coverage.8.gz
%doc %{_mandir}/man8/dnssec-dsfromkey.8.gz %doc %{_mandir}/man8/dnssec-dsfromkey.8.gz
%doc %{_mandir}/man8/dnssec-keyfromlabel.8.gz %doc %{_mandir}/man8/dnssec-keyfromlabel.8.gz
%doc %{_mandir}/man8/dnssec-keygen.8.gz %doc %{_mandir}/man8/dnssec-keygen.8.gz

View File

@ -1,8 +1,8 @@
Index: bin/named/include/named/globals.h Index: bin/named/include/named/globals.h
=================================================================== ===================================================================
--- bin/named/include/named/globals.h.orig --- bin/named/include/named/globals.h.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/named/include/named/globals.h +++ bin/named/include/named/globals.h 2013-08-05 14:14:28.152275375 +0200
@@ -134,9 +134,9 @@ EXTERN const char * lwresd_g_defaultpid @@ -139,9 +139,9 @@
"lwresd.pid"); "lwresd.pid");
#else #else
EXTERN const char * ns_g_defaultpidfile INIT(NS_LOCALSTATEDIR EXTERN const char * ns_g_defaultpidfile INIT(NS_LOCALSTATEDIR
@ -16,8 +16,8 @@ Index: bin/named/include/named/globals.h
EXTERN const char * ns_g_username INIT(NULL); EXTERN const char * ns_g_username INIT(NULL);
Index: contrib/nanny/nanny.pl Index: contrib/nanny/nanny.pl
=================================================================== ===================================================================
--- contrib/nanny/nanny.pl.orig --- contrib/nanny/nanny.pl.orig 2013-07-17 00:13:06.000000000 +0200
+++ contrib/nanny/nanny.pl +++ contrib/nanny/nanny.pl 2013-08-05 14:14:28.153275387 +0200
@@ -19,7 +19,7 @@ @@ -19,7 +19,7 @@
# A simple nanny to make sure named stays running. # A simple nanny to make sure named stays running.

View File

@ -1,8 +1,8 @@
Index: bin/Makefile.in Index: bin/Makefile.in
=================================================================== ===================================================================
--- bin/Makefile.in.orig --- bin/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/Makefile.in +++ bin/Makefile.in 2013-08-05 14:14:38.988411490 +0200
@@ -23,4 +23,8 @@ SUBDIRS = named rndc dig dnssec tests to @@ -23,4 +23,8 @@
check confgen @PYTHON_TOOLS@ @PKCS11_TOOLS@ check confgen @PYTHON_TOOLS@ @PKCS11_TOOLS@
TARGETS = TARGETS =
@ -13,9 +13,9 @@ Index: bin/Makefile.in
+LDFLAGS += -pie +LDFLAGS += -pie
Index: bin/dig/Makefile.in Index: bin/dig/Makefile.in
=================================================================== ===================================================================
--- bin/dig/Makefile.in.orig --- bin/dig/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/dig/Makefile.in +++ bin/dig/Makefile.in 2013-08-05 14:14:38.988411490 +0200
@@ -67,8 +67,12 @@ HTMLPAGES = dig.html host.html nslookup. @@ -69,8 +69,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES} MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -30,9 +30,9 @@ Index: bin/dig/Makefile.in
${FINALBUILDCMD} ${FINALBUILDCMD}
Index: bin/dnssec/Makefile.in Index: bin/dnssec/Makefile.in
=================================================================== ===================================================================
--- bin/dnssec/Makefile.in.orig --- bin/dnssec/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/dnssec/Makefile.in +++ bin/dnssec/Makefile.in 2013-08-05 14:14:38.988411490 +0200
@@ -64,8 +64,12 @@ HTMLPAGES = dnssec-dsfromkey.html dnssec @@ -64,8 +64,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES} MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -47,9 +47,9 @@ Index: bin/dnssec/Makefile.in
${FINALBUILDCMD} ${FINALBUILDCMD}
Index: bin/nsupdate/Makefile.in Index: bin/nsupdate/Makefile.in
=================================================================== ===================================================================
--- bin/nsupdate/Makefile.in.orig --- bin/nsupdate/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/nsupdate/Makefile.in +++ bin/nsupdate/Makefile.in 2013-08-05 14:14:38.988411490 +0200
@@ -64,8 +64,12 @@ HTMLPAGES = nsupdate.html @@ -66,8 +66,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES} MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -64,9 +64,9 @@ Index: bin/nsupdate/Makefile.in
-DSESSION_KEYFILE=\"${localstatedir}/run/named/session.key\" \ -DSESSION_KEYFILE=\"${localstatedir}/run/named/session.key\" \
Index: bin/rndc/Makefile.in Index: bin/rndc/Makefile.in
=================================================================== ===================================================================
--- bin/rndc/Makefile.in.orig --- bin/rndc/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/rndc/Makefile.in +++ bin/rndc/Makefile.in 2013-08-05 14:14:38.988411490 +0200
@@ -59,8 +59,12 @@ HTMLPAGES = rndc.html rndc.conf.html @@ -59,8 +59,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES} MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -81,9 +81,9 @@ Index: bin/rndc/Makefile.in
-DVERSION=\"${VERSION}\" \ -DVERSION=\"${VERSION}\" \
Index: bin/check/Makefile.in Index: bin/check/Makefile.in
=================================================================== ===================================================================
--- bin/check/Makefile.in.orig --- bin/check/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/check/Makefile.in +++ bin/check/Makefile.in 2013-08-05 14:14:38.988411490 +0200
@@ -57,8 +57,12 @@ HTMLPAGES = named-checkconf.html named-c @@ -57,8 +57,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES} MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -98,9 +98,9 @@ Index: bin/check/Makefile.in
-DVERSION=\"${VERSION}\" \ -DVERSION=\"${VERSION}\" \
Index: bin/named/Makefile.in Index: bin/named/Makefile.in
=================================================================== ===================================================================
--- bin/named/Makefile.in.orig --- bin/named/Makefile.in.orig 2013-08-05 14:14:27.313264836 +0200
+++ bin/named/Makefile.in +++ bin/named/Makefile.in 2013-08-05 14:14:38.988411490 +0200
@@ -109,8 +109,12 @@ HTMLPAGES = named.html lwresd.html named @@ -115,8 +115,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES} MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -115,9 +115,9 @@ Index: bin/named/Makefile.in
-DVERSION=\"${VERSION}\" \ -DVERSION=\"${VERSION}\" \
Index: bin/named/unix/Makefile.in Index: bin/named/unix/Makefile.in
=================================================================== ===================================================================
--- bin/named/unix/Makefile.in.orig --- bin/named/unix/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/named/unix/Makefile.in +++ bin/named/unix/Makefile.in 2013-08-05 14:14:38.989411502 +0200
@@ -34,4 +34,6 @@ SRCS = os.c dlz_dlopen_driver.c @@ -34,4 +34,6 @@
TARGETS = ${OBJS} TARGETS = ${OBJS}
@ -126,9 +126,9 @@ Index: bin/named/unix/Makefile.in
@BIND9_MAKE_RULES@ @BIND9_MAKE_RULES@
Index: bin/confgen/Makefile.in Index: bin/confgen/Makefile.in
=================================================================== ===================================================================
--- bin/confgen/Makefile.in.orig --- bin/confgen/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/confgen/Makefile.in +++ bin/confgen/Makefile.in 2013-08-05 14:14:38.989411502 +0200
@@ -64,8 +64,12 @@ MANOBJS = ${MANPAGES} ${HTMLPAGES} @@ -64,8 +64,12 @@
UOBJS = unix/os.@O@ UOBJS = unix/os.@O@

File diff suppressed because it is too large Load Diff