security fix bnc#558260

OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=15
2009-11-25 08:58:14 +00:00 · 2009-11-25 08:58:14 +00:00 · 697efdaae1
commit 697efdaae1
parent 4eb14b4e9b
4 changed files with 16 additions and 5 deletions
--- a/bind-9.6.1P1.tar.gz
+++ b/bind-9.6.1P1.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a7150cd712efbc40611d88ea1ba72a85bd7ceb4aa86edfdd98d9ad8a0dd30515
-size 6609714
--- a/bind-9.6.1P2.tar.gz
+++ b/bind-9.6.1P2.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:094ff51bd0f4eec62a3410b82ffe31c273590bac042a3bd817a67f5b88bbfc24
+size 6699115
--- a/bind.changes
+++ b/bind.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Wed Nov 25 09:44:13 CET 2009 - ug@suse.de
+
+- Security fix
+  When validating, track whether pending data was from
+  the additional section or not and only return it if
+  validates as secure. [RT #20438]
+  CVE-2009-4022
+  bnc#558260
+- update from P1 to P2
+
 -------------------------------------------------------------------
 Fri Nov 20 10:08:50 CET 2009 - ug@suse.de

--- a/bind.spec
+++ b/bind.spec
@ -20,11 +20,11 @@

 Name:           bind
 %define pkg_name bind
-%define pkg_vers 9.6.1P1
+%define pkg_vers 9.6.1P2
 #BuildRequires:  openldap2 openldap2-devel
 BuildRequires:  libcap libcap-devel libmysqlclient-devel libxml2-devel openssl openssl-devel
 Summary:        Domain Name System (DNS) Server (named)
-Version:        9.6.1P1
+Version:        9.6.1P2
 Release:        5
 %define       SDB_LDAP_VERSION      1.0-beta
 License:        BSD 3-clause (or similar) ; MIT License (or similar)