- Named could die on specially crafted record.

[RT #30416] (bnc#780157) CVE-2012-4244
- 9.9.1-P3
- updated dnszone-schema.txt from upstream.

OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=96
This commit is contained in:
Marcus Meissner 2012-09-15 16:23:25 +00:00 committed by Git OBS Bridge
parent 9d3afd5a9e
commit a16486cc98
5 changed files with 33 additions and 65 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a46ecf6177b69d6e9a83a15f792d0594adcc8e800086208dd9b84452afb84d0e
size 7223896

3
bind-9.9.1-P3.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1cdb83db76d6f8554dea19e3bd82b8d65261a24b9ce9fc948eade8c57569e302
size 7217415

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Sat Sep 15 16:20:32 UTC 2012 - meissner@suse.com
- Named could die on specially crafted record.
[RT #30416] (bnc#780157) CVE-2012-4244
- 9.9.1-P3
- updated dnszone-schema.txt from upstream.
-------------------------------------------------------------------
Thu Jul 26 11:08:11 CEST 2012 - ug@suse.de

View File

@ -18,7 +18,7 @@
Name: bind
%define pkg_name bind
%define pkg_vers 9.9.1-P2
%define pkg_vers 9.9.1-P3
BuildRequires: krb5-devel
BuildRequires: libcap
BuildRequires: libcap-devel
@ -32,7 +32,7 @@ BuildRequires: update-desktop-files
Summary: Domain Name System (DNS) Server (named)
License: ISC
Group: Productivity/Networking/DNS/Servers
Version: 9.9.1P2
Version: 9.9.1P3
Release: 0
Provides: bind8
Provides: bind9

View File

@ -1,12 +1,8 @@
# A schema for storing DNS zones in LDAP
#
# ORDERING is not necessary, and some servers don't support
# integerOrderingMatch. Omit or change if you like
attributetype ( 1.3.6.1.4.1.2428.20.0.0 NAME 'dNSTTL'
DESC 'An integer denoting time to live'
EQUALITY integerMatch
ORDERING integerOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
attributetype ( 1.3.6.1.4.1.2428.20.0.1 NAME 'dNSClass'
@ -14,8 +10,14 @@ attributetype ( 1.3.6.1.4.1.2428.20.0.1 NAME 'dNSClass'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.11 NAME 'wKSRecord'
DESC 'a well known service description, RFC 1035'
attributetype ( 1.3.6.1.4.1.2428.20.0.2 NAME 'zoneName'
DESC 'The name of a zone, i.e. the name of the highest node in the zone'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.0.3 NAME 'relativeDomainName'
DESC 'The starting labels of a domain name'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
@ -44,12 +46,6 @@ attributetype ( 1.3.6.1.4.1.2428.20.1.16 NAME 'tXTRecord'
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.17 NAME 'rPRecord'
DESC 'for Responsible Person, RFC 1183'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.18 NAME 'aFSDBRecord'
DESC 'for AFS Data Base location, RFC 1183'
EQUALITY caseIgnoreIA5Match
@ -68,12 +64,6 @@ attributetype ( 1.3.6.1.4.1.2428.20.1.25 NAME 'KeyRecord'
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.27 NAME 'gPosRecord'
DESC 'Geographical Position, RFC 1712'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.28 NAME 'aAAARecord'
DESC 'IPv6 address, RFC 1886'
EQUALITY caseIgnoreIA5Match
@ -128,12 +118,6 @@ attributetype ( 1.3.6.1.4.1.2428.20.1.39 NAME 'dNameRecord'
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.42 NAME 'aPLRecord'
DESC 'Lists of Address Prefixes, RFC 3123'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.43 NAME 'dSRecord'
DESC 'Delegation Signer, RFC 3658'
EQUALITY caseIgnoreIA5Match
@ -141,13 +125,7 @@ attributetype ( 1.3.6.1.4.1.2428.20.1.43 NAME 'dSRecord'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.44 NAME 'sSHFPRecord'
DESC 'SSH Key Fingerprint, RFC 4255'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.45 NAME 'iPSecKeyRecord'
DESC 'SSH Key Fingerprint, RFC 4025'
DESC 'SSH Key Fingerprint, draft-ietf-secsh-dns-05.txt'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
@ -164,32 +142,14 @@ attributetype ( 1.3.6.1.4.1.2428.20.1.47 NAME 'nSECRecord'
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.48 NAME 'dNSKeyRecord'
DESC 'DNSKEY, RFC 3755'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.49 NAME 'dHCIDRecord'
DESC 'DHCID, RFC 4701'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.99 NAME 'sPFRecord'
DESC 'Sender Policy Framework, RFC 4408'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
objectclass ( 1.3.6.1.4.1.2428.20.2 NAME 'dNSDomain2'
SUP 'dNSDomain' STRUCTURAL
MAY ( DNSTTL $ DNSClass $ WKSRecord $ PTRRecord $
HINFORecord $ MINFORecord $ TXTRecord $ RPRecord $
AFSDBRecord $ SIGRecord $ KEYRecord $ GPOSRecord $
AAAARecord $ LOCRecord $ NXTRecord $ SRVRecord $
NAPTRRecord $ KXRecord $ CERTRecord $ A6Record $
DNAMERecord $ APLRecord $ DSRecord $ SSHFPRecord $
IPSECKEYRecord $ RRSIGRecord $ NSECRecord $
DNSKEYRecord $ DHCIDRecord $ SPFRecord
) )
objectclass ( 1.3.6.1.4.1.2428.20.3 NAME 'dNSZone'
SUP top STRUCTURAL
MUST ( zoneName $ relativeDomainName )
MAY ( DNSTTL $ DNSClass $
ARecord $ MDRecord $ MXRecord $ NSRecord $
SOARecord $ CNAMERecord $ PTRRecord $ HINFORecord $
MINFORecord $ TXTRecord $ AFSDBRecord $ SIGRecord $
KEYRecord $ AAAARecord $ LOCRecord $ NXTRecord $
SRVRecord $ NAPTRRecord $ KXRecord $ CERTRecord $
A6Record $ DNAMERecord $ DSRecord $ SSHFPRecord $
RRSIGRecord $ NSECRecord ) )