diff --git a/bind-9.10.1-P1.tar.gz b/bind-9.10.1-P1.tar.gz new file mode 100644 index 0000000..e4c5158 --- /dev/null +++ b/bind-9.10.1-P1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:974343108d32f253a130383d0ba51290fb7bf372092f1451f264a9e3ac09898d +size 8356463 diff --git a/bind-9.10.1-P1.tar.gz.asc b/bind-9.10.1-P1.tar.gz.asc new file mode 100644 index 0000000..c3bb036 --- /dev/null +++ b/bind-9.10.1-P1.tar.gz.asc @@ -0,0 +1,12 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG/MacGPG2 v2.0.17 (Darwin) +Comment: GPGTools - http://gpgtools.org + +iQEcBAABAgAGBQJUbrEDAAoJEEWseFcYnNvFws8H/2I6YJNbUxY4rS6/alBUwIWy +N3oUSb290Szatl1sAUjlZ6SQbIgvKKxPRcp6HwKvhpecc+/Y0EAN43IWrGrndnoX +Fvfutn68I9cWCSFROnlOOlrmSFCs6Xg7OHZJy5mkf5cm9DflXYo3Xp6b1VCk7Z6j +jxuXGn7Uj4a/Ylk1ERV9ELl4qXugPj8J9bN+cjtr6iBl8yxXKwuZiiSDaZZf36w0 +SziClj2G8CA0UOGDu7XxPENJdJZPmS+sopxXWBpU7pL0EojcrFPbGENU9FtzHrjq +oVte/sQlrXfZXjo4op7tTeQH7d7PE6i01p+VJwG9YDtAQ3HA5jovSTBiiEtICfU= +=LVgj +-----END PGP SIGNATURE----- diff --git a/bind-9.10.1.tar.gz b/bind-9.10.1.tar.gz deleted file mode 100644 index 7800b95..0000000 --- a/bind-9.10.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5361eca2b8b6bc0b13904b0f964336a478dfbc165711547f6cc3f8752ac60181 -size 8353313 diff --git a/bind-9.10.1.tar.gz.asc b/bind-9.10.1.tar.gz.asc deleted file mode 100644 index 03acc10..0000000 --- a/bind-9.10.1.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.11 (GNU/Linux) - -iQEcBAABAgAGBQJUIAfBAAoJEEWseFcYnNvFmosIAMQn2vFb2j6iIqop7Fg4cJs5 -0hR1gFdcwkBZELKbLXkpL8qGOYrF9A8Wdjraf8i2iLUwZ1qsWLSL1wMokgamacRT -8VsQnfS6o1CO/uVrB7QysWmcovuAuHNj1d4v2M6CIGnbuUneQ6sQf28u6TWG6ENW -RtKUcz418WwghvQlBmoi2BVxluR+/15im87eUMsNajWRtNPLZJc2KvFnKHiZFvTU -36ffiAUC3nL/+61pHz7JvxzpJtgjyGtgSF16unPXAI1Oyg7lZOw0+cNUOnzclYy/ -UGw83PwxxtBjm9WmLPfnUqXPWKNzjCRPAiEDOvyCjEKD+HamDA7YxvV9D82aQW4= -=klq+ ------END PGP SIGNATURE----- diff --git a/bind.changes b/bind.changes index 23f748e..523f071 100644 --- a/bind.changes +++ b/bind.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Tue Dec 9 21:45:10 UTC 2014 - lmuelle@suse.com + +- Update to version 9.10.1-P1 + - A flaw in delegation handling could be exploited to put named into an + infinite loop. This has been addressed by placing limits on the number of + levels of recursion named will allow (default 7), and the number of + iterative queries that it will send (default 50) before terminating a + recursive query (CVE-2014-8500); (bnc#908994). + The recursion depth limit is configured via the "max-recursion-depth" + option, and the query limit via the "max-recursion-queries" option. + [RT #37580] + - When geoip-directory was reconfigured during named run-time, the + previously loaded GeoIP data could remain, potentially causing wrong ACLs + to be used or wrong results to be served based on geolocation + (CVE-2014-8680). [RT #37720]; (bnc#908995). + - Lookups in GeoIP databases that were not loaded could cause an assertion + failure (CVE-2014-8680). [RT #37679]; (bnc#908995). + - The caching of GeoIP lookups did not always handle address families + correctly, potentially resulting in an assertion failure (CVE-2014-8680). + [RT #37672]; (bnc#908995). + ------------------------------------------------------------------- Sun Dec 7 16:54:03 UTC 2014 - jengelh@inai.de diff --git a/bind.spec b/bind.spec index ecbd919..b774251 100644 --- a/bind.spec +++ b/bind.spec @@ -18,8 +18,8 @@ Name: bind %define pkg_name bind -%define pkg_vers 9.10.1 -%define rpm_vers 9.10.1 +%define pkg_vers 9.10.1-P1 +%define rpm_vers 9.10.1P1 %define idn_vers 1.0 Summary: Domain Name System (DNS) Server (named) License: ISC