Accepting request 370068 from network

- Security update 9.10.3-P3: * CVE-2016-1285, bsc#970072: assert failure on input parsing can cause premature exit. * CVE-2016-1286, bsc#970073: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. * CVE-2016-2088, bsc#970074: a deliberately misconstructed packet containing multiple cookie options to cause named to terminate with an assertion failure. OBS-URL: https://build.opensuse.org/request/show/370068 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bind?expand=0&rev=114
2016-03-18 20:33:29 +00:00 · 2016-03-18 20:33:29 +00:00 · 7ad85aecdc
commit 7ad85aecdc
parent c470e3f7b2 2d8afe69b8
6 changed files with 29 additions and 16 deletions
--- a/bind-9.10.3-P3.tar.gz
+++ b/bind-9.10.3-P3.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:690810d1fbb72afa629e74638d19cd44e28d2b2e5eb63f55c705ad85d1a4cb83
-size 8527540
--- a/bind-9.10.3-P3.tar.gz.asc
+++ b/bind-9.10.3-P3.tar.gz.asc
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQEcBAABAgAGBQJWlvHcAAoJEG+m68mRGkwCz8kIALzyviUld+Gtp9jmTtvEhDEx
-W7Cw9Pg7t+hsZucE7lTQ76PA9/znljXgziMH51fBO0SWmrHJvyrBzY7cu92ILWAo
-S7G+JFElMcZ05hJ5u/oijZLznBW31AA1C7wkAyZirFGxrahpkHYIYNfUNCKH6YqZ
-xRARY7/Fk3dwg+/LRi0x4eCXNGWUdHUQwpOaswlE0xtk2H5q76RuZC6w53HNngaq
-lbmVcEqxQ6m0PMqWNgO/4pvyW1+n0CheJ/11sz8SbUmhMH08kYRRGHsFhcsAfUL4
-X6aDPl3mQZrOTmdPc5c+BPWbB2N3xDcbFOqKmzAAEZIIraINs2aNYicbk0yC9OI=
-=BszB
-----END PGP SIGNATURE-----
--- a/bind-9.10.3-P4.tar.gz
+++ b/bind-9.10.3-P4.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2ac044b5fbdf45fb45107af0df961b3b7cb5262a3bf1948ed3fe7a170dd13e3e
+size 8529535
--- a/bind-9.10.3-P4.tar.gz.asc
+++ b/bind-9.10.3-P4.tar.gz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Comment: GPGTools - http://gpgtools.org
+
+iQEcBAABAgAGBQJW1319AAoJEG+m68mRGkwC5S0H/AuD9XbH5GUvp8qedIT1nJX5
+9ifEodnIMsEqVFQVgAmRZHJp7dehq5gGXiWGn/7MD5WQzcxeRi3fIgrxcl6Gm2ig
+IV14kzK3xHQcdY97qJvSzwk72tBIRKG3M/PnvTaVpMb7Q/gWhVR8qXpbRtwEQ8NX
+mhO7Zut+idK45a48COnvqAMMQBNwjrz6WIYBoP1jvTY7jtM0GXJTmvVlEUxUgT71
+DiFthDL6pk90jjg+nbyvXK8tWEusGzGfDLHpfkZNIjYuoNh8vZbxLza3w6EmSoer
+D5/55C18U4bv4araCpbAh3HN3hMKh/OdjOpmJEBc6Lwj1UoiAZqbv28C7kIGklU=
+=2RyL
+-----END PGP SIGNATURE-----
--- a/bind.changes
+++ b/bind.changes
@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Fri Mar 11 13:56:10 UTC 2016 - max@suse.com
+
+- Security update 9.10.3-P3:
+  * CVE-2016-1285, bsc#970072: assert failure on input parsing can
+    cause premature exit.
+  * CVE-2016-1286, bsc#970073: An error when parsing signature
+    records for DNAME can lead to named exiting due to an assertion
+    failure.
+  * CVE-2016-2088, bsc#970074: a deliberately misconstructed packet
+    containing multiple cookie options to cause named to terminate
+    with an assertion failure.
+
 -------------------------------------------------------------------
 Thu Feb 25 16:10:45 UTC 2016 - bwiedemann@suse.com

--- a/bind.spec
+++ b/bind.spec
@ -18,8 +18,8 @@

 Name:           bind
 %define pkg_name bind
-%define pkg_vers 9.10.3-P3
-%define rpm_vers 9.10.3P3
+%define pkg_vers 9.10.3-P4
+%define rpm_vers 9.10.3P4
 %define idn_vers 1.0
 Summary:        Domain Name System (DNS) Server (named)
 License:        ISC