diff --git a/bind-9.10.2-P2.tar.gz b/bind-9.10.2-P2.tar.gz deleted file mode 100644 index dc1ea88..0000000 --- a/bind-9.10.2-P2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b1e6f0af88634aaf48fb9d06bbf82968264f49b8e2685f061dd3fd4c1ab76c5f -size 8469608 diff --git a/bind-9.10.2-P2.tar.gz.asc b/bind-9.10.2-P2.tar.gz.asc deleted file mode 100644 index 2bba1cf..0000000 --- a/bind-9.10.2-P2.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.12 (NetBSD) - -iQEcBAABAgAGBQJViUjjAAoJEG+m68mRGkwCiNkH/3bVmB4iAOCK6wXU+K4OmQ/h -IbOIMwCqkhbuBguDnw8sO9IiKfOEuQUbW2DrBJUiDPEROnW9xe2G7AppfpVEpMuV -ORJOgW4z5UwF3pwONbO7f9bSJzSYbbvDM/QMVjyaQoq2yjd9QEsVYE385C6vZ6y3 -JXWMzO2Y+XgZgeGNJItQFSaJf4IwCb3Cj+BwpZwyU9rVsTX50YkW/D4yQxKkH7r6 -pmHb3iZuytcM60A+cxsMraCAnui9Yn9mDSoozaE2W+ohisF4ifQLqsHwhYYW5VrG -I3/ujBBPj3VokaLs/l/GBTFYBVm/RitDgily6p8rCvbiIKA6bZOTsKhVgaflVwE= -=Gq06 ------END PGP SIGNATURE----- diff --git a/bind-9.10.2-P3.tar.gz b/bind-9.10.2-P3.tar.gz new file mode 100644 index 0000000..91866c1 --- /dev/null +++ b/bind-9.10.2-P3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:78079a66dda455ffecfe93ef72d1ffc947f17b1c453d55ec06b860b49a5e1d4a +size 8469831 diff --git a/bind-9.10.2-P3.tar.gz.asc b/bind-9.10.2-P3.tar.gz.asc new file mode 100644 index 0000000..5d4141e --- /dev/null +++ b/bind-9.10.2-P3.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- +Comment: GPGTools - http://gpgtools.org + +iQEcBAABAgAGBQJVrSxkAAoJEG+m68mRGkwC/MgIAJajjc2WhbJ+MKtLB0JughkZ +YLykCptyAz5YD4Uit5GWEkTqJbTqap7scfLCQiqQHYfUBfHwZ3BYtw6HHmeGZmjC +oivNB6zHKVKAc9YDWkVDMbc9zXFxApKsdyU5YKs5vEW9ByxyMtaCTzU4+nRnDRLJ +pwlACuHeSKmMel3n4Wa/5ECPgiUEdi+nFXMq/O70yCzB4WDD6YVP9MsFYlXfvxiv +EdJ2Zr9m53VNOJOKmC7ipGca48CYcdM67rW+/XnMCHqZT9gZcfdUGO9l4qzodAUx +Hd6wj9kSMVe3hJ7bz/Z/Da+Jlsu8seu9aqaQUkJq28TY5wS7JjauK2c1MhTKcKo= +=9qke +-----END PGP SIGNATURE----- diff --git a/bind.changes b/bind.changes index 04ce00d..41ab068 100644 --- a/bind.changes +++ b/bind.changes @@ -1,3 +1,38 @@ +------------------------------------------------------------------- +Wed Jul 29 19:24:40 UTC 2015 - lmuelle@suse.com + +- Update to version 9.10.2-P3 + Security Fixes + * A specially crafted query could trigger an assertion failure in message.c. + This flaw was discovered by Jonathan Foote, and is disclosed in + CVE-2015-5477. [RT #39795] + * On servers configured to perform DNSSEC validation, an assertion failure + could be triggered on answers from a specially configured server. + This flaw was discovered by Breno Silveira Soares, and is disclosed + in CVE-2015-4620. [RT #39795] + Bug Fixes + * Asynchronous zone loads were not handled correctly when the zone load was + already in progress; this could trigger a crash in zt.c. [RT #37573] + * Several bugs have been fixed in the RPZ implementation: + + Policy zones that did not specifically require recursion could be treated + as if they did; consequently, setting qname-wait-recurse no; was + sometimes ineffective. This has been corrected. In most configurations, + behavioral changes due to this fix will not be noticeable. [RT #39229] + + The server could crash if policy zones were updated (e.g. via + rndc reload or an incoming zone transfer) while RPZ processing + was still ongoing for an active query. [RT #39415] + + On servers with one or more policy zones configured as slaves, if a + policy zone updated during regular operation (rather than at startup) + using a full zone reload, such as via AXFR, a bug could allow the RPZ + summary data to fall out of sync, potentially leading to an assertion + failure in rpz.c when further incremental updates were made to the zone, + such as via IXFR. [RT #39567] + + The server could match a shorter prefix than what was + available in CLIENT-IP policy triggers, and so, an unexpected + action could be taken. This has been corrected. [RT #39481] + + The server could crash if a reload of an RPZ zone was initiated while + another reload of the same zone was already in progress. [RT #39649] + ------------------------------------------------------------------- Fri Jul 10 18:02:41 UTC 2015 - lmuelle@suse.com diff --git a/bind.spec b/bind.spec index 38da6e3..2da9d20 100644 --- a/bind.spec +++ b/bind.spec @@ -18,8 +18,8 @@ Name: bind %define pkg_name bind -%define pkg_vers 9.10.2-P2 -%define rpm_vers 9.10.2P2 +%define pkg_vers 9.10.2-P3 +%define rpm_vers 9.10.2P3 %define idn_vers 1.0 Summary: Domain Name System (DNS) Server (named) License: ISC