Accepting request 568772 from network
OBS-URL: https://build.opensuse.org/request/show/568772 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bind?expand=0&rev=130
This commit is contained in:
commit
f9e528bffa
138
bind-CVE-2017-3145.patch
Normal file
138
bind-CVE-2017-3145.patch
Normal file
@ -0,0 +1,138 @@
|
|||||||
|
diff --git a/CHANGES b/CHANGES
|
||||||
|
index 5aa5053..32f920d 100644
|
||||||
|
--- a/CHANGES
|
||||||
|
+++ b/CHANGES
|
||||||
|
@@ -1,3 +1,9 @@
|
||||||
|
+ --- 9.11.2-P1 released ---
|
||||||
|
+
|
||||||
|
+4858. [security] Addresses could be referenced after being freed
|
||||||
|
+ in resolver.c, causing an assertion failure.
|
||||||
|
+ (CVE-2017-3145) [RT #46839]
|
||||||
|
+
|
||||||
|
--- 9.11.2 released ---
|
||||||
|
|
||||||
|
--- 9.11.2rc2 released ---
|
||||||
|
diff --git a/lib/dns/api b/lib/dns/api
|
||||||
|
index 711bfd8..eadd740 100644
|
||||||
|
--- a/lib/dns/api
|
||||||
|
+++ b/lib/dns/api
|
||||||
|
@@ -9,5 +9,5 @@
|
||||||
|
# 9.11: 160-169
|
||||||
|
# 9.12: 1200-1299
|
||||||
|
LIBINTERFACE = 169
|
||||||
|
-LIBREVISION = 1
|
||||||
|
+LIBREVISION = 2
|
||||||
|
LIBAGE = 0
|
||||||
|
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
|
||||||
|
index 8eb1d97..eb1ebcf 100644
|
||||||
|
--- a/lib/dns/resolver.c
|
||||||
|
+++ b/lib/dns/resolver.c
|
||||||
|
@@ -831,7 +831,7 @@ fctx_stoptimer(fetchctx_t *fctx) {
|
||||||
|
* cannot fail in that case.
|
||||||
|
*/
|
||||||
|
result = isc_timer_reset(fctx->timer, isc_timertype_inactive,
|
||||||
|
- NULL, NULL, ISC_TRUE);
|
||||||
|
+ NULL, NULL, ISC_TRUE);
|
||||||
|
if (result != ISC_R_SUCCESS) {
|
||||||
|
UNEXPECTED_ERROR(__FILE__, __LINE__,
|
||||||
|
"isc_timer_reset(): %s",
|
||||||
|
@@ -839,7 +839,6 @@ fctx_stoptimer(fetchctx_t *fctx) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
-
|
||||||
|
static inline isc_result_t
|
||||||
|
fctx_startidletimer(fetchctx_t *fctx, isc_interval_t *interval) {
|
||||||
|
/*
|
||||||
|
@@ -1116,7 +1115,8 @@ fctx_cleanupfinds(fetchctx_t *fctx) {
|
||||||
|
|
||||||
|
for (find = ISC_LIST_HEAD(fctx->finds);
|
||||||
|
find != NULL;
|
||||||
|
- find = next_find) {
|
||||||
|
+ find = next_find)
|
||||||
|
+ {
|
||||||
|
next_find = ISC_LIST_NEXT(find, publink);
|
||||||
|
ISC_LIST_UNLINK(fctx->finds, find, publink);
|
||||||
|
dns_adb_destroyfind(&find);
|
||||||
|
@@ -1132,7 +1132,8 @@ fctx_cleanupaltfinds(fetchctx_t *fctx) {
|
||||||
|
|
||||||
|
for (find = ISC_LIST_HEAD(fctx->altfinds);
|
||||||
|
find != NULL;
|
||||||
|
- find = next_find) {
|
||||||
|
+ find = next_find)
|
||||||
|
+ {
|
||||||
|
next_find = ISC_LIST_NEXT(find, publink);
|
||||||
|
ISC_LIST_UNLINK(fctx->altfinds, find, publink);
|
||||||
|
dns_adb_destroyfind(&find);
|
||||||
|
@@ -1148,7 +1149,8 @@ fctx_cleanupforwaddrs(fetchctx_t *fctx) {
|
||||||
|
|
||||||
|
for (addr = ISC_LIST_HEAD(fctx->forwaddrs);
|
||||||
|
addr != NULL;
|
||||||
|
- addr = next_addr) {
|
||||||
|
+ addr = next_addr)
|
||||||
|
+ {
|
||||||
|
next_addr = ISC_LIST_NEXT(addr, publink);
|
||||||
|
ISC_LIST_UNLINK(fctx->forwaddrs, addr, publink);
|
||||||
|
dns_adb_freeaddrinfo(fctx->adb, &addr);
|
||||||
|
@@ -1163,7 +1165,8 @@ fctx_cleanupaltaddrs(fetchctx_t *fctx) {
|
||||||
|
|
||||||
|
for (addr = ISC_LIST_HEAD(fctx->altaddrs);
|
||||||
|
addr != NULL;
|
||||||
|
- addr = next_addr) {
|
||||||
|
+ addr = next_addr)
|
||||||
|
+ {
|
||||||
|
next_addr = ISC_LIST_NEXT(addr, publink);
|
||||||
|
ISC_LIST_UNLINK(fctx->altaddrs, addr, publink);
|
||||||
|
dns_adb_freeaddrinfo(fctx->adb, &addr);
|
||||||
|
@@ -1171,16 +1174,20 @@ fctx_cleanupaltaddrs(fetchctx_t *fctx) {
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline void
|
||||||
|
-fctx_stopeverything(fetchctx_t *fctx, isc_boolean_t no_response,
|
||||||
|
- isc_boolean_t age_untried)
|
||||||
|
+fctx_stopqueries(fetchctx_t *fctx, isc_boolean_t no_response,
|
||||||
|
+ isc_boolean_t age_untried)
|
||||||
|
{
|
||||||
|
- FCTXTRACE("stopeverything");
|
||||||
|
+ FCTXTRACE("stopqueries");
|
||||||
|
fctx_cancelqueries(fctx, no_response, age_untried);
|
||||||
|
+ fctx_stoptimer(fctx);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static inline void
|
||||||
|
+fctx_cleanupall(fetchctx_t *fctx) {
|
||||||
|
fctx_cleanupfinds(fctx);
|
||||||
|
fctx_cleanupaltfinds(fctx);
|
||||||
|
fctx_cleanupforwaddrs(fctx);
|
||||||
|
fctx_cleanupaltaddrs(fctx);
|
||||||
|
- fctx_stoptimer(fctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
@@ -1431,7 +1438,8 @@ fctx_done(fetchctx_t *fctx, isc_result_t result, int line) {
|
||||||
|
age_untried = ISC_TRUE;
|
||||||
|
|
||||||
|
fctx->reason = NULL;
|
||||||
|
- fctx_stopeverything(fctx, no_response, age_untried);
|
||||||
|
+
|
||||||
|
+ fctx_stopqueries(fctx, no_response, age_untried);
|
||||||
|
|
||||||
|
LOCK(&res->buckets[fctx->bucketnum].lock);
|
||||||
|
|
||||||
|
@@ -4022,11 +4030,12 @@ fctx_doshutdown(isc_task_t *task, isc_event_t *event) {
|
||||||
|
dns_resolver_cancelfetch(fctx->nsfetch);
|
||||||
|
|
||||||
|
/*
|
||||||
|
- * Shut down anything that is still running on behalf of this
|
||||||
|
- * fetch. To avoid deadlock with the ADB, we must do this
|
||||||
|
- * before we lock the bucket lock.
|
||||||
|
+ * Shut down anything still running on behalf of this
|
||||||
|
+ * fetch, and clean up finds and addresses. To avoid deadlock
|
||||||
|
+ * with the ADB, we must do this before we lock the bucket lock.
|
||||||
|
*/
|
||||||
|
- fctx_stopeverything(fctx, ISC_FALSE, ISC_FALSE);
|
||||||
|
+ fctx_stopqueries(fctx, ISC_FALSE, ISC_FALSE);
|
||||||
|
+ fctx_cleanupall(fctx);
|
||||||
|
|
||||||
|
LOCK(&res->buckets[bucketnum].lock);
|
||||||
|
|
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Jan 23 21:59:24 UTC 2018 - navin.kukreja@suse.com
|
||||||
|
|
||||||
|
- Apply bind-CVE-2017-3145.patch to fix CVE-2017-3145 (bsc#1076118)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Dec 6 13:35:59 UTC 2017 - vcizek@suse.com
|
Wed Dec 6 13:35:59 UTC 2017 - vcizek@suse.com
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package bind
|
# spec file for package bind
|
||||||
#
|
#
|
||||||
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -72,6 +72,7 @@ Patch4: perl-path.diff
|
|||||||
Patch51: pie_compile.diff
|
Patch51: pie_compile.diff
|
||||||
Patch52: named-bootconf.diff
|
Patch52: named-bootconf.diff
|
||||||
Patch53: bind-sdb-ldap.patch
|
Patch53: bind-sdb-ldap.patch
|
||||||
|
Patch54: bind-CVE-2017-3145.patch
|
||||||
BuildRequires: libcap-devel
|
BuildRequires: libcap-devel
|
||||||
BuildRequires: libmysqlclient-devel
|
BuildRequires: libmysqlclient-devel
|
||||||
BuildRequires: libopenssl-devel
|
BuildRequires: libopenssl-devel
|
||||||
@ -299,6 +300,7 @@ This package provides a module which allows commands to be sent to rndc directly
|
|||||||
%patch51
|
%patch51
|
||||||
%patch52
|
%patch52
|
||||||
%patch53
|
%patch53
|
||||||
|
%patch54 -p1
|
||||||
|
|
||||||
# use the year from source gzip header instead of current one to make reproducible rpms
|
# use the year from source gzip header instead of current one to make reproducible rpms
|
||||||
year=$(perl -e 'sysread(STDIN, $h, 8); print (1900+(gmtime(unpack("l",substr($h,4))))[5])' < %{SOURCE0})
|
year=$(perl -e 'sysread(STDIN, $h, 8); print (1900+(gmtime(unpack("l",substr($h,4))))[5])' < %{SOURCE0})
|
||||||
|
Loading…
Reference in New Issue
Block a user