pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2012Q1]: pkgsrc/net/bind96 Pullup ticket #3765 - requested by ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/51428433881d
branches: pkgsrc-2012Q1
changeset: 602072:51428433881d
user: tron <tron%pkgsrc.org@localhost>
date: Thu May 03 19:15:50 2012 +0000
description:
Pullup ticket #3765 - requested by taca
net/bind96: security patch
Revisions pulled up:
- net/bind96/Makefile 1.24
- net/bind96/distinfo 1.16
- net/bind96/patches/patch-lib_dns_resolver.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 1 02:49:27 UTC 2012
Modified Files:
pkgsrc/net/bind96: Makefile distinfo
Added Files:
pkgsrc/net/bind96/patches: patch-lib_dns_resolver.c
Log Message:
Add fix to a race condition in the resolver code that can cause a recursive
nameserver: <https://kb.isc.org/article/AA-00664>.
Bump PKGREVISION.
diffstat:
net/bind96/Makefile | 3 +-
net/bind96/distinfo | 3 +-
net/bind96/patches/patch-lib_dns_resolver.c | 34 +++++++++++++++++++++++++++++
3 files changed, 38 insertions(+), 2 deletions(-)
diffs (65 lines):
diff -r 4ddcf271c6c8 -r 51428433881d net/bind96/Makefile
--- a/net/bind96/Makefile Thu May 03 18:32:02 2012 +0000
+++ b/net/bind96/Makefile Thu May 03 19:15:50 2012 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.23 2012/04/05 00:41:10 taca Exp $
+# $NetBSD: Makefile,v 1.23.2.1 2012/05/03 19:15:50 tron Exp $
DISTNAME= bind-${BIND_VERSION}
PKGNAME= ${DISTNAME:S/-ESV/.3.1.ESV/:S/-R/./:S/-P/pl/}
+PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ \
http://ftp.belnet.be/pub/mirror/ftp.isc.org/isc/bind9/${BIND_VERSION}/
diff -r 4ddcf271c6c8 -r 51428433881d net/bind96/distinfo
--- a/net/bind96/distinfo Thu May 03 18:32:02 2012 +0000
+++ b/net/bind96/distinfo Thu May 03 19:15:50 2012 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2012/04/05 00:41:10 taca Exp $
+$NetBSD: distinfo,v 1.15.2.1 2012/05/03 19:15:50 tron Exp $
SHA1 (bind-9.6-ESV-R6.tar.gz) = 8818ba00a7503e757d9d34053b2f16beac0d0f5e
RMD160 (bind-9.6-ESV-R6.tar.gz) = 239d70e1bc1d7e16a42d36938de8aa3ffbab0b64
@@ -8,3 +8,4 @@
SHA1 (patch-ad) = 3fcfac007f7823d48573459e57810f442c5b7d2f
SHA1 (patch-ag) = ffc547b444f01f51a12a01cfa884916a9a411a88
SHA1 (patch-am) = a52d847354cd83b2474d5420925925e4614c966f
+SHA1 (patch-lib_dns_resolver.c) = e9b7460c15df6b942b9987aeb4d223f48dec712d
diff -r 4ddcf271c6c8 -r 51428433881d net/bind96/patches/patch-lib_dns_resolver.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/bind96/patches/patch-lib_dns_resolver.c Thu May 03 19:15:50 2012 +0000
@@ -0,0 +1,34 @@
+$NetBSD: patch-lib_dns_resolver.c,v 1.1.2.2 2012/05/03 19:15:51 tron Exp $
+
+Prevent segmentation fault in resolver.c: https://kb.isc.org/article/AA-00664
+
+--- lib/dns/resolver.c.orig 2012-03-26 16:14:28.000000000 +0000
++++ lib/dns/resolver.c
+@@ -2156,7 +2156,6 @@ fctx_finddone(isc_task_t *task, isc_even
+ isc_boolean_t want_try = ISC_FALSE;
+ isc_boolean_t want_done = ISC_FALSE;
+ isc_boolean_t bucket_empty = ISC_FALSE;
+- isc_boolean_t destroy = ISC_FALSE;
+ unsigned int bucketnum;
+
+ find = event->ev_sender;
+@@ -2195,17 +2194,12 @@ fctx_finddone(isc_task_t *task, isc_even
+ }
+ } else if (SHUTTINGDOWN(fctx) && fctx->pending == 0 &&
+ fctx->nqueries == 0 && ISC_LIST_EMPTY(fctx->validators)) {
+- /*
+- * Note that we had to wait until we had the lock before
+- * looking at fctx->references.
+- */
++
+ if (fctx->references == 0)
+- destroy = ISC_TRUE;
++ bucket_empty = fctx_destroy(fctx);
+ }
+ UNLOCK(&res->buckets[bucketnum].lock);
+
+- if (destroy)
+- bucket_empty = fctx_destroy(fctx);
+ isc_event_free(&event);
+ dns_adb_destroyfind(&find);
+
Home |
Main Index |
Thread Index |
Old Index