pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/maradns Fix a Denial-of-Service vulnerability in m...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/a19c4867d74d
branches:  trunk
changeset: 539992:a19c4867d74d
user:      tonnerre <tonnerre%pkgsrc.org@localhost>
date:      Wed Mar 19 22:55:21 2008 +0000

description:
Fix a Denial-of-Service vulnerability in maradns version 1.2.12.06
Crafted CNAME entries can be used to DoS MaraDNS without this patch
See CVE-2008-0061 for more details
Approved-by: wiz

diffstat:

 net/maradns/Makefile         |   3 ++-
 net/maradns/distinfo         |   3 ++-
 net/maradns/patches/patch-am |  34 ++++++++++++++++++++++++++++++++++
 3 files changed, 38 insertions(+), 2 deletions(-)

diffs (64 lines):

diff -r 0b9a17be91b3 -r a19c4867d74d net/maradns/Makefile
--- a/net/maradns/Makefile      Wed Mar 19 22:47:56 2008 +0000
+++ b/net/maradns/Makefile      Wed Mar 19 22:55:21 2008 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.19 2007/08/12 01:14:30 joerg Exp $
+# $NetBSD: Makefile,v 1.20 2008/03/19 22:55:21 tonnerre Exp $
 
 DISTNAME=      maradns-1.2.12.06
+PKGREVISION=   1
 CATEGORIES=    net
 MASTER_SITES=  http://www.maradns.org/download/1.2/${DISTNAME:S/maradns-//}/
 EXTRACT_SUFX=  .tar.bz2
diff -r 0b9a17be91b3 -r a19c4867d74d net/maradns/distinfo
--- a/net/maradns/distinfo      Wed Mar 19 22:47:56 2008 +0000
+++ b/net/maradns/distinfo      Wed Mar 19 22:55:21 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.9 2007/08/12 01:14:30 joerg Exp $
+$NetBSD: distinfo,v 1.10 2008/03/19 22:55:21 tonnerre Exp $
 
 SHA1 (maradns-1.2.12.06.tar.bz2) = bb94f2bcb612fe6c8f47ef6721051a57840a386e
 RMD160 (maradns-1.2.12.06.tar.bz2) = 8c88fd87bff54c0121348e19a5255869622228a6
@@ -12,3 +12,4 @@
 SHA1 (patch-aj) = b8c98de240712dad2f396e25bee6b6564a0a6e5e
 SHA1 (patch-ak) = f7fe72709a91a74dd6ff841f7155da0bd665162e
 SHA1 (patch-al) = 72faa0c34b44fffb49a079e958816692f6c90c5f
+SHA1 (patch-am) = 725e408c7d395d65fe4adc0d3d7e018c2c6a6c17
diff -r 0b9a17be91b3 -r a19c4867d74d net/maradns/patches/patch-am
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/maradns/patches/patch-am      Wed Mar 19 22:55:21 2008 +0000
@@ -0,0 +1,34 @@
+$NetBSD: patch-am,v 1.1 2008/03/19 22:55:21 tonnerre Exp $
+
+--- server/MaraDNS.c.orig      2007-05-17 06:01:44.000000000 +0200
++++ server/MaraDNS.c
+@@ -636,7 +636,8 @@ int udpsuccess(rr *where, int id, int so
+                is buggy if we round-robin rotate data when we allow more than
+                one additional record to be create per answer/authoritative
+                record.  */
+-            if(rotate_2nd != 0 && max_ar_chain == 1 && rotate_last != 0) {
++            if(rotate_2nd != 0 && max_ar_chain == 1 && rotate_last != 0
++              && first_rr_type != RR_NS) {
+                 /* If it makes sense to do a round-robin rotation, do so.
+                * Make rotate_1st, which was the first record, the last
+                * record; make rotate_2nd, which was the second record,
+@@ -900,7 +901,8 @@ int udpsuccess(rr *where, int id, int so
+         rotate_last = where;
+         where = where->next;
+         /* If it makes sense to do a round-robin rotation, do so */
+-        if(where == 0 && rotate_2nd != 0 && max_ar_chain == 1) {
++        if(where == 0 && rotate_2nd != 0 && max_ar_chain == 1
++          && first_rr_type != RR_NS) {
+             /* For records in the cache, we need to make sure that
+                the custodian properly points to the first record
+                in the chain or we will leak memory */
+@@ -1113,7 +1115,8 @@ int add_answer(rr *where,js_string *most
+                is buggy if we round-robin rotate data when we allow more than
+                one additional record to be create per answer/authoritative
+                record.  */
+-            if(rotate_2nd != 0 && max_ar_chain == 1 && rotate_done == 0) {
++            if(rotate_2nd != 0 && max_ar_chain == 1 && rotate_done == 0
++              && first_rr_type != RR_NS) {
+                 rotate_done = 1;
+                 /* If it makes sense to do a round-robin rotation */
+                 rotate_1st->next = where;



Home | Main Index | Thread Index | Old Index