pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net Fix CVE-2008-0122 for libbind (as contained in bin...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/ba7f625c0d97
branches:  trunk
changeset: 542276:ba7f625c0d97
user:      tonnerre <tonnerre%pkgsrc.org@localhost>
date:      Sun May 11 00:00:57 2008 +0000

description:
Fix CVE-2008-0122 for libbind (as contained in bind). A misplaced boundary
check can be abused for implementation specific exploitation: depending on
the use of libbind, this can result in denial of service or even remote
code execution.

diffstat:

 net/bind8/Makefile         |   3 ++-
 net/bind8/distinfo         |   3 ++-
 net/bind8/patches/patch-ao |  16 ++++++++++++++++
 net/bind9/Makefile         |   4 ++--
 net/bind9/distinfo         |   3 ++-
 net/bind9/patches/patch-ap |  16 ++++++++++++++++
 6 files changed, 40 insertions(+), 5 deletions(-)

diffs (95 lines):

diff -r 27fc62139f24 -r ba7f625c0d97 net/bind8/Makefile
--- a/net/bind8/Makefile        Sat May 10 17:16:22 2008 +0000
+++ b/net/bind8/Makefile        Sun May 11 00:00:57 2008 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.39 2007/11/17 12:04:13 rillig Exp $
+# $NetBSD: Makefile,v 1.40 2008/05/11 00:00:57 tonnerre Exp $
 
 DISTNAME=      bind-${BIND_VERSION}
 PKGNAME=       ${DISTNAME}pl1
+PKGREVISION=   1
 CATEGORIES=    net
 MASTER_SITES=  ftp://ftp.isc.org/isc/bind8/src/${BIND_VERSION}/
 DISTFILES=     bind-src.tar.gz bind-doc.tar.gz
diff -r 27fc62139f24 -r ba7f625c0d97 net/bind8/distinfo
--- a/net/bind8/distinfo        Sat May 10 17:16:22 2008 +0000
+++ b/net/bind8/distinfo        Sun May 11 00:00:57 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.21 2007/09/10 19:05:01 adrianp Exp $
+$NetBSD: distinfo,v 1.22 2008/05/11 00:00:57 tonnerre Exp $
 
 SHA1 (bind/8.4.7/8.4.7-p1.patch) = 21ace372a55ff10166c3aaefb9ca25889b8e9c99
 RMD160 (bind/8.4.7/8.4.7-p1.patch) = 09787da6ebf107f680963ead6b9998f734244951
@@ -22,3 +22,4 @@
 SHA1 (patch-al) = f03b3b5480d9294673cdb86cf0f45f48ce9ea895
 SHA1 (patch-am) = 7acd974e10388dba0dcb44c28f2f03e18b7a1c28
 SHA1 (patch-an) = 41b63a50756d9f73152fc8a48dbf93657064e90f
+SHA1 (patch-ao) = 85ee16824e849ad227e04dbf71808446769438af
diff -r 27fc62139f24 -r ba7f625c0d97 net/bind8/patches/patch-ao
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/bind8/patches/patch-ao        Sun May 11 00:00:57 2008 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-ao,v 1.1 2008/05/11 00:00:57 tonnerre Exp $
+
+--- src/lib/inet/inet_network.c.orig   2004-03-17 01:20:24.000000000 +0100
++++ src/lib/inet/inet_network.c
+@@ -84,9 +84,9 @@ again:
+       }
+       if (!digit)
+               return (INADDR_NONE);
++      if (pp >= parts + 4 || val > 0xffU)
++              return (INADDR_NONE);
+       if (*cp == '.') {
+-              if (pp >= parts + 4 || val > 0xffU)
+-                      return (INADDR_NONE);
+               *pp++ = val, cp++;
+               goto again;
+       }
diff -r 27fc62139f24 -r ba7f625c0d97 net/bind9/Makefile
--- a/net/bind9/Makefile        Sat May 10 17:16:22 2008 +0000
+++ b/net/bind9/Makefile        Sun May 11 00:00:57 2008 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.96 2008/04/12 22:43:08 jlam Exp $
+# $NetBSD: Makefile,v 1.97 2008/05/11 00:00:59 tonnerre Exp $
 
 DISTNAME=      bind-${BIND_VERSION}
 PKGNAME=       ${DISTNAME:S/-P1/pl1/}
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    net
 MASTER_SITES=  ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
 
diff -r 27fc62139f24 -r ba7f625c0d97 net/bind9/distinfo
--- a/net/bind9/distinfo        Sat May 10 17:16:22 2008 +0000
+++ b/net/bind9/distinfo        Sun May 11 00:00:57 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.34 2007/08/08 18:32:46 reed Exp $
+$NetBSD: distinfo,v 1.35 2008/05/11 00:00:59 tonnerre Exp $
 
 SHA1 (bind-9.4.1-P1.tar.gz) = c65bfd3d6ff1dd78b678fe350e323bfb6d47fe1b
 RMD160 (bind-9.4.1-P1.tar.gz) = ced75a96098d78a7fdd8cc1d1e3daf2ad142ee9f
@@ -14,3 +14,4 @@
 SHA1 (patch-am) = bb267f13dbd30d492f4dfcf9c278b941efa97bed
 SHA1 (patch-an) = 6ec6ede602292ef2eaf5f0891e97576218bd8c3e
 SHA1 (patch-ao) = 9a1ed7b37befdd8e29d233fe55cd62362df3c50e
+SHA1 (patch-ap) = 800486318acbaae22d04ac6e2b7ccddd150fde90
diff -r 27fc62139f24 -r ba7f625c0d97 net/bind9/patches/patch-ap
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/bind9/patches/patch-ap        Sun May 11 00:00:57 2008 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-ap,v 1.3 2008/05/11 00:00:59 tonnerre Exp $
+
+--- lib/bind/inet/inet_network.c.orig  2005-04-27 07:00:54.000000000 +0200
++++ lib/bind/inet/inet_network.c
+@@ -84,9 +84,9 @@ again:
+       }
+       if (!digit)
+               return (INADDR_NONE);
++      if (pp >= parts + 4 || val > 0xffU)
++              return (INADDR_NONE);
+       if (*cp == '.') {
+-              if (pp >= parts + 4 || val > 0xffU)
+-                      return (INADDR_NONE);
+               *pp++ = val, cp++;
+               goto again;
+       }



Home | Main Index | Thread Index | Old Index