diff options
author | Jacques Vidrine <nectar@FreeBSD.org> | 2003-11-27 16:40:03 +0000 |
---|---|---|
committer | Jacques Vidrine <nectar@FreeBSD.org> | 2003-11-27 16:40:03 +0000 |
commit | 44eba34d9f2db6360109ac83b114c01c403da5c7 (patch) | |
tree | fa2d4d5fa13b9b8fc672db87a4a0dbdd1f372c1a | |
parent | a0ab40adc961047ed4bf36762cb3e5d9f5e8637d (diff) | |
download | src-releng/4.6.tar.gz src-releng/4.6.zip |
Correct a remote denial-of-service attack in named(8).releng/4.6
Notes
Notes:
svn path=/releng/4.6/; revision=123008
-rw-r--r-- | UPDATING | 3 | ||||
-rw-r--r-- | contrib/bind/Version | 2 | ||||
-rw-r--r-- | contrib/bind/bin/named/ns_resp.c | 12 | ||||
-rw-r--r-- | sys/conf/newvers.sh | 2 |
4 files changed, 14 insertions, 5 deletions
@@ -17,6 +17,9 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20031126: p27 FreeBSD-SA-03:19.bind + Corrected remote denial-of-service vulnerability in named(8). + 20031003: p26 FreeBSD-SA-03:18.openssl Corrected vulnerabilities in OpenSSL ASN.1 parsing. diff --git a/contrib/bind/Version b/contrib/bind/Version index e99a6add5fbb..b4a709b025d3 100644 --- a/contrib/bind/Version +++ b/contrib/bind/Version @@ -1 +1 @@ -8.3.3-REL +8.3.3-REL-p1 diff --git a/contrib/bind/bin/named/ns_resp.c b/contrib/bind/bin/named/ns_resp.c index c371fba842af..21c4095b2048 100644 --- a/contrib/bind/bin/named/ns_resp.c +++ b/contrib/bind/bin/named/ns_resp.c @@ -272,7 +272,7 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp) u_int qtype, qclass; int restart; /* flag for processing cname response */ int validanswer, dbflags; - int cname, lastwascname, externalcname; + int cname, lastwascname, externalcname, cachenegative; int count, founddata, foundname; int buflen; int newmsglen; @@ -912,6 +912,7 @@ tcp_retry: cname = 0; lastwascname = 0; externalcname = 0; + cachenegative = 1; strcpy(aname, qname); if (count) { @@ -981,6 +982,7 @@ tcp_retry: name); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } if (type == T_CNAME && @@ -1011,6 +1013,7 @@ tcp_retry: "last was cname, ignoring auth. and add."); db_detach(&dp); validanswer = 0; + cachenegative = 0; break; } if (i < arfirst) { @@ -1026,6 +1029,7 @@ tcp_retry: sin_ntoa(from)); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } else if (!ns_samedomain(name, qp->q_domain)) { @@ -1039,6 +1043,7 @@ tcp_retry: sin_ntoa(from)); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } if (type == T_NS) { @@ -1231,8 +1236,9 @@ tcp_retry: ) ) { - cache_n_resp(msg, msglen, from, qp->q_name, - qp->q_class, qp->q_type); + if (cachenegative) + cache_n_resp(msg, msglen, from, qp->q_name, + qp->q_class, qp->q_type); if (!qp->q_cmsglen && validanswer) { ns_debug(ns_log_default, 3, diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index ce1e9113c4bf..ad563953bef3 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -36,7 +36,7 @@ TYPE="FreeBSD" REVISION="4.6.2" -BRANCH="RELEASE-p26" +BRANCH="RELEASE-p27" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" |