diff options
| author | Adam Tkac <atkac@fedoraproject.org> | 2009-01-08 14:47:03 +0000 |
|---|---|---|
| committer | Adam Tkac <atkac@fedoraproject.org> | 2009-01-08 14:47:03 +0000 |
| commit | 1bf365c285c3b181403b98508e818868345aa4cc (patch) | |
| tree | 937bde514eab2dbede684b40024647a84c1736ce | |
| parent | 49f5f89e437534bfcb1b624f3dc828a900ed1cb6 (diff) | |
- 9.5.1-P1 release (CVE-2009-0025)
- patches merged
- bind95-rh454783.patch
- bind-9.5-recv-race.patch
- bind-9.5-edns.patch
- bind95-rh457175.patch
| -rw-r--r-- | .cvsignore | 2 | ||||
| -rw-r--r-- | bind-9.5-dlz-64bit.patch | 52 | ||||
| -rw-r--r-- | bind-9.5-edns.patch | 21 | ||||
| -rw-r--r-- | bind-9.5-recv-race.patch | 172 | ||||
| -rw-r--r-- | bind.spec | 24 | ||||
| -rw-r--r-- | bind95-rh454783.patch | 50 | ||||
| -rw-r--r-- | bind95-rh457175.patch | 25 | ||||
| -rw-r--r-- | sources | 2 |
8 files changed, 33 insertions, 315 deletions
@@ -1,4 +1,4 @@ bind-chroot.tar.bz2 config-3.tar.bz2 libbind-man.tar.gz -bind-9.5.0-P2.tar.gz +bind-9.5.1-P1.tar.gz diff --git a/bind-9.5-dlz-64bit.patch b/bind-9.5-dlz-64bit.patch index 8e267e7..3e06577 100644 --- a/bind-9.5-dlz-64bit.patch +++ b/bind-9.5-dlz-64bit.patch @@ -1,6 +1,6 @@ -diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/config.dlz.in ---- bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit 2006-06-07 04:21:50.000000000 +0200 -+++ bind-9.5.0a5/contrib/dlz/config.dlz.in 2007-07-23 11:18:54.000000000 +0200 +diff -up bind-9.5.1b1/contrib/dlz/config.dlz.in.64bit bind-9.5.1b1/contrib/dlz/config.dlz.in +--- bind-9.5.1b1/contrib/dlz/config.dlz.in.64bit 2008-06-17 06:03:31.000000000 +0200 ++++ bind-9.5.1b1/contrib/dlz/config.dlz.in 2008-07-11 12:08:43.000000000 +0200 @@ -17,6 +17,13 @@ # dlzdir='${DLZ_DRIVER_DIR}' @@ -15,29 +15,19 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c # # Private autoconf macro to simplify configuring drivers: # -@@ -83,7 +90,7 @@ then - if test -f $d/include/libpq-fe.h +@@ -135,9 +142,9 @@ then then - use_dlz_postgres=$d/include -- use_dlz_postgres_lib=$d/lib -+ use_dlz_postgres_lib=$d/${target_lib} - break - fi - done -@@ -151,10 +158,10 @@ case "$use_dlz_mysql" in - *) - DLZ_ADD_DRIVER(MYSQL, dlz_mysql_driver, - [-I$use_dlz_mysql/include/mysql], -- [-L$use_dlz_mysql/lib/mysql -lmysqlclient -lz -lcrypt -lm]) -+ [-L$use_dlz_mysql/${target_lib}/mysql -lmysqlclient -lz -lcrypt -lm]) - - AC_MSG_RESULT( --[using mysql from $use_dlz_mysql/lib/mysql and $use_dlz_mysql/include/mysql]) -+[using mysql from $use_dlz_mysql/${target_lib}/mysql and $use_dlz_mysql/include/mysql]) - ;; - esac - -@@ -232,11 +239,11 @@ case "$use_dlz_bdb" in + use_dlz_mysql=$d + mysql_include=$d/include/mysql +- if test -d $d/lib/mysql ++ if test -d $d/${target_lib}/mysql + then +- mysql_lib=$d/lib/mysql ++ mysql_lib=$d/${target_lib}/mysql + else + mysql_lib=$d/lib + fi +@@ -274,11 +281,11 @@ case "$use_dlz_bdb" in bdb_libnames="db42 db-4.2 db41 db-4.1 db" for d in $bdb_libnames do @@ -51,7 +41,7 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c else dlz_bdb_libs="" fi -@@ -341,10 +348,10 @@ case "$use_dlz_ldap" in +@@ -383,7 +390,7 @@ case "$use_dlz_ldap" in *) DLZ_ADD_DRIVER(LDAP, dlz_ldap_driver, [-I$use_dlz_ldap/include], @@ -59,12 +49,8 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c + [-L$use_dlz_ldap/${target_lib} -lldap -llber]) AC_MSG_RESULT( --[using LDAP from $use_dlz_ldap/lib and $use_dlz_ldap/include]) -+[using LDAP from $use_dlz_ldap/${target_lib} and $use_dlz_ldap/include]) - ;; - esac - -@@ -365,7 +372,7 @@ then + [using LDAP from $use_dlz_ldap/lib and $use_dlz_ldap/include]) +@@ -407,7 +414,7 @@ then odbcdirs="/usr /usr/local /usr/pkg" for d in $odbcdirs do @@ -73,7 +59,7 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c then use_dlz_odbc=$d break -@@ -385,7 +392,7 @@ case "$use_dlz_odbc" in +@@ -427,7 +434,7 @@ case "$use_dlz_odbc" in *) DLZ_ADD_DRIVER(ODBC, dlz_odbc_driver, [-I$use_dlz_odbc/include], diff --git a/bind-9.5-edns.patch b/bind-9.5-edns.patch deleted file mode 100644 index 40f6412..0000000 --- a/bind-9.5-edns.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -up bind-9.5.0b3/lib/dns/resolver.c.edns bind-9.5.0b3/lib/dns/resolver.c ---- bind-9.5.0b3/lib/dns/resolver.c.edns 2008-05-13 08:55:43.000000000 +0200 -+++ bind-9.5.0b3/lib/dns/resolver.c 2008-05-13 08:58:12.000000000 +0200 -@@ -1552,13 +1552,16 @@ resquery_send(resquery_t *query) { - dns_peer_getsupportedns(peer, &useedns) == ISC_R_SUCCESS && - !useedns) - { -- query->options |= DNS_FETCHOPT_NOEDNS0; - dns_adb_changeflags(fctx->adb, - query->addrinfo, - DNS_FETCHOPT_NOEDNS0, - DNS_FETCHOPT_NOEDNS0); - } - -+ /* Sync query->options and query->addrinfo->flags now */ -+ if ((query->addrinfo->flags & DNS_FETCHOPT_NOEDNS0) != 0) -+ query->options |= DNS_FETCHOPT_NOEDNS0; -+ - /* - * Use EDNS0, unless the caller doesn't want it, or we know that - * the remote server doesn't like it. diff --git a/bind-9.5-recv-race.patch b/bind-9.5-recv-race.patch deleted file mode 100644 index 2207d53..0000000 --- a/bind-9.5-recv-race.patch +++ /dev/null @@ -1,172 +0,0 @@ -diff -up bind-9.5.0b2/lib/isc/unix/socket.c.recv bind-9.5.0b2/lib/isc/unix/socket.c ---- bind-9.5.0b2/lib/isc/unix/socket.c.recv 2008-04-10 16:45:33.000000000 +0200 -+++ bind-9.5.0b2/lib/isc/unix/socket.c 2008-04-10 17:00:46.000000000 +0200 -@@ -261,10 +261,10 @@ static isc_result_t allocate_socket(isc_ - static void destroy(isc_socket_t **); - static void internal_accept(isc_task_t *, isc_event_t *); - static void internal_connect(isc_task_t *, isc_event_t *); --static void internal_recv(isc_task_t *, isc_event_t *); -+static void internal_recv(isc_event_t *); - static void internal_send(isc_task_t *, isc_event_t *); - static void internal_fdwatch_write(isc_task_t *, isc_event_t *); --static void internal_fdwatch_read(isc_task_t *, isc_event_t *); -+static void internal_fdwatch_read(isc_event_t *); - static void process_cmsg(isc_socket_t *, struct msghdr *, isc_socketevent_t *); - static void build_msghdr_send(isc_socket_t *, isc_socketevent_t *, - struct msghdr *, struct iovec *, size_t *); -@@ -1830,7 +1830,7 @@ isc_socket_detach(isc_socket_t **socketp - * - * The socket and manager must be locked before calling this function. - */ --static void -+static isc_boolean_t - dispatch_recv(isc_socket_t *sock) { - intev_t *iev; - isc_socketevent_t *ev; -@@ -1841,7 +1841,7 @@ dispatch_recv(isc_socket_t *sock) { - if (sock->type != isc_sockettype_fdwatch) { - ev = ISC_LIST_HEAD(sock->recv_list); - if (ev == NULL) -- return; -+ return ISC_FALSE; - socket_log(sock, NULL, EVENT, NULL, 0, 0, - "dispatch_recv: event %p -> task %p", - ev, ev->ev_sender); -@@ -1855,13 +1855,16 @@ dispatch_recv(isc_socket_t *sock) { - - sock->references++; - iev->ev_sender = sock; -+ iev->ev_arg = sock; - if (sock->type == isc_sockettype_fdwatch) -- iev->ev_action = internal_fdwatch_read; -+ internal_fdwatch_read (iev); - else -- iev->ev_action = internal_recv; -- iev->ev_arg = sock; -+ internal_recv (iev); - -- isc_task_send(sender, (isc_event_t **)&iev); -+ if (sock->references == 0) -+ return ISC_TRUE; -+ -+ return ISC_FALSE; - } - - static void -@@ -2228,7 +2231,7 @@ internal_accept(isc_task_t *me, isc_even - } - - static void --internal_recv(isc_task_t *me, isc_event_t *ev) { -+internal_recv(isc_event_t *ev) { - isc_socketevent_t *dev; - isc_socket_t *sock; - -@@ -2237,21 +2240,13 @@ internal_recv(isc_task_t *me, isc_event_ - sock = ev->ev_sender; - INSIST(VALID_SOCKET(sock)); - -- LOCK(&sock->lock); -- socket_log(sock, NULL, IOEVENT, -- isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_INTERNALRECV, -- "internal_recv: task %p got event %p", me, ev); -- - INSIST(sock->pending_recv == 1); - sock->pending_recv = 0; - - INSIST(sock->references > 0); - sock->references--; /* the internal event is done with this socket */ -- if (sock->references == 0) { -- UNLOCK(&sock->lock); -- destroy(&sock); -+ if (sock->references == 0) - return; -- } - - /* - * Try to do as much I/O as possible on this socket. There are no -@@ -2289,7 +2284,6 @@ internal_recv(isc_task_t *me, isc_event_ - if (!ISC_LIST_EMPTY(sock->recv_list)) - select_poke(sock->manager, sock->fd, SELECT_POKE_READ); - -- UNLOCK(&sock->lock); - } - - static void -@@ -2388,7 +2382,7 @@ internal_fdwatch_write(isc_task_t *me, i - } - - static void --internal_fdwatch_read(isc_task_t *me, isc_event_t *ev) { -+internal_fdwatch_read(isc_event_t *ev) { - isc_socket_t *sock; - int more_data; - -@@ -2400,31 +2394,19 @@ internal_fdwatch_read(isc_task_t *me, is - sock = (isc_socket_t *)ev->ev_sender; - INSIST(VALID_SOCKET(sock)); - -- LOCK(&sock->lock); -- socket_log(sock, NULL, IOEVENT, -- isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_INTERNALRECV, -- "internal_fdwatch_read: task %p got event %p", me, ev); -- - INSIST(sock->pending_recv == 1); - -- UNLOCK(&sock->lock); -- more_data = (sock->fdwatchcb)(me, sock, sock->fdwatcharg); -- LOCK(&sock->lock); -+ INSIST(0); /* We should not be here */ - - sock->pending_recv = 0; - - INSIST(sock->references > 0); - sock->references--; /* the internal event is done with this socket */ -- if (sock->references == 0) { -- UNLOCK(&sock->lock); -- destroy(&sock); -+ if (sock->references == 0) - return; -- } - - if (more_data) - select_poke(sock->manager, sock->fd, SELECT_POKE_READ); -- -- UNLOCK(&sock->lock); - } - - static void -@@ -2434,6 +2416,7 @@ process_fds(isc_socketmgr_t *manager, in - int i; - isc_socket_t *sock; - isc_boolean_t unlock_sock; -+ isc_boolean_t destroy_sock; - - REQUIRE(maxfd <= (int)FD_SETSIZE); - -@@ -2462,6 +2445,7 @@ process_fds(isc_socketmgr_t *manager, in - - sock = manager->fds[i]; - unlock_sock = ISC_FALSE; -+ destroy_sock = ISC_FALSE; - if (FD_ISSET(i, readfds)) { - if (sock == NULL) { - FD_CLR(i, &manager->read_fds); -@@ -2473,7 +2457,7 @@ process_fds(isc_socketmgr_t *manager, in - if (sock->listener) - dispatch_accept(sock); - else -- dispatch_recv(sock); -+ destroy_sock = dispatch_recv(sock); - } - FD_CLR(i, &manager->read_fds); - } -@@ -2497,6 +2481,8 @@ process_fds(isc_socketmgr_t *manager, in - } - if (unlock_sock) - UNLOCK(&sock->lock); -+ if (destroy_sock) -+ destroy(&sock); - } - } - @@ -2,7 +2,7 @@ # Red Hat BIND package .spec file # -%define PATCHVER P2 +%define PATCHVER P1 %define VERSION %{version}-%{PATCHVER} %define _default_patch_fuzz 2 @@ -19,8 +19,8 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Name: bind License: ISC -Version: 9.5.0 -Release: 35.1.%{PATCHVER}%{?dist} +Version: 9.5.1 +Release: 1.%{PATCHVER}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -59,10 +59,6 @@ Patch63: bind-9.4.0-dnssec-directory.patch Patch71: bind-9.5-overflow.patch Patch72: bind-9.5-dlz-64bit.patch Patch87: bind-9.5-parallel-build.patch -Patch91: bind-9.5-recv-race.patch -Patch92: bind-9.5-edns.patch -Patch94: bind95-rh457175.patch -Patch95: bind95-rh454783.patch Patch96: bind-95-rh452060.patch # SDB patches @@ -186,7 +182,6 @@ Based on the code from Jan "Yenya" Kasprzak <kas@fi.muni.cz> %patch5 -p1 -b .nonexec %patch10 -p1 -b .PIE %patch16 -p1 -b .redhat_doc -%patch95 -p1 -b .rh454783 %if %{SDB} mkdir bin/named-sdb cp -r bin/named/* bin/named-sdb @@ -243,9 +238,6 @@ cp -fp contrib/dbus/{dbus_mgr.h,dbus_service.h} bin/named/include/named %patch83 -p1 -b .libidn2 %patch85 -p1 -b .libidn3 %patch87 -p1 -b .parallel -%patch91 -p1 -b .recv-race -%patch92 -p1 -b .edns -%patch94 -p1 -b .rh457175 %patch96 -p1 -b .rh452060 # Sparc and s390 arches need to use -fPIE @@ -408,7 +400,7 @@ for f in my.internal.zone.db slaves/my.slave.internal.zone.db slaves/my.ddns.int echo '@ in soa localhost. root 1 3H 15M 1W 1D ns localhost.' > sample/var/named/$f; done -/usr/bin/tail -n '+'`/bin/egrep -n '\\$Id: bind.spec,v 1.270 2008/12/03 12:21:13 atkac Exp $/+1/' | bc` bin/rndc/rndc.conf | sed '/Sample rndc configuration file./{p;i\ +/usr/bin/tail -n '+'`/bin/egrep -n '\\$Id: bind.spec,v 1.271 2009/01/08 14:47:03 atkac Exp $/+1/' | bc` bin/rndc/rndc.conf | sed '/Sample rndc configuration file./{p;i\ *\ * NOTE: you only need to create this file if it is to\ * differ from the following default contents: @@ -659,6 +651,14 @@ rm -rf ${RPM_BUILD_ROOT} %{_sbindir}/bind-chroot-admin %changelog +* Thu Jan 08 2009 Adam Tkac <atkac redhat com> 32:9.5.1-1.P1 +- 9.5.1-P1 release (CVE-2009-0025) +- patches merged + - bind95-rh454783.patch + - bind-9.5-recv-race.patch + - bind-9.5-edns.patch + - bind95-rh457175.patch + * Tue Dec 02 2008 Adam Tkac <atkac redhat com> 32:9.5.0-35.1.P2 - fixed rare use-after-free problem in host utility (#452060) diff --git a/bind95-rh454783.patch b/bind95-rh454783.patch deleted file mode 100644 index f2f332a..0000000 --- a/bind95-rh454783.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff -up bind-9.5.0-P1/bin/named/xfrout.c.rh454783 bind-9.5.0-P1/bin/named-sdb/xfrout.c ---- bind-9.5.0-P1/bin/named/xfrout.c.rh454783 2008-08-05 12:50:44.000000000 +0200 -+++ bind-9.5.0-P1/bin/named/xfrout.c 2008-08-05 12:57:54.000000000 +0200 -@@ -829,7 +829,9 @@ typedef struct { - dns_name_t *qname; /* Question name of request */ - dns_rdatatype_t qtype; /* dns_rdatatype_{a,i}xfr */ - dns_rdataclass_t qclass; -+#ifndef DLZ - dns_zone_t *zone; /* (necessary for stats) */ -+#endif - dns_db_t *db; - dns_dbversion_t *ver; - isc_quota_t *quota; -@@ -1330,10 +1332,14 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_cl - xfr->qname = qname; - xfr->qtype = qtype; - xfr->qclass = qclass; -+#ifndef DLZ - xfr->zone = NULL; -+#endif - xfr->db = NULL; - xfr->ver = NULL; -+#ifndef DLZ - dns_zone_attach(zone, &xfr->zone); -+#endif - dns_db_attach(db, &xfr->db); - dns_db_attachversion(db, ver, &xfr->ver); - xfr->end_of_stream = ISC_FALSE; -@@ -1709,8 +1715,10 @@ xfrout_ctx_destroy(xfrout_ctx_t **xfrp) - isc_quota_detach(&xfr->quota); - if (xfr->ver != NULL) - dns_db_closeversion(xfr->db, &xfr->ver, ISC_FALSE); -+#ifndef DLZ - if (xfr->zone != NULL) - dns_zone_detach(&xfr->zone); -+#endif - if (xfr->db != NULL) - dns_db_detach(&xfr->db); - -@@ -1744,7 +1752,10 @@ xfrout_senddone(isc_task_t *task, isc_ev - sendstream(xfr); - } else { - /* End of zone transfer stream. */ -+#ifndef DLZ -+ /* XXX DLZ zones doesn't support stats */ - inc_stats(xfr->zone, dns_nsstatscounter_xfrdone); -+#endif - xfrout_log(xfr, ISC_LOG_INFO, "%s ended", xfr->mnemonic); - ns_client_next(xfr->client, ISC_R_SUCCESS); - xfrout_ctx_destroy(&xfr); diff --git a/bind95-rh457175.patch b/bind95-rh457175.patch deleted file mode 100644 index 2ecd01e..0000000 --- a/bind95-rh457175.patch +++ /dev/null @@ -1,25 +0,0 @@ -diff -up bind-9.5.0-P1/lib/dns/iptable.c.rh457175 bind-9.5.0-P1/lib/dns/iptable.c ---- bind-9.5.0-P1/lib/dns/iptable.c.rh457175 2008-01-21 22:02:24.000000000 +0100 -+++ bind-9.5.0-P1/lib/dns/iptable.c 2008-07-31 16:10:46.000000000 +0200 -@@ -117,16 +117,17 @@ dns_iptable_merge(dns_iptable_t *tab, dn - if (node->data[0] && - *(isc_boolean_t *) node->data[0] == ISC_TRUE) - new_node->data[0] = &dns_iptable_neg; -- else -- new_node->data[0] = node->data[0]; - - if (node->data[1] && - *(isc_boolean_t *) node->data[1] == ISC_TRUE) - new_node->data[1] = &dns_iptable_neg; -- else -- new_node->data[1] = node->data[0]; - } - -+ if (new_node->data[0] == NULL) -+ new_node->data[0] = node->data[0]; -+ if (new_node->data[1] == NULL) -+ new_node->data[1] = node->data[1]; -+ - if (node->node_num[0] > max_node) - max_node = node->node_num[0]; - if (node->node_num[1] > max_node) @@ -1,4 +1,4 @@ 4faa4395b955e5f8a3d50f308b9fabc8 bind-chroot.tar.bz2 d4bc7234a0d7b93328335ed9c076c6e9 config-3.tar.bz2 13fef79f99fcefebb51d84b08805de51 libbind-man.tar.gz -16c893f73a394c8cc36d7900cb9bb801 bind-9.5.0-P2.tar.gz +8afc7f95f4fad1eaaba09596617b8089 bind-9.5.1-P1.tar.gz |