diff options
| author | dougb <dougb@FreeBSD.org> | 2005-01-29 04:47:44 +0800 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2005-01-29 04:47:44 +0800 |
| commit | 2449662f367d263eaa135881faece1d9500ab5c1 (patch) | |
| tree | bf63072948957fa41f28ba6943d29ed2a62fd262 | |
| parent | 4fb6496ea77d6df85ebfc5460e30550b718d4a37 (diff) | |
| download | freebsd-ports-gnome-2449662f367d263eaa135881faece1d9500ab5c1.tar.gz freebsd-ports-gnome-2449662f367d263eaa135881faece1d9500ab5c1.tar.zst freebsd-ports-gnome-2449662f367d263eaa135881faece1d9500ab5c1.zip | |
Include a patch from ISC to deal with the following vulnerability:
Name: BIND: Self Check Failing [Added 2005.25.01]
Versions affected: BIND 9.3.0
Severity: LOW
Exploitable: Remotely
Type: Denial of Service
Description:
An incorrect assumption in the validator (authvalidated) can result in a
REQUIRE (internal consistancy) test failing and named exiting.
Workarounds:
Turn off dnssec validation (off by default) at the options/view level.
dnssec-enable no;
Active Exploits: None known
Bump PORTREVISION accordingly.
It should be noted that the vast majority of users would not have
DNSSEC enabled, and therefore are not vulnerable to this bug.
| -rw-r--r-- | dns/bind9/Makefile | 10 | ||||
| -rw-r--r-- | dns/bind9/distinfo | 4 | ||||
| -rw-r--r-- | dns/bind94/Makefile | 10 | ||||
| -rw-r--r-- | dns/bind94/distinfo | 4 | ||||
| -rw-r--r-- | dns/bind95/Makefile | 10 | ||||
| -rw-r--r-- | dns/bind95/distinfo | 4 | ||||
| -rw-r--r-- | dns/bind96/Makefile | 10 | ||||
| -rw-r--r-- | dns/bind96/distinfo | 4 |
8 files changed, 52 insertions, 4 deletions
diff --git a/dns/bind9/Makefile b/dns/bind9/Makefile index 5dffd8c4d851..6b430e243906 100644 --- a/dns/bind9/Makefile +++ b/dns/bind9/Makefile @@ -13,11 +13,13 @@ PORTNAME= bind9 PORTVERSION= 9.3.0 +PORTREVISION= 1 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} MASTER_SITE_SUBDIR= bind9/${ISCVERSION} DISTNAME= bind-${ISCVERSION} -DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc +DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc \ + 9.3.0-patch1 9.3.0-patch1.asc EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= DougB@FreeBSD.org @@ -91,6 +93,12 @@ MAN5= named.conf.5 rndc.conf.5 MAN8= dnssec-keygen.8 dnssec-signzone.8 lwresd.8 named-checkconf.8 \ named-checkzone.8 named.8 nsupdate.8 rndc-confgen.8 rndc.8 +pre-patch: + @${SED} -e 's#bind9/lib/dns/validator.c#lib/dns/validator.c#g' \ + ${DISTDIR}/9.3.0-patch1 > ${WRKDIR}/9.3.0-patch1 + +EXTRA_PATCHES= ${WRKDIR}/9.3.0-patch1 + post-patch: .for FILE in check/named-checkconf.8 named/named.8 nsupdate/nsupdate.8 \ rndc/rndc.8 diff --git a/dns/bind9/distinfo b/dns/bind9/distinfo index dd09fb5d019f..e9a0f2c27568 100644 --- a/dns/bind9/distinfo +++ b/dns/bind9/distinfo @@ -2,3 +2,7 @@ MD5 (bind-9.3.0.tar.gz) = fdb42fff7e345372ac52a4493b77b694 SIZE (bind-9.3.0.tar.gz) = 4730656 MD5 (bind-9.3.0.tar.gz.asc) = 131e73f617c649652c6218826bdc92f8 SIZE (bind-9.3.0.tar.gz.asc) = 186 +MD5 (9.3.0-patch1) = 90733dadf1487e035a8b94951e55fbb7 +SIZE (9.3.0-patch1) = 1019 +MD5 (9.3.0-patch1.asc) = 4c8072f375fa53e5ada4e0e4f67402c0 +SIZE (9.3.0-patch1.asc) = 187 diff --git a/dns/bind94/Makefile b/dns/bind94/Makefile index 5dffd8c4d851..6b430e243906 100644 --- a/dns/bind94/Makefile +++ b/dns/bind94/Makefile @@ -13,11 +13,13 @@ PORTNAME= bind9 PORTVERSION= 9.3.0 +PORTREVISION= 1 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} MASTER_SITE_SUBDIR= bind9/${ISCVERSION} DISTNAME= bind-${ISCVERSION} -DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc +DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc \ + 9.3.0-patch1 9.3.0-patch1.asc EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= DougB@FreeBSD.org @@ -91,6 +93,12 @@ MAN5= named.conf.5 rndc.conf.5 MAN8= dnssec-keygen.8 dnssec-signzone.8 lwresd.8 named-checkconf.8 \ named-checkzone.8 named.8 nsupdate.8 rndc-confgen.8 rndc.8 +pre-patch: + @${SED} -e 's#bind9/lib/dns/validator.c#lib/dns/validator.c#g' \ + ${DISTDIR}/9.3.0-patch1 > ${WRKDIR}/9.3.0-patch1 + +EXTRA_PATCHES= ${WRKDIR}/9.3.0-patch1 + post-patch: .for FILE in check/named-checkconf.8 named/named.8 nsupdate/nsupdate.8 \ rndc/rndc.8 diff --git a/dns/bind94/distinfo b/dns/bind94/distinfo index dd09fb5d019f..e9a0f2c27568 100644 --- a/dns/bind94/distinfo +++ b/dns/bind94/distinfo @@ -2,3 +2,7 @@ MD5 (bind-9.3.0.tar.gz) = fdb42fff7e345372ac52a4493b77b694 SIZE (bind-9.3.0.tar.gz) = 4730656 MD5 (bind-9.3.0.tar.gz.asc) = 131e73f617c649652c6218826bdc92f8 SIZE (bind-9.3.0.tar.gz.asc) = 186 +MD5 (9.3.0-patch1) = 90733dadf1487e035a8b94951e55fbb7 +SIZE (9.3.0-patch1) = 1019 +MD5 (9.3.0-patch1.asc) = 4c8072f375fa53e5ada4e0e4f67402c0 +SIZE (9.3.0-patch1.asc) = 187 diff --git a/dns/bind95/Makefile b/dns/bind95/Makefile index 5dffd8c4d851..6b430e243906 100644 --- a/dns/bind95/Makefile +++ b/dns/bind95/Makefile @@ -13,11 +13,13 @@ PORTNAME= bind9 PORTVERSION= 9.3.0 +PORTREVISION= 1 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} MASTER_SITE_SUBDIR= bind9/${ISCVERSION} DISTNAME= bind-${ISCVERSION} -DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc +DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc \ + 9.3.0-patch1 9.3.0-patch1.asc EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= DougB@FreeBSD.org @@ -91,6 +93,12 @@ MAN5= named.conf.5 rndc.conf.5 MAN8= dnssec-keygen.8 dnssec-signzone.8 lwresd.8 named-checkconf.8 \ named-checkzone.8 named.8 nsupdate.8 rndc-confgen.8 rndc.8 +pre-patch: + @${SED} -e 's#bind9/lib/dns/validator.c#lib/dns/validator.c#g' \ + ${DISTDIR}/9.3.0-patch1 > ${WRKDIR}/9.3.0-patch1 + +EXTRA_PATCHES= ${WRKDIR}/9.3.0-patch1 + post-patch: .for FILE in check/named-checkconf.8 named/named.8 nsupdate/nsupdate.8 \ rndc/rndc.8 diff --git a/dns/bind95/distinfo b/dns/bind95/distinfo index dd09fb5d019f..e9a0f2c27568 100644 --- a/dns/bind95/distinfo +++ b/dns/bind95/distinfo @@ -2,3 +2,7 @@ MD5 (bind-9.3.0.tar.gz) = fdb42fff7e345372ac52a4493b77b694 SIZE (bind-9.3.0.tar.gz) = 4730656 MD5 (bind-9.3.0.tar.gz.asc) = 131e73f617c649652c6218826bdc92f8 SIZE (bind-9.3.0.tar.gz.asc) = 186 +MD5 (9.3.0-patch1) = 90733dadf1487e035a8b94951e55fbb7 +SIZE (9.3.0-patch1) = 1019 +MD5 (9.3.0-patch1.asc) = 4c8072f375fa53e5ada4e0e4f67402c0 +SIZE (9.3.0-patch1.asc) = 187 diff --git a/dns/bind96/Makefile b/dns/bind96/Makefile index 5dffd8c4d851..6b430e243906 100644 --- a/dns/bind96/Makefile +++ b/dns/bind96/Makefile @@ -13,11 +13,13 @@ PORTNAME= bind9 PORTVERSION= 9.3.0 +PORTREVISION= 1 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} MASTER_SITE_SUBDIR= bind9/${ISCVERSION} DISTNAME= bind-${ISCVERSION} -DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc +DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc \ + 9.3.0-patch1 9.3.0-patch1.asc EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= DougB@FreeBSD.org @@ -91,6 +93,12 @@ MAN5= named.conf.5 rndc.conf.5 MAN8= dnssec-keygen.8 dnssec-signzone.8 lwresd.8 named-checkconf.8 \ named-checkzone.8 named.8 nsupdate.8 rndc-confgen.8 rndc.8 +pre-patch: + @${SED} -e 's#bind9/lib/dns/validator.c#lib/dns/validator.c#g' \ + ${DISTDIR}/9.3.0-patch1 > ${WRKDIR}/9.3.0-patch1 + +EXTRA_PATCHES= ${WRKDIR}/9.3.0-patch1 + post-patch: .for FILE in check/named-checkconf.8 named/named.8 nsupdate/nsupdate.8 \ rndc/rndc.8 diff --git a/dns/bind96/distinfo b/dns/bind96/distinfo index dd09fb5d019f..e9a0f2c27568 100644 --- a/dns/bind96/distinfo +++ b/dns/bind96/distinfo @@ -2,3 +2,7 @@ MD5 (bind-9.3.0.tar.gz) = fdb42fff7e345372ac52a4493b77b694 SIZE (bind-9.3.0.tar.gz) = 4730656 MD5 (bind-9.3.0.tar.gz.asc) = 131e73f617c649652c6218826bdc92f8 SIZE (bind-9.3.0.tar.gz.asc) = 186 +MD5 (9.3.0-patch1) = 90733dadf1487e035a8b94951e55fbb7 +SIZE (9.3.0-patch1) = 1019 +MD5 (9.3.0-patch1.asc) = 4c8072f375fa53e5ada4e0e4f67402c0 +SIZE (9.3.0-patch1.asc) = 187 |