Prev-20 Home Next-20 4 msg ftpd - security thread ? 1 msg new user 1 msg unsumbscribe 6 msg Re: [SECURITY] [DSA 1286-1] New Linux 2.6.18 pa... 2 msg Default-Release 4.0*: security updates ignored 2 msg Re: [SECURITY] [DSA 1285-1] New wordpress packa... BIND 9.3.4-2 backport of 9.4.1's fix \ LaMont Jones (1 May 2007) . \ Florian Weimer (1 May 2007) . \ LaMont Jones (1 May 2007) 1 msg Re: [SECURITY] [DSA 1283-1] New php5 packages f... 1 msg Re: Re: Hi. My name is Perry 1 msg Laurent Sausse est absent. 1 msg Oliver Francke ist außer Haus. 1 msg Fwd: MoneyCentral.MSN.com 7278478285 1 msg Re: Undelivered Mail Returned to Sender 1 msg Áûñòðî 2 msg Ticket: [81293163-8022041702] 10 msg Security Debian Questions 1 msg Click here CgF pt 1 msg eine super seite 1 msg Re: My anchovy 1 msg Benjamin Fromme ist außer Haus. Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security May-2007 Next-Thread Next-Msg Subject: BIND 9.3.4-2 backport of 9.4.1's fix Group: Debian-security From: LaMont Jones Date: 1 May 2007 Here's a diff that backports the security fix in bind 9.4.1 to bind 9.3.4. I dug around a bit and found no CVE for it yet... lamont --- orig/CHANGES +++ mod/CHANGES @@ -1,3 +1,5 @@ +2172. [bug] query_addsoa() was being called with a non zone db. + [RT #16834] --- 9.3.4 released --- --- orig/bin/named/query.c +++ mod/bin/named/query.c @@ -3212,6 +3212,21 @@ * an error unless we were searching for * glue. Ugh. */ + if (!is_zone) { + authoritative = ISC_FALSE; + dns_rdatasetiter_destroy(&rdsiter); + if (RECURSIONOK(client)) { + result = query_recurse(client, + qtype, + NULL, + NULL); + if (result == ISC_R_SUCCESS) + client->query.attributes |= + NS_QUERYATTR_RECURSING; + else + QUERY_ERROR(DNS_R_SERVFAIL); } + goto addauth; + } /* * We were searching for SIG records in * a nonsecure zone. Send a "no error, --- orig/debian/changelog +++ mod/debian/changelog @@ -1,3 +1,9 @@ +bind9 (1:9.3.4-2+etch1) stable; urgency=low + + * Backport security fix from 9.4.1 + + -- LaMont Jones <lamont> Mon, 30 Apr 2007 18:29:40 -0600 + bind9 (1:9.3.4-2) unstable; urgency=high * Actually really do the merge of 9.3.4. Sigh. Closes: #408925 -- To UNSUBSCRIBE, email to debian-security-REQUEST with a subject of "unsubscribe". Trouble? Contact listmaster Prev-Msg Prev-Thread Debian-security May-2007 Next-Thread Next-Msg

© 2004-2008 readlist.com