Tree - rpms/bind - CentOS Git server

rpms / bind

Blame bind99-CVE-2015-1349.patch

Blob History Raw

Tomas Hozza	fb5a2e	`commit 2e9d79f169663c9aff5f0dcdc626a2cd2dbb5892`
Tomas Hozza	fb5a2e	`Author: Evan Hunt <each@isc.org>`
Tomas Hozza	fb5a2e	`Date: Tue Feb 3 18:30:38 2015 -0800`
Tomas Hozza	fb5a2e
Tomas Hozza	fb5a2e	`[v9_9_6_patch] avoid crash due to managed-key rollover`
Tomas Hozza	fb5a2e
Tomas Hozza	fb5a2e	`4053. [security] Revoking a managed trust anchor and supplying`
Tomas Hozza	fb5a2e	`an untrusted replacement could cause named`
Tomas Hozza	fb5a2e	`to crash with an assertion failure.`
Tomas Hozza	fb5a2e	`(CVE-2015-1349) [RT #38344]`
Tomas Hozza	fb5a2e
Tomas Hozza	fb5a2e	`diff --git a/lib/dns/zone.c b/lib/dns/zone.c`
Tomas Hozza	fb5a2e	`index 7a9825b..5db2844 100644`
Tomas Hozza	fb5a2e	`--- a/lib/dns/zone.c`
Tomas Hozza	fb5a2e	`+++ b/lib/dns/zone.c`
Tomas Hozza	fb5a2e	`@@ -8508,6 +8508,12 @@ keyfetch_done(isc_task_t task, isc_event_t event) {`
Tomas Hozza	fb5a2e	`namebuf, tag);`
Tomas Hozza	fb5a2e	`trustkey = ISC_TRUE;`
Tomas Hozza	fb5a2e	`}`
Tomas Hozza	fb5a2e	`+ } else {`
Tomas Hozza	fb5a2e	`+ /*`
Tomas Hozza	fb5a2e	`+ * No previously known key, and the key is not`
Tomas Hozza	fb5a2e	`+ * secure, so skip it.`
Tomas Hozza	fb5a2e	`+ */`
Tomas Hozza	fb5a2e	`+ continue;`
Tomas Hozza	fb5a2e	`}`
Tomas Hozza	fb5a2e
Tomas Hozza	fb5a2e	`/* Delete old version */`
Tomas Hozza	fb5a2e	`@@ -8556,7 +8562,7 @@ keyfetch_done(isc_task_t task, isc_event_t event) {`
Tomas Hozza	fb5a2e	`trust_key(zone, keyname, &dnskey, mctx);`
Tomas Hozza	fb5a2e	`}`
Tomas Hozza	fb5a2e
Tomas Hozza	fb5a2e	`- if (!deletekey) {`
Tomas Hozza	fb5a2e	`+ if (secure && !deletekey) {`
Tomas Hozza	fb5a2e	`INSIST(newkey \|\| updatekey);`
Tomas Hozza	fb5a2e	`set_refreshkeytimer(zone, &keydata, now);`
Tomas Hozza	fb5a2e	`}`

rpms / bind

Source Code

Blame bind99-CVE-2015-1349.patch