Date: Wed, 27 Mar 2013 10:11:44 +0000 (UTC) From: Erwin Lansing <erwin@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r248788 - in head: contrib/bind9 lib/bind lib/bind/dns lib/bind/dns/dns Message-ID: <201303271011.r2RABiKs053723@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: erwin Date: Wed Mar 27 10:11:43 2013 New Revision: 248788 URL: http://svnweb.freebsd.org/changeset/base/248788 Log: Update to 9.8.4-P2 Removed the check for regex.h in configure in order to disable regex syntax checking, as it exposes BIND to a critical flaw in libregex on some platforms. [RT #32688] Security: CVE-2013-2266 Approved by: delphij (mentor) Sponsored by: DK Hostmaster A/S Modified: head/contrib/bind9/CHANGES head/contrib/bind9/config.h.in head/contrib/bind9/configure.in head/contrib/bind9/version head/lib/bind/config.h head/lib/bind/dns/code.h head/lib/bind/dns/dns/enumclass.h head/lib/bind/dns/dns/enumtype.h head/lib/bind/dns/dns/rdatastruct.h Directory Properties: head/contrib/bind9/ (props changed) Modified: head/contrib/bind9/CHANGES ============================================================================== --- head/contrib/bind9/CHANGES Wed Mar 27 07:58:29 2013 (r248787) +++ head/contrib/bind9/CHANGES Wed Mar 27 10:11:43 2013 (r248788) @@ -1,3 +1,10 @@ + --- 9.8.4-P2 released --- + +3516. [security] Removed the check for regex.h in configure in order + to disable regex syntax checking, as it exposes + BIND to a critical flaw in libregex on some + platforms. [RT #32688] + --- 9.8.4-P1 released --- 3407. [security] Named could die on specific queries with dns64 enabled. Modified: head/contrib/bind9/config.h.in ============================================================================== --- head/contrib/bind9/config.h.in Wed Mar 27 07:58:29 2013 (r248787) +++ head/contrib/bind9/config.h.in Wed Mar 27 10:11:43 2013 (r248788) @@ -286,9 +286,6 @@ int sigwait(const unsigned int *set, int /* Define if your OpenSSL version supports GOST. */ #undef HAVE_OPENSSL_GOST -/* Define to 1 if you have the <regex.h> header file. */ -#undef HAVE_REGEX_H - /* Define to 1 if you have the `setegid' function. */ #undef HAVE_SETEGID Modified: head/contrib/bind9/configure.in ============================================================================== --- head/contrib/bind9/configure.in Wed Mar 27 07:58:29 2013 (r248787) +++ head/contrib/bind9/configure.in Wed Mar 27 10:11:43 2013 (r248788) @@ -298,7 +298,7 @@ esac AC_HEADER_STDC -AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,, +AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,, [$ac_includes_default #ifdef HAVE_SYS_PARAM_H # include <sys/param.h> Modified: head/contrib/bind9/version ============================================================================== --- head/contrib/bind9/version Wed Mar 27 07:58:29 2013 (r248787) +++ head/contrib/bind9/version Wed Mar 27 10:11:43 2013 (r248788) @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=8 PATCHVER=4 RELEASETYPE=-P -RELEASEVER=1 +RELEASEVER=2 Modified: head/lib/bind/config.h ============================================================================== --- head/lib/bind/config.h Wed Mar 27 07:58:29 2013 (r248787) +++ head/lib/bind/config.h Wed Mar 27 10:11:43 2013 (r248788) @@ -286,9 +286,6 @@ int sigwait(const unsigned int *set, int /* Define if your OpenSSL version supports GOST. */ /* #undef HAVE_OPENSSL_GOST */ -/* Define to 1 if you have the <regex.h> header file. */ -#define HAVE_REGEX_H 1 - /* Define to 1 if you have the `setegid' function. */ #define HAVE_SETEGID 1 Modified: head/lib/bind/dns/code.h ============================================================================== --- head/lib/bind/dns/code.h Wed Mar 27 07:58:29 2013 (r248787) +++ head/lib/bind/dns/code.h Wed Mar 27 10:11:43 2013 (r248788) @@ -1,7 +1,7 @@ /* $FreeBSD$ */ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any Modified: head/lib/bind/dns/dns/enumclass.h ============================================================================== --- head/lib/bind/dns/dns/enumclass.h Wed Mar 27 07:58:29 2013 (r248787) +++ head/lib/bind/dns/dns/enumclass.h Wed Mar 27 10:11:43 2013 (r248788) @@ -1,7 +1,7 @@ /* $FreeBSD$ */ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any Modified: head/lib/bind/dns/dns/enumtype.h ============================================================================== --- head/lib/bind/dns/dns/enumtype.h Wed Mar 27 07:58:29 2013 (r248787) +++ head/lib/bind/dns/dns/enumtype.h Wed Mar 27 10:11:43 2013 (r248788) @@ -1,7 +1,7 @@ /* $FreeBSD$ */ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any Modified: head/lib/bind/dns/dns/rdatastruct.h ============================================================================== --- head/lib/bind/dns/dns/rdatastruct.h Wed Mar 27 07:58:29 2013 (r248787) +++ head/lib/bind/dns/dns/rdatastruct.h Wed Mar 27 10:11:43 2013 (r248788) @@ -1,7 +1,7 @@ /* $FreeBSD$ */ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201303271011.r2RABiKs053723>