Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 31 Jul 2013 11:42:42 +0000 (UTC)
From:      Erwin Lansing <erwin@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org
Subject:   svn commit: r253837 - in vendor/bind9/dist: . lib/dns/rdata/generic
Message-ID:  <201307311142.r6VBghWX035160@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: erwin
Date: Wed Jul 31 11:42:42 2013
New Revision: 253837
URL: http://svnweb.freebsd.org/changeset/base/253837

Log:
  Vendor import of BIND 9.8.5-P2
  
  Approved by:	delphij (mentor, implicit)
  Sponsored by:	DK Hostmaster A/S

Modified:
  vendor/bind9/dist/CHANGES
  vendor/bind9/dist/lib/dns/rdata/generic/keydata_65533.c
  vendor/bind9/dist/version

Modified: vendor/bind9/dist/CHANGES
==============================================================================
--- vendor/bind9/dist/CHANGES	Wed Jul 31 11:36:20 2013	(r253836)
+++ vendor/bind9/dist/CHANGES	Wed Jul 31 11:42:42 2013	(r253837)
@@ -1,3 +1,9 @@
+	--- 9.8.5-P2 released ---
+
+3621.	[security]	Incorrect bounds checking on private type 'keydata'
+			can lead to a remotely triggerable REQUIRE failure
+			(CVE-2013-4854). [RT #34238]
+
 	--- 9.8.5-P1 released ---
 
 3584.	[security]	Caching data from an incompletely signed zone could

Modified: vendor/bind9/dist/lib/dns/rdata/generic/keydata_65533.c
==============================================================================
--- vendor/bind9/dist/lib/dns/rdata/generic/keydata_65533.c	Wed Jul 31 11:36:20 2013	(r253836)
+++ vendor/bind9/dist/lib/dns/rdata/generic/keydata_65533.c	Wed Jul 31 11:42:42 2013	(r253837)
@@ -176,7 +176,7 @@ fromwire_keydata(ARGS_FROMWIRE) {
 	UNUSED(options);
 
 	isc_buffer_activeregion(source, &sr);
-	if (sr.length < 4)
+	if (sr.length < 16)
 		return (ISC_R_UNEXPECTEDEND);
 
 	isc_buffer_forward(source, sr.length);

Modified: vendor/bind9/dist/version
==============================================================================
--- vendor/bind9/dist/version	Wed Jul 31 11:36:20 2013	(r253836)
+++ vendor/bind9/dist/version	Wed Jul 31 11:42:42 2013	(r253837)
@@ -9,4 +9,4 @@ MAJORVER=9
 MINORVER=8
 PATCHVER=5
 RELEASETYPE=-P
-RELEASEVER=1
+RELEASEVER=2

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307311142.r6VBghWX035160>