Hello community, here is the log from the commit of package ldns for openSUSE:11.3 checked in at Mon Oct 17 17:28:54 CEST 2011.
-------- --- old-versions/11.3/all/ldns/ldns.changes 2009-04-27 15:34:23.000000000 +0200 +++ 11.3/ldns/ldns.changes 2011-10-17 14:58:58.000000000 +0200 @@ -1,0 +2,5 @@ +Mon Oct 17 12:58:37 UTC 2011 - [email protected] + +- fix heap overflow (bnc#720277, CVE-2011-3581) + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.3/all/ldns Destination is old-versions/11.3/UPDATES/all/ldns calling whatdependson for 11.3-i586 New: ---- 0001-Fix-comparison-between-signed-and-unsigned.diff 0001-Fix-heap-overflow-problem-thanks-to-david-keeler-bug-.diff 0001-do-not-loop-but-syntax-error-on-a-malformed-unknown-R.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ldns.spec ++++++ --- /var/tmp/diff_new_pack.PdGHyo/_old 2011-10-17 17:27:16.000000000 +0200 +++ /var/tmp/diff_new_pack.PdGHyo/_new 2011-10-17 17:27:16.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package ldns (Version 1.5.1) +# spec file for package ldns # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,9 +23,12 @@ Group: Development/Libraries/C and C++ License: BSD 3-Clause Version: 1.5.1 -Release: 2 +Release: 7.<RELEASE2> Url: http://www.nlnetlabs.nl/projects/ldns/ Source: http://www.nlnetlabs.nl/downloads/ldns/%{name}-%{version}.tar.bz2 +Patch0: 0001-do-not-loop-but-syntax-error-on-a-malformed-unknown-R.diff +Patch1: 0001-Fix-heap-overflow-problem-thanks-to-david-keeler-bug-.diff +Patch2: 0001-Fix-comparison-between-signed-and-unsigned.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel @@ -81,6 +84,9 @@ %prep %setup -q +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 %build %configure --disable-static --with-pic ++++++ 0001-Fix-comparison-between-signed-and-unsigned.diff ++++++ >From 592fb992d431ceaef7978b10a97b95cee2d31fbe Mon Sep 17 00:00:00 2001 From: wouter <wouter@af62348d-a3ea-0310-b058-bb613a78d823> Date: Fri, 2 Sep 2011 14:04:48 +0000 Subject: [PATCH] Fix comparison between signed and unsigned. git-svn-id: http://www.nlnetlabs.nl/svn/ldns/trunk@3538 af62348d-a3ea-0310-b058-bb613a78d823 --- rr.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Index: ldns-1.5.1/rr.c =================================================================== --- ldns-1.5.1.orig/rr.c +++ ldns-1.5.1/rr.c @@ -422,7 +422,7 @@ ldns_rr_new_frm_str_internal(ldns_rr **n if (c != -1) { rd_strlen = strlen(rd); } - if (c == -1 || cur_hex_data_size + rd_strlen > 2 * hex_data_size) { + if (c == -1 || (size_t)cur_hex_data_size + rd_strlen > 2 * (size_t)hex_data_size) { LDNS_FREE(hex_data_str); LDNS_FREE(rd); LDNS_FREE(b64); ++++++ 0001-Fix-heap-overflow-problem-thanks-to-david-keeler-bug-.diff ++++++ >From 165419ce11cc217657251ae1a3388daa6b51ee2c Mon Sep 17 00:00:00 2001 From: willem <willem@af62348d-a3ea-0310-b058-bb613a78d823> Date: Wed, 24 Aug 2011 20:04:48 +0000 Subject: [PATCH] Fix heap overflow problem thanks to david keeler: bug #403 git-svn-id: http://www.nlnetlabs.nl/svn/ldns/trunk@3527 af62348d-a3ea-0310-b058-bb613a78d823 --- rr.c | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-) Index: ldns-1.5.1/rr.c =================================================================== --- ldns-1.5.1.orig/rr.c +++ ldns-1.5.1/rr.c @@ -419,7 +419,10 @@ ldns_rr_new_frm_str_internal(ldns_rr **n cur_hex_data_size = 0; while(cur_hex_data_size < 2 * hex_data_size) { c = ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN); - if (c == -1) { + if (c != -1) { + rd_strlen = strlen(rd); + } + if (c == -1 || cur_hex_data_size + rd_strlen > 2 * hex_data_size) { LDNS_FREE(hex_data_str); LDNS_FREE(rd); LDNS_FREE(b64); @@ -429,7 +432,6 @@ ldns_rr_new_frm_str_internal(ldns_rr **n ldns_rr_free(new); return LDNS_STATUS_SYNTAX_RDATA_ERR; } - rd_strlen = strlen(rd); rd_strlen = strlen(rd); strncpy(hex_data_str + cur_hex_data_size, rd, rd_strlen); cur_hex_data_size += rd_strlen; ++++++ 0001-do-not-loop-but-syntax-error-on-a-malformed-unknown-R.diff ++++++ >From 746d3fe3247543cf4e8aa2029704f016e0d246ff Mon Sep 17 00:00:00 2001 From: matje <matje@af62348d-a3ea-0310-b058-bb613a78d823> Date: Wed, 20 Apr 2011 09:21:29 +0000 Subject: [PATCH] do not loop, but syntax error on a malformed unknown RR git-svn-id: http://www.nlnetlabs.nl/svn/ldns/trunk@3483 af62348d-a3ea-0310-b058-bb613a78d823 --- rr.c | 11 +++++++++++ 1 files changed, 11 insertions(+), 0 deletions(-) Index: ldns-1.5.1/rr.c =================================================================== --- ldns-1.5.1.orig/rr.c +++ ldns-1.5.1/rr.c @@ -419,6 +419,17 @@ ldns_rr_new_frm_str_internal(ldns_rr **n cur_hex_data_size = 0; while(cur_hex_data_size < 2 * hex_data_size) { c = ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN); + if (c == -1) { + LDNS_FREE(hex_data_str); + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_SYNTAX_RDATA_ERR; + } + rd_strlen = strlen(rd); rd_strlen = strlen(rd); strncpy(hex_data_str + cur_hex_data_size, rd, rd_strlen); cur_hex_data_size += rd_strlen; continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
