Re: CVS: cvs.openbsd.org: ports

Thu, 28 Mar 2013 02:33:59 -0700 

On 2013/03/28 03:18, Stuart Henderson wrote:
> CVSROOT:      /cvs
> Module name:  ports
> Changes by:   [email protected]   2013/03/28 03:18:51
> 
> Modified files:
>       net/isc-bind   : Makefile distinfo 
>       net/isc-bind/pkg: PLIST 
> Removed files:
>       net/isc-bind/pkg: PFRAG.shared 
> 
> Log message:
> SECURITY update for ports/net/isc-bind (affects 9.7 and up), CVE-2013-2266
> 
> "A critical defect in BIND 9 allows an attacker to cause excessive memory
> consumption in named or other programs linked to libdns.
> 
> The problem is encountered when a program compiled to link to libdns
> receives a maliciously-constructed regular expression via any of several
> delivery methods."
> 
> https://kb.isc.org/article/AA-0087
> 

Oh, and there are at least 5 other crash fixes listed in changelog
(though this one is "on some platforms" so not clear if it affects us).


Security Fixes

    Removed the check for regex.h in configure in order to disable
    regex syntax checking, as it exposes BIND to a critical flaw in
    libregex on some platforms. [RT #32688]

    Prevents named from aborting with a require assertion failure
    on servers with DNS64 enabled.  These crashes might occur as a
    result of  specific queries that are received.  (Note that this
    fix is a subset of a series of updates that will be included in
    full in BIND 9.8.5 and 9.9.3 as change #3388, RT #30996).
    [CVE-2012-5688] [RT #30792]

    A deliberately constructed combination of records could cause
    named to hang while populating the additional section of a
    response. [CVE-2012-5166] [RT #31090]

    Prevents a named assert (crash) when queried for a record whose
    RDATA exceeds 65535 bytes.  [CVE-2012-4244]  [RT #30416]

    Prevents a named assert (crash) when validating caused by using
    "Bad cache" data before it has been initialized. [CVE-2012-3817]
    [RT #30025]

    A condition has been corrected where improper handling of
    zero-length RDATA could cause undesirable behavior, including
    termination of the named process. [CVE-2012-1667]  [RT #29644]

    ISC_QUEUE handling for recursive clients was updated to address
    a race condition that could cause a memory leak. This rarely
    occurred with UDP clients, but could be a significant problem
    for a server handling a steady rate of TCP queries. [CVE-2012-3868]
    [RT #29539 & #30233]

Reply via email to