pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2012Q1]: pkgsrc/net/bind97 Pullup ticket #3764 - requested by ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/4ddcf271c6c8
branches: pkgsrc-2012Q1
changeset: 602071:4ddcf271c6c8
user: tron <tron%pkgsrc.org@localhost>
date: Thu May 03 18:32:02 2012 +0000
description:
Pullup ticket #3764 - requested by taca
net/bind97: security patch
Revisions pulled up:
- net/bind97/Makefile 1.13
- net/bind97/distinfo 1.12
- net/bind97/patches/patch-lib_dns_resolver.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 1 02:48:58 UTC 2012
Modified Files:
pkgsrc/net/bind97: Makefile distinfo
Added Files:
pkgsrc/net/bind97/patches: patch-lib_dns_resolver.c
Log Message:
Add fix to a race condition in the resolver code that can cause a recursive
nameserver: <https://kb.isc.org/article/AA-00664>.
Bump PKGREVISION.
diffstat:
net/bind97/Makefile | 3 +-
net/bind97/distinfo | 3 +-
net/bind97/patches/patch-lib_dns_resolver.c | 34 +++++++++++++++++++++++++++++
3 files changed, 38 insertions(+), 2 deletions(-)
diffs (65 lines):
diff -r 2a65e562d31b -r 4ddcf271c6c8 net/bind97/Makefile
--- a/net/bind97/Makefile Thu May 03 18:24:56 2012 +0000
+++ b/net/bind97/Makefile Thu May 03 18:32:02 2012 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.12 2012/04/05 00:40:09 taca Exp $
+# $NetBSD: Makefile,v 1.12.2.1 2012/05/03 18:32:02 tron Exp $
DISTNAME= bind-${BIND_VERSION}
PKGNAME= ${DISTNAME:S/-P/pl/}
+PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ \
http://ftp.belnet.be/pub/mirror/ftp.isc.org/isc/bind9/${BIND_VERSION}/
diff -r 2a65e562d31b -r 4ddcf271c6c8 net/bind97/distinfo
--- a/net/bind97/distinfo Thu May 03 18:24:56 2012 +0000
+++ b/net/bind97/distinfo Thu May 03 18:32:02 2012 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2012/04/05 00:40:09 taca Exp $
+$NetBSD: distinfo,v 1.11.2.1 2012/05/03 18:32:02 tron Exp $
SHA1 (bind-9.7.5.tar.gz) = d66705bb898340de88653892a75e0038c3dec86e
RMD160 (bind-9.7.5.tar.gz) = 0186557e4d20b06c45939988b47dbf2cf600ae9b
@@ -8,3 +8,4 @@
SHA1 (patch-ac) = ee4ca3d200b3d3f93b8ccfa2c6e51ab005b35a01
SHA1 (patch-ad) = 29fb5c24ff3558f1621e93ea16419e32dbc695b7
SHA1 (patch-ae) = 68b8155daa8f75081b6f8fd70ca23fda60506c64
+SHA1 (patch-lib_dns_resolver.c) = 1c0bc26a159219f65dc59429d395f7796a5165f6
diff -r 2a65e562d31b -r 4ddcf271c6c8 net/bind97/patches/patch-lib_dns_resolver.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/bind97/patches/patch-lib_dns_resolver.c Thu May 03 18:32:02 2012 +0000
@@ -0,0 +1,34 @@
+$NetBSD: patch-lib_dns_resolver.c,v 1.1.2.2 2012/05/03 18:32:02 tron Exp $
+
+Prevent segmentation fault in resolver.c: https://kb.isc.org/article/AA-00664
+
+--- lib/dns/resolver.c.orig 2012-03-22 19:14:04.000000000 +0000
++++ lib/dns/resolver.c
+@@ -2157,7 +2157,6 @@ fctx_finddone(isc_task_t *task, isc_even
+ isc_boolean_t want_try = ISC_FALSE;
+ isc_boolean_t want_done = ISC_FALSE;
+ isc_boolean_t bucket_empty = ISC_FALSE;
+- isc_boolean_t destroy = ISC_FALSE;
+ unsigned int bucketnum;
+
+ find = event->ev_sender;
+@@ -2196,17 +2195,12 @@ fctx_finddone(isc_task_t *task, isc_even
+ }
+ } else if (SHUTTINGDOWN(fctx) && fctx->pending == 0 &&
+ fctx->nqueries == 0 && ISC_LIST_EMPTY(fctx->validators)) {
+- /*
+- * Note that we had to wait until we had the lock before
+- * looking at fctx->references.
+- */
++
+ if (fctx->references == 0)
+- destroy = ISC_TRUE;
++ bucket_empty = fctx_destroy(fctx);
+ }
+ UNLOCK(&res->buckets[bucketnum].lock);
+
+- if (destroy)
+- bucket_empty = fctx_destroy(fctx);
+ isc_event_free(&event);
+ dns_adb_destroyfind(&find);
+
Home |
Main Index |
Thread Index |
Old Index