CVS commit: src/external/mpl/bind/dist

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/external/mpl/bind/dist
From: "Christos Zoulas" <christos%netbsd.org@localhost>
Date: Tue, 13 Feb 2024 10:21:10 -0500

Module Name:    src
Committed By:   christos
Date:           Tue Feb 13 15:21:10 UTC 2024

Modified Files:
        src/external/mpl/bind/dist/bin/plugins: filter-aaaa.c
        src/external/mpl/bind/dist/lib/dns: catz.c message.c name.c rpz.c
        src/external/mpl/bind/dist/lib/dns/include/dns: message.h name.h
        src/external/mpl/bind/dist/lib/dns/win32: libdns.def.in
        src/external/mpl/bind/dist/lib/isc: ht.c
        src/external/mpl/bind/dist/lib/isc/include/isc: ht.h
        src/external/mpl/bind/dist/lib/isc/tests: ht_test.c

Log Message:
Apply patch for CVE-2023-4408:

The DNS message parsing code in `named` includes a section whose
computational complexity is overly high. It does not cause problems
for typical DNS traffic, but crafted queries and responses may
cause excessive CPU load on the affected `named` instance by
exploiting this flaw. This issue affects both authoritative servers
and recursive resolvers. This issue affects BIND 9 versions 9.0.0
through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19,
9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and
9.18.11-S1 through 9.18.21-S1.


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/external/mpl/bind/dist/bin/plugins/filter-aaaa.c
cvs rdiff -u -r1.10 -r1.11 src/external/mpl/bind/dist/lib/dns/catz.c
cvs rdiff -u -r1.15 -r1.16 src/external/mpl/bind/dist/lib/dns/message.c
cvs rdiff -u -r1.12 -r1.13 src/external/mpl/bind/dist/lib/dns/name.c
cvs rdiff -u -r1.13 -r1.14 src/external/mpl/bind/dist/lib/dns/rpz.c
cvs rdiff -u -r1.11 -r1.12 \
    src/external/mpl/bind/dist/lib/dns/include/dns/message.h
cvs rdiff -u -r1.9 -r1.10 \
    src/external/mpl/bind/dist/lib/dns/include/dns/name.h
cvs rdiff -u -r1.1.1.12 -r1.2 \
    src/external/mpl/bind/dist/lib/dns/win32/libdns.def.in
cvs rdiff -u -r1.8 -r1.9 src/external/mpl/bind/dist/lib/isc/ht.c
cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/lib/isc/include/isc/ht.h
cvs rdiff -u -r1.9 -r1.10 src/external/mpl/bind/dist/lib/isc/tests/ht_test.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/dev
Next by Date: CVS commit: src/external/mpl/bind/dist/lib/ns
Previous by Thread: CVS commit: src/sys/dev
Next by Thread: CVS commit: src/external/mpl/bind/dist/lib/ns
Indexes:

Home | Main Index | Thread Index | Old Index