pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/ldns Apply fix for CVE-2017-1000232 from
details: https://anonhg.NetBSD.org/pkgsrc/rev/78f2a70f9d6b
branches: trunk
changeset: 375517:78f2a70f9d6b
user: he <he%pkgsrc.org@localhost>
date: Tue Feb 13 15:08:11 2018 +0000
description:
Apply fix for CVE-2017-1000232 from
https://git.nlnetlabs.nl/ldns/commit/?id=3bdeed02
Also correct previous CVE, it's CVE-2017-100231...
Bump PKGREVISION.
diffstat:
net/ldns/distinfo | 5 +++--
net/ldns/patches/patch-parse.c | 4 ++--
net/ldns/patches/patch-str2host.c | 19 +++++++++++++++++++
3 files changed, 24 insertions(+), 4 deletions(-)
diffs (51 lines):
diff -r 558148768efc -r 78f2a70f9d6b net/ldns/distinfo
--- a/net/ldns/distinfo Tue Feb 13 14:59:14 2018 +0000
+++ b/net/ldns/distinfo Tue Feb 13 15:08:11 2018 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.21 2018/02/13 14:59:14 he Exp $
+$NetBSD: distinfo,v 1.22 2018/02/13 15:08:11 he Exp $
SHA1 (ldns-1.6.17.tar.gz) = 4218897b3c002aadfc7280b3f40cda829e05c9a4
RMD160 (ldns-1.6.17.tar.gz) = 5382cfaafa7ec1fadcf390f804fbf14e04d7c03a
@@ -6,4 +6,5 @@
Size (ldns-1.6.17.tar.gz) = 1315403 bytes
SHA1 (patch-doc_doxyparse.pl) = 8d21d6f1c2e5e8d9ecc16a23dc7a462f0c54b5f7
SHA1 (patch-examples_ldns-keygen.c) = 12ab1cb2c74f09d763969298a21c9470b748d292
-SHA1 (patch-parse.c) = 206e12c806854b652a799e98efd86c5e15f8024d
+SHA1 (patch-parse.c) = 3dbf4443b4a068f02e2799e820e8fcbf50abaa15
+SHA1 (patch-str2host.c) = 002e2f04059a9bc2479a8d66335595d4d7dd598f
diff -r 558148768efc -r 78f2a70f9d6b net/ldns/patches/patch-parse.c
--- a/net/ldns/patches/patch-parse.c Tue Feb 13 14:59:14 2018 +0000
+++ b/net/ldns/patches/patch-parse.c Tue Feb 13 15:08:11 2018 +0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-parse.c,v 1.1 2018/02/13 14:59:15 he Exp $
+$NetBSD: patch-parse.c,v 1.2 2018/02/13 15:08:11 he Exp $
-Apply fix for CVE-2017-10002, via
+Apply fix for CVE-2017-1000231, via
https://git.nlnetlabs.nl/ldns/commit/?id=c8391790
--- parse.c.orig 2014-01-10 21:04:41.000000000 +0000
diff -r 558148768efc -r 78f2a70f9d6b net/ldns/patches/patch-str2host.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ldns/patches/patch-str2host.c Tue Feb 13 15:08:11 2018 +0000
@@ -0,0 +1,19 @@
+$NetBSD: patch-str2host.c,v 1.1 2018/02/13 15:08:11 he Exp $
+
+Apply fix for CVE-2017-1000232 from
+https://git.nlnetlabs.nl/ldns/commit/?id=3bdeed02
+
+--- str2host.c.orig 2014-01-10 21:04:41.000000000 +0000
++++ str2host.c
+@@ -1458,7 +1458,10 @@ ldns_str2rdf_long_str(ldns_rdf **rd, con
+ if (! str) {
+ return LDNS_STATUS_SYNTAX_BAD_ESCAPE;
+ }
+- length = (size_t)(dp - data);
++ if (!(length = (size_t)(dp - data))) {
++ LDNS_FREE(data);
++ return LDNS_STATUS_SYNTAX_EMPTY;
++ }
+
+ /* Lose the overmeasure */
+ data = LDNS_XREALLOC(dp = data, uint8_t, length);
Home |
Main Index |
Thread Index |
Old Index