[bind/f14] Fix CVE-2011-1910

Adam Tkac atkac at fedoraproject.org
Fri May 27 10:05:10 UTC 2011 

commit ea0a4405184e321747f8ef6b39de11679805c742
Author: Adam Tkac <atkac at redhat.com>
Date:   Fri May 27 12:04:40 2011 +0200

    Fix CVE-2011-1910
    
    Signed-off-by: Adam Tkac <atkac at redhat.com>

 bind.spec                  |    7 ++++++-
 bind97-CVE-2011-1910.patch |   12 ++++++++++++
 2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/bind.spec b/bind.spec
index dade23f..13ba865 100644
--- a/bind.spec
+++ b/bind.spec
@@ -21,7 +21,7 @@ Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
 Name:     bind
 License:  ISC
 Version:  9.7.4
-Release:  0.1.%{PREVER}%{?dist}
+Release:  0.2.%{PREVER}%{?dist}
 Epoch:    32
 Url:      http://www.isc.org/products/BIND/
 Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -58,6 +58,7 @@ Patch107:bind97-dist-pkcs11.patch
 Patch109:bind97-rh478718.patch
 Patch110:bind97-rh570851.patch
 Patch112:bind97-rh645544.patch
+Patch113:bind97-CVE-2011-1910.patch
 
 # SDB patches
 Patch11: bind-9.3.2b2-sdbsrc.patch
@@ -241,6 +242,7 @@ mkdir m4
 %patch109 -p1 -b .rh478718
 %patch110 -p1 -b .rh570851
 %patch112 -p1 -b .rh645544
+%patch113 -p1 -b .CVE-2011-1910
 
 # Sparc and s390 arches need to use -fPIE
 %ifarch sparcv9 sparc64 s390 s390x
@@ -676,6 +678,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %endif
 
 %changelog
+* Fri May 27 2011 Adam Tkac <atkac redhat com> 32:9.7.4-0.2.b1
+- fix CVE-2011-1910
+
 * Tue May 17 2011 Adam Tkac <atkac redhat com> 32:9.7.4-0.1.b1
 - update to 9.7.4b1 (#683648)
   - bind97-rh674334.patch merged
diff --git a/bind97-CVE-2011-1910.patch b/bind97-CVE-2011-1910.patch
new file mode 100644
index 0000000..42a3076
--- /dev/null
+++ b/bind97-CVE-2011-1910.patch
@@ -0,0 +1,12 @@
+diff -up bind-9.7.4b1/lib/dns/ncache.c.CVE-2011-1910 bind-9.7.4b1/lib/dns/ncache.c
+--- bind-9.7.4b1/lib/dns/ncache.c.CVE-2011-1910	2011-05-27 12:02:51.185764809 +0200
++++ bind-9.7.4b1/lib/dns/ncache.c	2011-05-27 12:03:01.599764788 +0200
+@@ -186,7 +186,7 @@ dns_ncache_addoptout(dns_message_t *mess
+ 					 */
+ 					isc_buffer_availableregion(&buffer,
+ 								   &r);
+-					if (r.length < 2)
++					if (r.length < 3)
+ 						return (ISC_R_NOSPACE);
+ 					isc_buffer_putuint16(&buffer,
+ 							     rdataset->type);

More information about the scm-commits mailing list