Now
pkgsrc-2015Q2 commitmail json YAML
Pullup ticket #4810 - requested by sevan & taca
net/bind99: security update
Revisions pulled up:
- net/bind99/Makefile 1.47-1.48
- net/bind99/distinfo 1.31-1.32
- net/bind99/patches/patch-lib_dns_hmac_link.c deleted
- net/bind99/patches/patch-lib_dns_include_dst_dst.h deleted
- net/bind99/patches/patch-lib_dns_ncache.c deleted
- net/bind99/patches/patch-lib_dns_openssldh_link.c deleted
- net/bind99/patches/patch-lib_dns_openssldsa_link.c deleted
- net/bind99/patches/patch-lib_dns_opensslecdsa_link.c deleted
- net/bind99/patches/patch-lib_dns_opensslsslrsa_link.c deleted
- net/bind99/patches/patch-lib_dns_rdata_generic_openpgpkey_61.c deleted
- net/bind99/patches/patch-lib_dns_resolver.c deleted
---
Module Name: pkgsrc
Committed By: sevan
Date: Wed Sep 2 19:44:28 UTC 2015
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Added Files:
pkgsrc/net/bind99/patches: patch-lib_dns_hmac_link.c
patch-lib_dns_include_dst_dst.h patch-lib_dns_ncache.c
patch-lib_dns_openssldh_link.c patch-lib_dns_openssldsa_link.c
patch-lib_dns_opensslecdsa_link.c
patch-lib_dns_opensslsslrsa_link.c
patch-lib_dns_rdata_generic_openpgpkey_61.c
patch-lib_dns_resolver.c
Log Message:
Patch CVE-2015-5722 & CVE-2015-5986
Bump rev
CVE-2015-5722 - Parsing malformed keys may cause BIND to exit due to a failed
assertion in buffer.c
https://kb.isc.org/article/AA-01287/0
CVE-2015-5986 - An incorrect boundary check can trigger a REQUIRE assertion
failure in openpgpkey_61.c
https://kb.isc.org/article/AA-01291/0
Reviewed by wiz@
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Sep 3 00:35:03 UTC 2015
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Removed Files:
pkgsrc/net/bind99/patches: patch-lib_dns_hmac_link.c
patch-lib_dns_include_dst_dst.h patch-lib_dns_ncache.c
patch-lib_dns_openssldh_link.c patch-lib_dns_openssldsa_link.c
patch-lib_dns_opensslecdsa_link.c
patch-lib_dns_opensslsslrsa_link.c
patch-lib_dns_rdata_generic_openpgpkey_61.c
patch-lib_dns_resolver.c
Log Message:
Update bind99 to 9.9.7pl3 (BIND 9.9.7-P3).
(These security fixes are already done by bind-9.9.7pl2nb1.)
--- 9.9.7-P3 released ---
4170. [security] An incorrect boundary check in the OPENPGPKEY
rdatatype could trigger an assertion failure.
(CVE-2015-5986) [RT #40286]
4168. [security] A buffer accounting error could trigger an
assertion failure when parsing certain malformed
DNSSEC keys. (CVE-2015-5722) [RT #40212]
net/bind99: security update
Revisions pulled up:
- net/bind99/Makefile 1.47-1.48
- net/bind99/distinfo 1.31-1.32
- net/bind99/patches/patch-lib_dns_hmac_link.c deleted
- net/bind99/patches/patch-lib_dns_include_dst_dst.h deleted
- net/bind99/patches/patch-lib_dns_ncache.c deleted
- net/bind99/patches/patch-lib_dns_openssldh_link.c deleted
- net/bind99/patches/patch-lib_dns_openssldsa_link.c deleted
- net/bind99/patches/patch-lib_dns_opensslecdsa_link.c deleted
- net/bind99/patches/patch-lib_dns_opensslsslrsa_link.c deleted
- net/bind99/patches/patch-lib_dns_rdata_generic_openpgpkey_61.c deleted
- net/bind99/patches/patch-lib_dns_resolver.c deleted
---
Module Name: pkgsrc
Committed By: sevan
Date: Wed Sep 2 19:44:28 UTC 2015
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Added Files:
pkgsrc/net/bind99/patches: patch-lib_dns_hmac_link.c
patch-lib_dns_include_dst_dst.h patch-lib_dns_ncache.c
patch-lib_dns_openssldh_link.c patch-lib_dns_openssldsa_link.c
patch-lib_dns_opensslecdsa_link.c
patch-lib_dns_opensslsslrsa_link.c
patch-lib_dns_rdata_generic_openpgpkey_61.c
patch-lib_dns_resolver.c
Log Message:
Patch CVE-2015-5722 & CVE-2015-5986
Bump rev
CVE-2015-5722 - Parsing malformed keys may cause BIND to exit due to a failed
assertion in buffer.c
https://kb.isc.org/article/AA-01287/0
CVE-2015-5986 - An incorrect boundary check can trigger a REQUIRE assertion
failure in openpgpkey_61.c
https://kb.isc.org/article/AA-01291/0
Reviewed by wiz@
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Sep 3 00:35:03 UTC 2015
Modified Files:
pkgsrc/net/bind99: Makefile distinfo
Removed Files:
pkgsrc/net/bind99/patches: patch-lib_dns_hmac_link.c
patch-lib_dns_include_dst_dst.h patch-lib_dns_ncache.c
patch-lib_dns_openssldh_link.c patch-lib_dns_openssldsa_link.c
patch-lib_dns_opensslecdsa_link.c
patch-lib_dns_opensslsslrsa_link.c
patch-lib_dns_rdata_generic_openpgpkey_61.c
patch-lib_dns_resolver.c
Log Message:
Update bind99 to 9.9.7pl3 (BIND 9.9.7-P3).
(These security fixes are already done by bind-9.9.7pl2nb1.)
--- 9.9.7-P3 released ---
4170. [security] An incorrect boundary check in the OPENPGPKEY
rdatatype could trigger an assertion failure.
(CVE-2015-5986) [RT #40286]
4168. [security] A buffer accounting error could trigger an
assertion failure when parsing certain malformed
DNSSEC keys. (CVE-2015-5722) [RT #40212]