rpms/bind/F-8 bind-9.5-CVE-2008-0122.patch, NONE, 1.1 bind.spec, 1.238, 1.239

Adam Tkac (atkac) fedora-extras-commits at redhat.com
Mon Jan 21 10:06:47 UTC 2008 

Author: atkac

Update of /cvs/pkgs/rpms/bind/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12318

Modified Files:
	bind.spec 
Added Files:
	bind-9.5-CVE-2008-0122.patch 
Log Message:
- CVE-2008-0122


bind-9.5-CVE-2008-0122.patch:

--- NEW FILE bind-9.5-CVE-2008-0122.patch ---
Index: lib/bind/inet/inet_network.c
===================================================================
RCS file: /var/snap/bind9/lib/bind/inet/inet_network.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- lib/bind/inet/inet_network.c	27 Apr 2005 04:56:21 -0000	1.5
+++ lib/bind/inet/inet_network.c	15 Jan 2008 04:02:01 -0000	1.6
@@ -84,9 +84,9 @@
 	}
 	if (!digit)
 		return (INADDR_NONE);
+	if (pp >= parts + 4 || val > 0xffU)
+		return (INADDR_NONE);
 	if (*cp == '.') {
-		if (pp >= parts + 4 || val > 0xffU)
-			return (INADDR_NONE);
 		*pp++ = val, cp++;
 		goto again;
 	}


Index: bind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bind/F-8/bind.spec,v
retrieving revision 1.238
retrieving revision 1.239
diff -u -r1.238 -r1.239
--- bind.spec	27 Dec 2007 15:16:08 -0000	1.238
+++ bind.spec	21 Jan 2008 10:05:57 -0000	1.239
@@ -20,7 +20,7 @@
 Name: 		bind
 License: 	ISC
 Version: 	9.5.0
-Release: 	22.%{RELEASEVER}%{?dist}
+Release: 	23.%{RELEASEVER}%{?dist}
 Epoch:   	32
 Url: 		http://www.isc.org/products/BIND/
 Buildroot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -63,6 +63,7 @@
 Patch72:	bind-9.5-dlz-64bit.patch
 Patch80:	bind-9.5-edns.patch
 Patch84:	bind-9.5-gssapi-header.patch
+Patch86:	bind-9.5-CVE-2008-0122.patch
 
 # SDB patches
 Patch11: 	bind-9.3.2b2-sdbsrc.patch
@@ -252,6 +253,7 @@
 %patch83 -p1 -b .libidn2
 %patch84 -p1 -b .gssapi-header
 %patch85 -p1 -b .libidn3
+%patch86 -p0 -b .CVE-2008-0122
 :;
 
 
@@ -668,6 +670,9 @@
 %{_sbindir}/bind-chroot-admin
 
 %changelog
+* Mon Jan 21 2008 Adam Tkac <atkac redhat com> 32:9.5.0-23.b1
+- CVE-2008-0122
+
 * Thu Dec 27 2007 Adam Tkac <atkac redhat com> 32:9.5.0-22.b1
 - fixed initscript wait loop (#426382)
 - removed dependency on policycoreutils and libselinux (#426515)

More information about the fedora-extras-commits mailing list