rpms/bind/F-7 bind-9.5-CVE-2008-0122.patch, NONE, 1.1 bind.spec, 1.200, 1.201
Adam Tkac (atkac)
fedora-extras-commits at redhat.com
Mon Jan 21 10:18:05 UTC 2008
Author: atkac
Update of /cvs/pkgs/rpms/bind/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12498
Modified Files:
bind.spec
Added Files:
bind-9.5-CVE-2008-0122.patch
Log Message:
- CVE-2008-0122
bind-9.5-CVE-2008-0122.patch:
--- NEW FILE bind-9.5-CVE-2008-0122.patch ---
Index: lib/bind/inet/inet_network.c
===================================================================
RCS file: /var/snap/bind9/lib/bind/inet/inet_network.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- lib/bind/inet/inet_network.c 27 Apr 2005 04:56:21 -0000 1.5
+++ lib/bind/inet/inet_network.c 15 Jan 2008 04:02:01 -0000 1.6
@@ -84,9 +84,9 @@
}
if (!digit)
return (INADDR_NONE);
+ if (pp >= parts + 4 || val > 0xffU)
+ return (INADDR_NONE);
if (*cp == '.') {
- if (pp >= parts + 4 || val > 0xffU)
- return (INADDR_NONE);
*pp++ = val, cp++;
goto again;
}
Index: bind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bind/F-7/bind.spec,v
retrieving revision 1.200
retrieving revision 1.201
diff -u -r1.200 -r1.201
--- bind.spec 19 Dec 2007 17:11:16 -0000 1.200
+++ bind.spec 21 Jan 2008 10:17:28 -0000 1.201
@@ -18,7 +18,7 @@
Name: bind
License: BSD-like
Version: 9.4.2
-Release: 2%{?dist}
+Release: 3%{?dist}
Epoch: 31
Url: http://www.isc.org/products/BIND/
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -69,6 +69,7 @@
Patch66: bind-9.4.0-zone-freeze.patch
Patch68: bind-9.4.1-ldap-api.patch
Patch71: bind-9.4-dbus.patch
+Patch72: bind-9.5-CVE-2008-0122.patch
#
Requires: bind-libs = %{epoch}:%{version}-%{release}, glibc >= 2.2, mktemp
Requires(post): grep, chkconfig >= 1.3.26
@@ -292,6 +293,7 @@
%patch65 -p1 -b .idn
%endif
%patch66 -p1 -b .freeze
+%patch72 -p0 -b .CVE-2008-0122
:;
@@ -786,6 +788,9 @@
%changelog
+* Mon Jan 21 2008 Adam Tkac <atkac redhat com> 31:9.4.2-3
+- CVE-2008-0122
+
* Wed Dec 19 2007 Adam Tkac <atkac redhat com> 31:9.4.2-2
- CVE-2007-6283
More information about the fedora-extras-commits
mailing list