3471a1
- 9.5.1b1 release (CVE-2008-1447)
@@ -1,4 +1,4 @@
|
|
1
1
|
bind-chroot.tar.bz2
|
2
2
|
config-4.tar.bz2
|
3
3
|
libbind-man.tar.gz
|
4
|
-
bind-9.5.
|
4
|
+
bind-9.5.1b1.tar.gz
|
@@ -1,6 +1,6 @@
|
|
1
|
-
diff -up bind-9.5.
|
2
|
-
--- bind-9.5.
|
3
|
-
+++ bind-9.5.
|
1
|
+
diff -up bind-9.5.1b1/contrib/dlz/config.dlz.in.64bit bind-9.5.1b1/contrib/dlz/config.dlz.in
|
2
|
+
--- bind-9.5.1b1/contrib/dlz/config.dlz.in.64bit 2008-06-17 06:03:31.000000000 +0200
|
3
|
+
+++ bind-9.5.1b1/contrib/dlz/config.dlz.in 2008-07-11 12:08:43.000000000 +0200
|
4
4
|
|
5
5
|
#
|
6
6
|
dlzdir='${DLZ_DRIVER_DIR}'
|
@@ -15,29 +15,19 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c
|
|
15
15
|
#
|
16
16
|
# Private autoconf macro to simplify configuring drivers:
|
17
17
|
#
|
18
|
-
@@ -
|
18
|
+
@@ -135,9 +142,9 @@ then
|
19
|
-
if test -f $d/include/libpq-fe.h
|
20
19
|
then
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
20
|
+
use_dlz_mysql=$d
|
21
|
+
mysql_include=$d/include/mysql
|
22
|
+
- if test -d $d/lib/mysql
|
23
|
+
+ if test -d $d/${target_lib}/mysql
|
24
|
+
then
|
25
|
+
- mysql_lib=$d/lib/mysql
|
26
|
+
+ mysql_lib=$d/${target_lib}/mysql
|
27
|
+
else
|
28
|
+
mysql_lib=$d/lib
|
29
|
+
fi
|
30
|
+
@@ -274,11 +281,11 @@ case "$use_dlz_bdb" in
|
32
|
-
+ [-L$use_dlz_mysql/${target_lib}/mysql -lmysqlclient -lz -lcrypt -lm])
|
33
|
-
|
34
|
-
AC_MSG_RESULT(
|
35
|
-
-[using mysql from $use_dlz_mysql/lib/mysql and $use_dlz_mysql/include/mysql])
|
36
|
-
+[using mysql from $use_dlz_mysql/${target_lib}/mysql and $use_dlz_mysql/include/mysql])
|
37
|
-
;;
|
38
|
-
esac
|
39
|
-
|
40
|
-
@@ -232,11 +239,11 @@ case "$use_dlz_bdb" in
|
41
31
|
bdb_libnames="db42 db-4.2 db41 db-4.1 db"
|
42
32
|
for d in $bdb_libnames
|
43
33
|
do
|
@@ -51,7 +41,7 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c
|
|
51
41
|
else
|
52
42
|
dlz_bdb_libs=""
|
53
43
|
fi
|
54
|
-
@@ -
|
44
|
+
@@ -383,7 +390,7 @@ case "$use_dlz_ldap" in
|
55
45
|
*)
|
56
46
|
DLZ_ADD_DRIVER(LDAP, dlz_ldap_driver,
|
57
47
|
[-I$use_dlz_ldap/include],
|
@@ -59,12 +49,8 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c
|
|
59
49
|
+ [-L$use_dlz_ldap/${target_lib} -lldap -llber])
|
60
50
|
|
61
51
|
AC_MSG_RESULT(
|
62
|
-
|
63
|
-
|
52
|
+
[using LDAP from $use_dlz_ldap/lib and $use_dlz_ldap/include])
|
53
|
+
@@ -407,7 +414,7 @@ then
|
64
|
-
;;
|
65
|
-
esac
|
66
|
-
|
67
|
-
@@ -365,7 +372,7 @@ then
|
68
54
|
odbcdirs="/usr /usr/local /usr/pkg"
|
69
55
|
for d in $odbcdirs
|
70
56
|
do
|
@@ -73,7 +59,7 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c
|
|
73
59
|
then
|
74
60
|
use_dlz_odbc=$d
|
75
61
|
break
|
76
|
-
@@ -
|
62
|
+
@@ -427,7 +434,7 @@ case "$use_dlz_odbc" in
|
77
63
|
*)
|
78
64
|
DLZ_ADD_DRIVER(ODBC, dlz_odbc_driver,
|
79
65
|
[-I$use_dlz_odbc/include],
|
@@ -1,172 +0,0 @@
|
|
1
|
-
diff -up bind-9.5.0b2/lib/isc/unix/socket.c.recv bind-9.5.0b2/lib/isc/unix/socket.c
|
2
|
-
--- bind-9.5.0b2/lib/isc/unix/socket.c.recv 2008-04-10 16:45:33.000000000 +0200
|
3
|
-
+++ bind-9.5.0b2/lib/isc/unix/socket.c 2008-04-10 17:00:46.000000000 +0200
|
4
|
-
@@ -261,10 +261,10 @@ static isc_result_t allocate_socket(isc_
|
5
|
-
static void destroy(isc_socket_t **);
|
6
|
-
static void internal_accept(isc_task_t *, isc_event_t *);
|
7
|
-
static void internal_connect(isc_task_t *, isc_event_t *);
|
8
|
-
-static void internal_recv(isc_task_t *, isc_event_t *);
|
9
|
-
+static void internal_recv(isc_event_t *);
|
10
|
-
static void internal_send(isc_task_t *, isc_event_t *);
|
11
|
-
static void internal_fdwatch_write(isc_task_t *, isc_event_t *);
|
12
|
-
-static void internal_fdwatch_read(isc_task_t *, isc_event_t *);
|
13
|
-
+static void internal_fdwatch_read(isc_event_t *);
|
14
|
-
static void process_cmsg(isc_socket_t *, struct msghdr *, isc_socketevent_t *);
|
15
|
-
static void build_msghdr_send(isc_socket_t *, isc_socketevent_t *,
|
16
|
-
struct msghdr *, struct iovec *, size_t *);
|
17
|
-
@@ -1830,7 +1830,7 @@ isc_socket_detach(isc_socket_t **socketp
|
18
|
-
*
|
19
|
-
* The socket and manager must be locked before calling this function.
|
20
|
-
*/
|
21
|
-
-static void
|
22
|
-
+static isc_boolean_t
|
23
|
-
dispatch_recv(isc_socket_t *sock) {
|
24
|
-
intev_t *iev;
|
25
|
-
isc_socketevent_t *ev;
|
26
|
-
@@ -1841,7 +1841,7 @@ dispatch_recv(isc_socket_t *sock) {
|
27
|
-
if (sock->type != isc_sockettype_fdwatch) {
|
28
|
-
ev = ISC_LIST_HEAD(sock->recv_list);
|
29
|
-
if (ev == NULL)
|
30
|
-
- return;
|
31
|
-
+ return ISC_FALSE;
|
32
|
-
socket_log(sock, NULL, EVENT, NULL, 0, 0,
|
33
|
-
"dispatch_recv: event %p -> task %p",
|
34
|
-
ev, ev->ev_sender);
|
35
|
-
@@ -1855,13 +1855,16 @@ dispatch_recv(isc_socket_t *sock) {
|
36
|
-
|
37
|
-
sock->references++;
|
38
|
-
iev->ev_sender = sock;
|
39
|
-
+ iev->ev_arg = sock;
|
40
|
-
if (sock->type == isc_sockettype_fdwatch)
|
41
|
-
- iev->ev_action = internal_fdwatch_read;
|
42
|
-
+ internal_fdwatch_read (iev);
|
43
|
-
else
|
44
|
-
- iev->ev_action = internal_recv;
|
45
|
-
- iev->ev_arg = sock;
|
46
|
-
+ internal_recv (iev);
|
47
|
-
|
48
|
-
- isc_task_send(sender, (isc_event_t **)&iev);
|
49
|
-
+ if (sock->references == 0)
|
50
|
-
+ return ISC_TRUE;
|
51
|
-
+
|
52
|
-
+ return ISC_FALSE;
|
53
|
-
}
|
54
|
-
|
55
|
-
static void
|
56
|
-
@@ -2228,7 +2231,7 @@ internal_accept(isc_task_t *me, isc_even
|
57
|
-
}
|
58
|
-
|
59
|
-
static void
|
60
|
-
-internal_recv(isc_task_t *me, isc_event_t *ev) {
|
61
|
-
+internal_recv(isc_event_t *ev) {
|
62
|
-
isc_socketevent_t *dev;
|
63
|
-
isc_socket_t *sock;
|
64
|
-
|
65
|
-
@@ -2237,21 +2240,13 @@ internal_recv(isc_task_t *me, isc_event_
|
66
|
-
sock = ev->ev_sender;
|
67
|
-
INSIST(VALID_SOCKET(sock));
|
68
|
-
|
69
|
-
- LOCK(&sock->lock);
|
70
|
-
- socket_log(sock, NULL, IOEVENT,
|
71
|
-
- isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_INTERNALRECV,
|
72
|
-
- "internal_recv: task %p got event %p", me, ev);
|
73
|
-
-
|
74
|
-
INSIST(sock->pending_recv == 1);
|
75
|
-
sock->pending_recv = 0;
|
76
|
-
|
77
|
-
INSIST(sock->references > 0);
|
78
|
-
sock->references--; /* the internal event is done with this socket */
|
79
|
-
- if (sock->references == 0) {
|
80
|
-
- UNLOCK(&sock->lock);
|
81
|
-
- destroy(&sock);
|
82
|
-
+ if (sock->references == 0)
|
83
|
-
return;
|
84
|
-
- }
|
85
|
-
|
86
|
-
/*
|
87
|
-
* Try to do as much I/O as possible on this socket. There are no
|
88
|
-
@@ -2289,7 +2284,6 @@ internal_recv(isc_task_t *me, isc_event_
|
89
|
-
if (!ISC_LIST_EMPTY(sock->recv_list))
|
90
|
-
select_poke(sock->manager, sock->fd, SELECT_POKE_READ);
|
91
|
-
|
92
|
-
- UNLOCK(&sock->lock);
|
93
|
-
}
|
94
|
-
|
95
|
-
static void
|
96
|
-
@@ -2388,7 +2382,7 @@ internal_fdwatch_write(isc_task_t *me, i
|
97
|
-
}
|
98
|
-
|
99
|
-
static void
|
100
|
-
-internal_fdwatch_read(isc_task_t *me, isc_event_t *ev) {
|
101
|
-
+internal_fdwatch_read(isc_event_t *ev) {
|
102
|
-
isc_socket_t *sock;
|
103
|
-
int more_data;
|
104
|
-
|
105
|
-
@@ -2400,31 +2394,19 @@ internal_fdwatch_read(isc_task_t *me, is
|
106
|
-
sock = (isc_socket_t *)ev->ev_sender;
|
107
|
-
INSIST(VALID_SOCKET(sock));
|
108
|
-
|
109
|
-
- LOCK(&sock->lock);
|
110
|
-
- socket_log(sock, NULL, IOEVENT,
|
111
|
-
- isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_INTERNALRECV,
|
112
|
-
- "internal_fdwatch_read: task %p got event %p", me, ev);
|
113
|
-
-
|
114
|
-
INSIST(sock->pending_recv == 1);
|
115
|
-
|
116
|
-
- UNLOCK(&sock->lock);
|
117
|
-
- more_data = (sock->fdwatchcb)(me, sock, sock->fdwatcharg);
|
118
|
-
- LOCK(&sock->lock);
|
119
|
-
+ INSIST(0); /* We should not be here */
|
120
|
-
|
121
|
-
sock->pending_recv = 0;
|
122
|
-
|
123
|
-
INSIST(sock->references > 0);
|
124
|
-
sock->references--; /* the internal event is done with this socket */
|
125
|
-
- if (sock->references == 0) {
|
126
|
-
- UNLOCK(&sock->lock);
|
127
|
-
- destroy(&sock);
|
128
|
-
+ if (sock->references == 0)
|
129
|
-
return;
|
130
|
-
- }
|
131
|
-
|
132
|
-
if (more_data)
|
133
|
-
select_poke(sock->manager, sock->fd, SELECT_POKE_READ);
|
134
|
-
-
|
135
|
-
- UNLOCK(&sock->lock);
|
136
|
-
}
|
137
|
-
|
138
|
-
static void
|
139
|
-
@@ -2434,6 +2416,7 @@ process_fds(isc_socketmgr_t *manager, in
|
140
|
-
int i;
|
141
|
-
isc_socket_t *sock;
|
142
|
-
isc_boolean_t unlock_sock;
|
143
|
-
+ isc_boolean_t destroy_sock;
|
144
|
-
|
145
|
-
REQUIRE(maxfd <= (int)FD_SETSIZE);
|
146
|
-
|
147
|
-
@@ -2462,6 +2445,7 @@ process_fds(isc_socketmgr_t *manager, in
|
148
|
-
|
149
|
-
sock = manager->fds[i];
|
150
|
-
unlock_sock = ISC_FALSE;
|
151
|
-
+ destroy_sock = ISC_FALSE;
|
152
|
-
if (FD_ISSET(i, readfds)) {
|
153
|
-
if (sock == NULL) {
|
154
|
-
FD_CLR(i, &manager->read_fds);
|
155
|
-
@@ -2473,7 +2457,7 @@ process_fds(isc_socketmgr_t *manager, in
|
156
|
-
if (sock->listener)
|
157
|
-
dispatch_accept(sock);
|
158
|
-
else
|
159
|
-
- dispatch_recv(sock);
|
160
|
-
+ destroy_sock = dispatch_recv(sock);
|
161
|
-
}
|
162
|
-
FD_CLR(i, &manager->read_fds);
|
163
|
-
}
|
164
|
-
@@ -2497,6 +2481,8 @@ process_fds(isc_socketmgr_t *manager, in
|
165
|
-
}
|
166
|
-
if (unlock_sock)
|
167
|
-
UNLOCK(&sock->lock);
|
168
|
-
+ if (destroy_sock)
|
169
|
-
+ destroy(&sock);
|
170
|
-
}
|
171
|
-
}
|
172
|
-
|
@@ -2,6 +2,8 @@
|
|
2
2
|
# Red Hat BIND package .spec file
|
3
3
|
#
|
4
4
|
|
5
|
+
%define PREVER b1
|
6
|
+
|
5
7
|
%{?!SDB: %define SDB 1}
|
6
8
|
%{?!LIBBIND: %define LIBBIND 1}
|
7
9
|
%{?!test: %define test 0}
|
@@ -15,14 +17,14 @@
|
|
15
17
|
Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
|
16
18
|
Name: bind
|
17
19
|
License: ISC
|
18
|
-
Version: 9.5.
|
19
|
-
Release:
|
20
|
+
Version: 9.5.1
|
21
|
+
Release: 0.1.%{PREVER}%{?dist}
|
20
22
|
Epoch: 32
|
21
23
|
Url: http://www.isc.org/products/BIND/
|
22
24
|
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
23
25
|
Group: System Environment/Daemons
|
24
26
|
#
|
25
|
-
Source: ftp://ftp.isc.org/isc/bind9/%{version}/bind-%{version}.tar.gz
|
27
|
+
Source: ftp://ftp.isc.org/isc/bind9/%{version}/bind-%{version}%{PREVER}.tar.gz
|
26
28
|
Source1: named.sysconfig
|
27
29
|
Source2: named.init
|
28
30
|
Source3: named.logrotate
|
@@ -54,7 +56,6 @@ Patch63: bind-9.4.0-dnssec-directory.patch
|
|
54
56
|
Patch71: bind-9.5-overflow.patch
|
55
57
|
Patch72: bind-9.5-dlz-64bit.patch
|
56
58
|
Patch87: bind-9.5-parallel-build.patch
|
57
|
-
Patch89: bind-9.5-recv-race.patch
|
58
59
|
Patch90: bind-9.5-edns.patch
|
59
60
|
Patch91: bind95-rh450995.patch
|
60
61
|
|
@@ -173,7 +174,7 @@ chroot(2) jail for the named(8) program from the BIND package.
|
|
173
174
|
Based on the code from Jan "Yenya" Kasprzak <kas@fi.muni.cz>
|
174
175
|
|
175
176
|
%prep
|
176
|
-
%setup -q
|
177
|
+
%setup -q -n %{name}-%{version}%{PREVER}
|
177
178
|
|
178
179
|
# Common patches
|
179
180
|
%patch -p1 -b .varrun
|
@@ -237,7 +238,6 @@ cp -fp contrib/dbus/{dbus_mgr.h,dbus_service.h} bin/named/include/named
|
|
237
238
|
%patch83 -p1 -b .libidn2
|
238
239
|
%patch85 -p1 -b .libidn3
|
239
240
|
%patch87 -p1 -b .parallel
|
240
|
-
%patch89 -p1 -b .recv-race
|
241
241
|
%patch90 -p1 -b .edns
|
242
242
|
%patch91 -p1 -b .rh450995
|
243
243
|
:;
|
@@ -636,6 +636,10 @@ rm -rf ${RPM_BUILD_ROOT}
|
|
636
636
|
%{_sbindir}/bind-chroot-admin
|
637
637
|
|
638
638
|
%changelog
|
639
|
+
* Tue Jul 08 2008 Adam Tkac <atkac redhat com> 32:9.5.1-0.1.b1
|
640
|
+
- 9.5.1b1 release (CVE-2008-1447)
|
641
|
+
- dropped bind-9.5-recv-race.patch because upstream doesn't want it
|
642
|
+
|
639
643
|
* Mon Jun 30 2008 Adam Tkac <atkac redhat com> 32:9.5.0-37.1
|
640
644
|
- update default named.conf statements (#452708)
|
641
645
|
|
@@ -1,4 +1,4 @@
|
|
1
1
|
4faa4395b955e5f8a3d50f308b9fabc8 bind-chroot.tar.bz2
|
2
2
|
de68e10e91e05ab100be879b5bcaa6cb config-4.tar.bz2
|
3
3
|
13fef79f99fcefebb51d84b08805de51 libbind-man.tar.gz
|
4
|
-
|
4
|
+
bbd52aadb39f76b50e8413fa165f805e bind-9.5.1b1.tar.gz
|