From 9f77a92add7cb85d4de18bf2da7dadffe4bc866f Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jul 11 2019 09:09:47 +0000 Subject: import bind-9.11.4-17.P2.el8_0.1 --- diff --git a/SOURCES/bind-9.11-CVE-2019-6471.patch b/SOURCES/bind-9.11-CVE-2019-6471.patch new file mode 100644 index 0000000..64f86d5 --- /dev/null +++ b/SOURCES/bind-9.11-CVE-2019-6471.patch @@ -0,0 +1,48 @@ +From 66c074b707318005d50f14910678ba451877a7a6 Mon Sep 17 00:00:00 2001 +From: Petr Mensik +Date: Wed, 19 Jun 2019 12:28:08 +0200 +Subject: [PATCH] Fix CVE-2019-6471 + +5244. [security] Fixed a race condition in dns_dispatch_getnext() + that could cause an assertion failure if a + significant number of incoming packets were + rejected. (CVE-2019-6471) [GL #942] +--- + lib/dns/dispatch.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c +index 321459ebcb..ae5c9c0fc7 100644 +--- a/lib/dns/dispatch.c ++++ b/lib/dns/dispatch.c +@@ -3419,13 +3419,14 @@ dns_dispatch_getnext(dns_dispentry_t *resp, dns_dispatchevent_t **sockevent) { + disp = resp->disp; + REQUIRE(VALID_DISPATCH(disp)); + +- REQUIRE(resp->item_out == ISC_TRUE); +- resp->item_out = ISC_FALSE; +- + ev = *sockevent; + *sockevent = NULL; + + LOCK(&disp->lock); ++ ++ REQUIRE(resp->item_out == ISC_TRUE); ++ resp->item_out = ISC_FALSE; ++ + if (ev->buffer.base != NULL) + free_buffer(disp, ev->buffer.base, ev->buffer.length); + free_devent(disp, ev); +@@ -3570,6 +3571,9 @@ dns_dispatch_removeresponse(dns_dispentry_t **resp, + isc_task_send(disp->task[0], &disp->ctlevent); + } + ++/* ++ * disp must be locked. ++ */ + static void + do_cancel(dns_dispatch_t *disp) { + dns_dispatchevent_t *ev; +-- +2.20.1 + diff --git a/SPECS/bind.spec b/SPECS/bind.spec index 5654127..56108fc 100644 --- a/SPECS/bind.spec +++ b/SPECS/bind.spec @@ -53,7 +53,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: MPLv2.0 Version: 9.11.4 -Release: 17%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} +Release: 17%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}.1 Epoch: 32 Url: http://www.isc.org/products/BIND/ # @@ -124,6 +124,7 @@ Patch160:bind-9.11-CVE-2018-5744.patch Patch161:bind-9.11-CVE-2018-5744-test.patch Patch162:bind-9.11-CVE-2018-5743.patch Patch163:bind-9.11-CVE-2018-5743-atomic.patch +Patch164:bind-9.11-CVE-2019-6471.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -461,6 +462,7 @@ are used for building ISC DHCP. %patch161 -p1 -b .CVE-2018-5744-test %patch162 -p1 -b .CVE-2018-5743 %patch163 -p1 -b .CVE-2018-5743-atomic +%patch164 -p1 -b .CVE-2019-6471 %if %{with PKCS11} cp -r bin/named{,-pkcs11} @@ -1430,6 +1432,9 @@ rm -rf ${RPM_BUILD_ROOT} %changelog +* Wed Jun 19 2019 Petr Menšík - 32:9.11.4-17.P2.1 +- Fix CVE-2019-6471 + * Wed Apr 24 2019 Petr Menšík - 32:9.11.4-17.P2 - Fix inefective limit of TCP clients (CVE-2018-5743)