cvs commit: src/lib/libisc Makefile dns,resolver.c.patch

Simon Schubert corecode at crater.dragonflybsd.org
Thu Sep 7 03:09:05 PDT 2006


corecode    2006/09/07 03:06:06 PDT

DragonFly src repository

  Modified files:        (Branch: DragonFly_RELEASE_1_6)
    lib/libisc           Makefile 
  Added files:           (Branch: DragonFly_RELEASE_1_6)
    lib/libisc           dns,resolver.c.patch 
  Log:
  Fix CERT Vulnerability Note VU#697164:
  
  "A flaw exists in the way that some versions of BIND handle recursive queries.
  It is possible for a remote attacker to trigger an INSIST failure by sending
  enough recursive queries that the response to the query arrives after all the
  clients looking for the response have left the recursion queue.
  
  Note that although BIND versions 9.2.x also contain the underlying flaw that
  causes this vulnerability, ISC reports that the vulnerability is not exposed by
  these versions."
  
  Nevertheless, import the patch from ISC BIND 9.2.6-P1
  
  Revision  Changes    Path
  1.7.4.1   +4 -0      src/lib/libisc/Makefile


http://www.dragonflybsd.org/cvsweb/src/lib/libisc/Makefile.diff?r1=1.7&r2=1.7.4.1&f=u





More information about the Commits mailing list