equal
deleted
inserted
replaced
|
1 This patch was derived from a source code patch provided by ISC to |
|
2 resolve ISC ticket RT #43548. [9.6-ESV-R11-S10] |
|
3 |
|
4 --- old/./CHANGES Wed Jan 11 23:22:41 2017 |
|
5 +++ new/./CHANGES Wed Jan 11 23:22:41 2017 |
|
6 @@ -1,5 +1,10 @@ |
|
7 --- 9.6-ESV-R11-S10 released --- |
|
8 |
|
9 +4510. [security] Named mishandled some responses where covering RRSIG |
|
10 + records are returned without the requested data |
|
11 + resulting in a assertion failure. (CVE-2016-9147) |
|
12 + [RT #43548] |
|
13 + |
|
14 4508. [security] Named incorrectly tried to cache TKEY records which |
|
15 could trigger a assertion failure when there was |
|
16 a class mismatch. (CVE-2016-9131) [RT #43522] |
|
17 --- old/lib/dns/resolver.c Wed Jan 11 23:22:41 2017 |
|
18 +++ new/lib/dns/resolver.c Wed Jan 11 23:22:41 2017 |
|
19 @@ -5958,15 +5958,19 @@ |
|
20 * a CNAME or DNAME). |
|
21 */ |
|
22 INSIST(!external); |
|
23 - if ((rdataset->type != |
|
24 - dns_rdatatype_cname) || |
|
25 - !found_dname || |
|
26 - (aflag == |
|
27 - DNS_RDATASETATTR_ANSWER)) |
|
28 + /* |
|
29 + * Don't use found_cname here |
|
30 + * as we have just set it |
|
31 + * above. |
|
32 + */ |
|
33 + if (cname == NULL && |
|
34 + !found_dname && |
|
35 + aflag == |
|
36 + DNS_RDATASETATTR_ANSWER) |
|
37 { |
|
38 have_answer = ISC_TRUE; |
|
39 - if (rdataset->type == |
|
40 - dns_rdatatype_cname) |
|
41 + if (found_cname && |
|
42 + cname == NULL) |
|
43 cname = name; |
|
44 name->attributes |= |
|
45 DNS_NAMEATTR_ANSWER; |