equal
deleted
inserted
replaced
|
1 This patch was obtained from ISC for 9.6-ESV-R11-P2. The patch can |
|
2 only be obtained from [email protected] on an as needed |
|
3 basis. |
|
4 |
|
5 --- a/CHANGES Thu Jul 23 10:45:58 2015 |
|
6 +++ b/CHANGES Thu Jul 23 10:45:58 2015 |
|
7 @@ -1,3 +1,9 @@ |
|
8 + --- 9.6-ESV-R11-P2 released --- |
|
9 + |
|
10 +4165. [security] A failure to reset a value to NULL in tkey.c could |
|
11 + result in an assertion failure. (CVE-2015-5477) |
|
12 + [RT #40046] |
|
13 + |
|
14 --- 9.6-ESV-R11-P1 released --- |
|
15 |
|
16 4006. [security] A flaw in delegation handling could be exploited |
|
17 diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c |
|
18 index 66210d5..34ad90b 100644 |
|
19 --- a/lib/dns/tkey.c |
|
20 +++ b/lib/dns/tkey.c |
|
21 @@ -654,6 +654,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, |
|
22 * Try the answer section, since that's where Win2000 |
|
23 * puts it. |
|
24 */ |
|
25 + name = NULL; |
|
26 if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname, |
|
27 dns_rdatatype_tkey, 0, &name, |
|
28 &tkeyset) != ISC_R_SUCCESS) { |
|
29 diff --git version version |
|
30 index 1be3c16..2058444 100644 |
|
31 --- a/version |
|
32 +++ b/version |
|
33 @@ -10,4 +10,4 @@ MINORVER=6 |
|
34 PATCHVER= |
|
35 RELEASETYPE=-ESV |
|
36 RELEASEVER=-R11 |
|
37 -EXTENSIONS=-P1 |
|
38 +EXTENSIONS=-P2 |