25371178 Upgrade Solaris to BIND 9.6-ESV-R11-S10
25360334 problem in SERVICE/DNS-SERVER
25382925 ISC's change 4489 broke the handling of CNAME -> DNAME in responses
This patch was derived from a source code patch provided by ISC to
resolve ISC ticket RT #43548. [9.6-ESV-R11-S10]
--- old/./CHANGES Wed Jan 11 23:22:41 2017
+++ new/./CHANGES Wed Jan 11 23:22:41 2017
@@ -1,5 +1,10 @@
--- 9.6-ESV-R11-S10 released ---
+4510. [security] Named mishandled some responses where covering RRSIG
+ records are returned without the requested data
+ resulting in a assertion failure. (CVE-2016-9147)
+ [RT #43548]
+
4508. [security] Named incorrectly tried to cache TKEY records which
could trigger a assertion failure when there was
a class mismatch. (CVE-2016-9131) [RT #43522]
--- old/lib/dns/resolver.c Wed Jan 11 23:22:41 2017
+++ new/lib/dns/resolver.c Wed Jan 11 23:22:41 2017
@@ -5958,15 +5958,19 @@
* a CNAME or DNAME).
*/
INSIST(!external);
- if ((rdataset->type !=
- dns_rdatatype_cname) ||
- !found_dname ||
- (aflag ==
- DNS_RDATASETATTR_ANSWER))
+ /*
+ * Don't use found_cname here
+ * as we have just set it
+ * above.
+ */
+ if (cname == NULL &&
+ !found_dname &&
+ aflag ==
+ DNS_RDATASETATTR_ANSWER)
{
have_answer = ISC_TRUE;
- if (rdataset->type ==
- dns_rdatatype_cname)
+ if (found_cname &&
+ cname == NULL)
cname = name;
name->attributes |=
DNS_NAMEATTR_ANSWER;