Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/bind/patches/002-RT40046.patch
author pkidd <patrick.kidd@oracle.com>
Wed, 17 Feb 2016 12:41:40 -0800
branchs11u3-sru
changeset 5466 9e19ac095ef2
parent 4708 038a91551a91
permissions -rw-r--r--
build metadata for S11.3SRU6.2

This patch was obtained from ISC for 9.6-ESV-R11-P2. The patch can
only be obtained from [email protected] on an as needed
basis.

--- a/CHANGES	Thu Jul 23 10:45:58 2015
+++ b/CHANGES	Thu Jul 23 10:45:58 2015
@@ -1,3 +1,9 @@
+	--- 9.6-ESV-R11-P2 released ---
+
+4165.	[security]	A failure to reset a value to NULL in tkey.c could
+			result in an assertion failure. (CVE-2015-5477)
+			[RT #40046]
+
 	--- 9.6-ESV-R11-P1 released ---
 
 4006.	[security]	A flaw in delegation handling could be exploited
diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c
index 66210d5..34ad90b 100644
--- a/lib/dns/tkey.c
+++ b/lib/dns/tkey.c
@@ -654,6 +654,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx,
 		 * Try the answer section, since that's where Win2000
 		 * puts it.
 		 */
+		name = NULL;
 		if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
 					 dns_rdatatype_tkey, 0, &name,
 					 &tkeyset) != ISC_R_SUCCESS) {
diff --git version version
index 1be3c16..2058444 100644
--- a/version
+++ b/version
@@ -10,4 +10,4 @@ MINORVER=6
 PATCHVER=
 RELEASETYPE=-ESV
 RELEASEVER=-R11
-EXTENSIONS=-P1
+EXTENSIONS=-P2
upstream/oracle/userland-gate