Hello community, here is the log from the commit of package pdns checked in at Wed May 10 12:18:08 CEST 2006. -------- --- pdns/pdns.changes 2006-01-25 21:39:24.000000000 +0100 +++ STABLE/pdns/pdns.changes 2006-05-04 15:59:09.000000000 +0200 @@ -1,0 +2,5 @@ +Thu May 4 15:57:55 CEST 2006 - nadvornik@suse.cz + +- fixed crash on malformed packets CVE-2006-2069 [#170542] + +------------------------------------------------------------------- New: ---- pdns-2.9.19-CVE-2006-2069.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pdns.spec ++++++ --- /var/tmp/diff_new_pack.zNsopv/_old 2006-05-10 12:17:57.000000000 +0200 +++ /var/tmp/diff_new_pack.zNsopv/_new 2006-05-10 12:17:57.000000000 +0200 @@ -1,11 +1,11 @@ # # spec file for package pdns (Version 2.9.19) # -# Copyright (c) 2005 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # -# Please submit bugfixes or comments via http://www.suse.de/feedback/ +# Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild @@ -13,7 +13,7 @@ Name: pdns BuildRequires: boost-devel docbook-toys docbook-utils docbook-xsl-stylesheets gcc-c++ mysql-devel openldap2 openldap2-devel Version: 2.9.19 -Release: 1 +Release: 13 Url: http://www.powerdns.com Group: Productivity/Networking/DNS/Servers License: GPL @@ -21,6 +21,7 @@ Source: %{name}-%{version}.tar.bz2 Source1: rcpdns Patch: pdns-%{version}-fix.patch +Patch2: pdns-%{version}-CVE-2006-2069.patch Autoreqprov: on PreReq: %insserv_prereq %fillup_prereq BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -40,6 +41,7 @@ %prep %setup %patch +%patch2 %build aclocal @@ -99,6 +101,8 @@ %doc /usr/share/man/man?/*.* %changelog -n pdns +* Thu May 04 2006 - nadvornik@suse.cz +- fixed crash on malformed packets CVE-2006-2069 [#170542] * Wed Jan 25 2006 - mls@suse.de - converted neededforbuild to BuildRequires * Tue Nov 01 2005 - nadvornik@suse.cz ++++++ pdns-2.9.19-CVE-2006-2069.patch ++++++ --- pdns/dnsparser.cc +++ pdns/dnsparser.cc @@ -215,7 +215,7 @@ bool MOADNSParser::getEDNSOpts(EDNSOpts* eo) { - if(d_header.arcount) { + if(d_header.arcount && !d_answers.empty()) { eo->d_packetsize=d_answers.back().first.d_class; struct Stuff { uint8_t extRCode, version; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun...