Hello community,
here is the log from the commit of package pdns
checked in at Wed Nov 15 00:51:44 CET 2006.
--------
--- pdns/pdns.changes 2006-10-23 18:26:17.000000000 +0200
+++ /mounts/work_src_done/STABLE/pdns/pdns.changes 2006-11-13 16:16:18.000000000 +0100
@@ -1,0 +2,12 @@
+Mon Nov 13 16:11:47 CET 2006 - mrueckert@suse.de
+
+- added pdns-2.9.20_2006-02.patch:
+ fix an endless recursion in CNAME handling [#219355]
+
+-------------------------------------------------------------------
+Sat Nov 11 22:52:52 CET 2006 - mrueckert@suse.de
+
+- added pdns-2.9.17_cve-2006-4251.patch:
+ fix a stack corruption with malformed packages [#219355]
+
+-------------------------------------------------------------------
New:
----
pdns-2.9.17_cve-2006-4251.patch
pdns-2.9.20_2006-02.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pdns.spec ++++++
--- /var/tmp/diff_new_pack.B7FLgY/_old 2006-11-15 00:51:08.000000000 +0100
+++ /var/tmp/diff_new_pack.B7FLgY/_new 2006-11-15 00:51:08.000000000 +0100
@@ -12,10 +12,10 @@
Name: pdns
Version: 2.9.20
-Release: 1
+Release: 9
#
Group: Productivity/Networking/DNS/Servers
-License: GNU General Public License (GPL) - all versions
+License: GNU General Public License (GPL)
#
%define home %{_var}/lib/pdns
%define _localstatedir %{_var}/run/pdns
@@ -45,6 +45,8 @@
Source2: README.opendbx
Patch1: http://www.linuxnetworks.de/pdnsodbx/download/opendbxbackend_2.9.20-3.diff
%endif
+Patch2: pdns-2.9.17_cve-2006-4251.patch
+Patch4: pdns-2.9.20_2006-02.patch
#
Summary: Modern, advanced and high performance authoritative-only nameserver
@@ -202,6 +204,8 @@
%patch1 -p1
%{__cp} %{S:2} README.opendbx
%endif
+%patch2
+%patch4
%build
export CFLAGS="%{optflags} -DLDAP_DEPRECATED"
@@ -318,6 +322,12 @@
%endif
%changelog -n pdns
+* Mon Nov 13 2006 - mrueckert@suse.de
+- added pdns-2.9.20_2006-02.patch:
+ fix an endless recursion in CNAME handling [#219355]
+* Sat Nov 11 2006 - mrueckert@suse.de
+- added pdns-2.9.17_cve-2006-4251.patch:
+ fix a stack corruption with malformed packages [#219355]
* Thu Oct 19 2006 - mrueckert@suse.de
- this is a sync to the buildservice package in server:dns:
- remove .la files
++++++ pdns-2.9.17_cve-2006-4251.patch ++++++
--- pdns/pdns_recursor.cc~orig 2006-11-11 21:59:06.000000000 +0100
+++ pdns/pdns_recursor.cc 2006-11-11 21:59:49.000000000 +0100
@@ -562,7 +562,7 @@
if(bytes==1)
i->state=TCPConnection::BYTE1;
if(bytes==2) {
- i->qlen=(i->data[0]<<8)+i->data[1];
+ i->qlen=(((unsigned char)i->data[0]<<8)) + (unsigned char)i->data[1];
i->bytesread=0;
i->state=TCPConnection::GETQUESTION;
}
@@ -576,7 +576,7 @@
int bytes=read(i->fd,i->data+1,1);
if(bytes==1) {
i->state=TCPConnection::GETQUESTION;
- i->qlen=(i->data[0]<<8)+i->data[1];
+ i->qlen=(((unsigned char)i->data[0]<<8)) + (unsigned char)i->data[1];
i->bytesread=0;
}
if(!bytes || bytes < 0) {
++++++ pdns-2.9.20_2006-02.patch ++++++
Index: pdns/syncres.cc
===================================================================
--- pdns/syncres.cc (revision 901)
+++ pdns/syncres.cc (revision 919)
@@ -17,4 +17,5 @@
*/
+#include