Репозитории ALT
| S: | 9.16.44-alt1 |
| 5.1: | 9.3.6-alt5 |
| 4.1: | 9.3.6-alt4.M41.2 |
| +updates: | 9.3.6-alt4.M41.1 |
| 4.0: | 9.3.6-alt4.M41.1 |
| +updates: | 9.3.6-alt4.M41.1 |
| 3.0: | 9.2.4.rel-alt2 |
Группа :: Система/Серверы
Пакет: bind
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: bind-9.3.6-up-CVE-2009-0696.patch
Скачать
Скачать
CVE-2009-0696: By sending a specially-crafted dynamic update packet to a
BIND 9 server, a remote, unauthenticated attacker can cause a denial of
service by causing BIND to crash.
--- bind/bin/named/update.c
+++ bind/bin/named/update.c
@@ -863,7 +863,11 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db,
if (type == dns_rdatatype_rrsig ||
type == dns_rdatatype_sig)
covers = dns_rdata_covers(&t->rdata);
- else
+ else if (type == dns_rdatatype_any) {+ dns_db_detachnode(db, &node);
+ dns_diff_clear(&trash);
+ return (DNS_R_NXRRSET);
+ } else
covers = 0;
/*