From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] bind: Update to 9.11.28
Date: Fri, 19 Feb 2021 18:44:27 +0100 [thread overview]
Message-ID: <20210219174427.1221-1-matthias.fischer@ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 2684 bytes --]
For details see:
https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.html
"Notes for BIND 9.11.28
Security Fixes
When tkey-gssapi-keytab or tkey-gssapi-credential was configured,
a specially crafted GSS-TSIG query could cause a buffer overflow in the
ISC implementation of SPNEGO (a protocol enabling negotiation of the
security mechanism to use for GSSAPI authentication). This flaw could
be exploited to crash named. Theoretically, it also enabled remote code
execution, but achieving the latter is very difficult in real-world
conditions. (CVE-2020-8625)
This vulnerability was responsibly reported to us as ZDI-CAN-12302
by Trend Micro Zero Day Initiative. [GL #2354]"
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
config/rootfiles/common/bind | 6 +++---
lfs/bind | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind
index d18332bf4..c3235bb8f 100644
--- a/config/rootfiles/common/bind
+++ b/config/rootfiles/common/bind
@@ -272,12 +272,12 @@ usr/lib/libbind9.so.161
usr/lib/libbind9.so.161.0.4
#usr/lib/libdns.la
#usr/lib/libdns.so
-usr/lib/libdns.so.1112
-usr/lib/libdns.so.1112.0.2
+usr/lib/libdns.so.1113
+usr/lib/libdns.so.1113.0.1
#usr/lib/libisc.la
#usr/lib/libisc.so
usr/lib/libisc.so.1107
-usr/lib/libisc.so.1107.0.4
+usr/lib/libisc.so.1107.0.5
#usr/lib/libisccc.la
#usr/lib/libisccc.so
usr/lib/libisccc.so.161
diff --git a/lfs/bind b/lfs/bind
index 0069fea59..3047ac83e 100644
--- a/lfs/bind
+++ b/lfs/bind
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2021 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -25,7 +25,7 @@
include Config
-VER = 9.11.26
+VER = 9.11.28
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1e5fb81b0ef562d32a19e579c0183f1a
+$(DL_FILE)_MD5 = 59aa4d7be438b2c8103811d18f318c82
install : $(TARGET)
--
2.18.0
reply other threads:[~2021-02-19 17:44 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210219174427.1221-1-matthias.fischer@ipfire.org \
--to=matthias.fischer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox