Oh dear.
Most of these issues are in the server, which is not used in IPFire, but I decided to pull this for Core Update 95.
-Michael
On Sat, 2015-11-07 at 07:33 +0100, Matthias Fischer wrote:
bind: Update to 9.10.3
Security fixes: An incorrect boundary check in the OPENPGPKEY rdatatype could trigger an assertion failure. This flaw is disclosed in CVE-2015-5986. [RT #40286]
A buffer accounting error could trigger an assertion failure when parsing certain malformed DNSSEC keys. This flaw was discovered by Hanno Böck of the Fuzzing Project, and is disclosed in CVE-2015-5722. [RT #40212]
A specially crafted query could trigger an assertion failure in message.c. This flaw was discovered by Jonathan Foote, and is disclosed in CVE -2015-5477. [RT #40046]
On servers configured to perform DNSSEC validation, an assertion failure could be triggered on answers from a specially configured server. This flaw was discovered by Breno Silveira Soares, and is disclosed in CVE-2015-4620. [RT #39795]
Bug fixes: Asynchronous zone loads were not handled correctly when the zone load was already in progress; this could trigger a crash in zt.c. [RT #37573]
A race during shutdown or reconfiguration could cause an assertion failure in mem.c. [RT #38979]
Some answer formatting options didn't work correctly with dig +short. [RT #39291]
Malformed records of some types, including NSAP and UNSPEC, could trigger assertion failures when loading text zone files. [RT #40274] [RT #40285]
Fixed a possible crash in ratelimiter.c caused by NOTIFY messages being removed from the wrong rate limiter queue. [RT #40350]
The default rrset-order of random was inconsistently applied. [RT #40456]
BADVERS responses from broken authoritative name servers were not handled correctly. [RT #40427]
Several bugs have been fixed in the RPZ implementation.
For a complete list, see: https://kb.isc.org/article/AA-01306/0/BIND-9.10.3-Release-Notes.html
Regards, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org
lfs/bind | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/bind b/lfs/bind index 0814cde..6480798 100644 --- a/lfs/bind +++ b/lfs/bind @@ -25,7 +25,7 @@
include Config
-VER = 9.10.2-P4 +VER = 9.10.3
THISAPP = bind-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 8b1f5064837756c938eadc1537dec5c7 +$(DL_FILE)_MD5 = d8cbf04a62a139a841d4bf878087a555
install : $(TARGET)