From: Evan Hunt Date: Wed, 6 Mar 2013 16:49:27 +0000 (-0800) Subject: [v9_8_4_patch] spin 9.8.4-P2, disabling regex.h X-Git-Tag: v9.8.4-P2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=34d26dbde3a43d7b1e91183178823368c7ad8dd8;p=thirdparty%2Fbind9.git [v9_8_4_patch] spin 9.8.4-P2, disabling regex.h 3516. [security] Removed the check for regex.h in configure in order to disable regex syntax checking, as it exposes BIND to a critical flaw in libregex on some platforms. [RT #32688] --- diff --git a/CHANGES b/CHANGES index 6d1ee310999..bd064e5ff98 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,10 @@ + --- 9.8.4-P2 released --- + +3516. [security] Removed the check for regex.h in configure in order + to disable regex syntax checking, as it exposes + BIND to a critical flaw in libregex on some + platforms. [RT #32688] + --- 9.8.4-P1 released --- 3407. [security] Named could die on specific queries with dns64 enabled. diff --git a/config.h.in b/config.h.in index e2f5999dabc..42d7a21fa5f 100644 --- a/config.h.in +++ b/config.h.in @@ -286,9 +286,6 @@ int sigwait(const unsigned int *set, int *sig); /* Define if your OpenSSL version supports GOST. */ #undef HAVE_OPENSSL_GOST -/* Define to 1 if you have the header file. */ -#undef HAVE_REGEX_H - /* Define to 1 if you have the `setegid' function. */ #undef HAVE_SETEGID diff --git a/configure.in b/configure.in index a0ec70020cc..0567addc186 100644 --- a/configure.in +++ b/configure.in @@ -298,7 +298,7 @@ esac AC_HEADER_STDC -AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,, +AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,, [$ac_includes_default #ifdef HAVE_SYS_PARAM_H # include diff --git a/version b/version index 1090bee28ce..da686fa0a2d 100644 --- a/version +++ b/version @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=8 PATCHVER=4 RELEASETYPE=-P -RELEASEVER=1 +RELEASEVER=2