From: Evan Hunt Date: Wed, 8 Jun 2011 22:07:11 +0000 (+0000) Subject: patch security flaw [rt24777], and prepare release of 9.7.3-P2 X-Git-Tag: v9.7.3-P2~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f6d19bf03c89b6325957ce4cb9650f3a637d39f5;p=thirdparty%2Fbind9.git patch security flaw [rt24777], and prepare release of 9.7.3-P2 --- diff --git a/CHANGES b/CHANGES index 259e5084b16..e4d20884d5e 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,9 @@ + --- 9.7.3-P2 released --- + +3123. [security] Change #2912 exposed a latent flaw in + dns_rdataset_totext() that could cause named to + crash with an assertion failure. [RT #24777] + --- 9.7.3-P1 released --- 3121. [security] An authoritative name server sending a negative diff --git a/lib/dns/message.c b/lib/dns/message.c index 5e06ffb1017..073ccfcd81a 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: message.c,v 1.249.10.4 2010/06/03 05:27:59 marka Exp $ */ +/* $Id: message.c,v 1.249.10.4.36.1 2011/06/08 22:07:11 each Exp $ */ /*! \file */ @@ -2528,7 +2528,7 @@ dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section) { msg->opcode != dns_opcode_notify) want_question_section = ISC_FALSE; if (msg->opcode == dns_opcode_update) - first_section = DNS_SECTION_ADDITIONAL; + first_section = DNS_SECTION_PREREQUISITE; else if (want_question_section) { if (!msg->question_ok) return (DNS_R_FORMERR); diff --git a/version b/version index fd92c95009f..489fdeb3aea 100644 --- a/version +++ b/version @@ -1,4 +1,4 @@ -# $Id: version,v 1.51.2.11.12.1 2011/05/27 00:43:04 each Exp $ +# $Id: version,v 1.51.2.11.12.2 2011/06/08 22:07:10 each Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=7 PATCHVER=3 RELEASETYPE=-P -RELEASEVER=1 +RELEASEVER=2