3123. [security] Change #2912 exposed a latent flaw in

                        dns_rdataset_totext() that could cause named to
                        crash with an assertion failure. [RT #24777]

diff --git a/CHANGES b/CHANGES
index 144c4b6e658e829584e94a6694bebdda8e68355c..722260222550ff6ce861e675f3e5953d738fa059 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+3123.  [security]      Change #2912 exposed a latent flaw in
+                       dns_rdataset_totext() that could cause named to
+                       crash with an assertion failure. [RT #24777]
+
        --- 9.8.0-P2 released ---
 
 3121.   [security]      An authoritative name server sending a negative

diff --git a/lib/dns/message.c b/lib/dns/message.c
index 8eac143f52098a6d7086451a45cab72b7731ea29..48d64e851c4ca5f337d911d2a9b8ac9bdd799bf9 100644 (file)
--- a/lib/dns/message.c
+++ b/lib/dns/message.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: message.c,v 1.254 2010/06/03 05:23:27 marka Exp $ */
+/* $Id: message.c,v 1.254.186.1 2011/06/08 23:13:07 marka Exp $ */
 
 /*! \file */
 
@@ -2528,7 +2528,7 @@ dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section) {
            msg->opcode != dns_opcode_notify)
                want_question_section = ISC_FALSE;
        if (msg->opcode == dns_opcode_update)
-               first_section = DNS_SECTION_ADDITIONAL;
+               first_section = DNS_SECTION_PREREQUISITE;
        else if (want_question_section) {
                if (!msg->question_ok)
                        return (DNS_R_FORMERR);