Message ID | 1441370392-9334-1-git-send-email-gustavo@zacarias.com.ar |
---|---|
State | Accepted |
Commit | 38d1a66bda57cb4c47156021ee976c2583b55822 |
Headers | show |
Dear Gustavo Zacarias, On 09/04/2015 01:39 PM, Gustavo Zacarias wrote: > Fixes: > CVE-2015-5722 - denial-of-service vector which can be exploited remotely > against a BIND server that is performing validation on DNSSEC-signed > records. > CVE-2015-5986 - denial-of-service vector which can be used against a > BIND server that is performing recursion and (under limited conditions) > an authoritative-only nameserver. > > Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> > --- > package/bind/bind.hash | 4 ++-- > package/bind/bind.mk | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) > > diff --git a/package/bind/bind.hash b/package/bind/bind.hash > index 6bc2d1b..4c9fc40 100644 > --- a/package/bind/bind.hash > +++ b/package/bind/bind.hash > @@ -1,2 +1,2 @@ > -# Verified from ftp://ftp.isc.org/isc/bind9/9.9.7-P2/bind-9.9.7-P2.tar.gz.sha256.asc > -sha256 f5f433567e5f68d61460d86f691471259a49b6d10d7422acbd88b7fdb038b518 bind-9.9.7-P2.tar.gz > +# Verified from ftp://ftp.isc.org/isc/bind9/9.9.7-P3/bind-9.9.7-P3.tar.gz.sha256.asc > +sha256 cb737dce18350890f350dd7d3bc836c62ea440103dfde184c09bc18cfad8a844 bind-9.9.7-P3.tar.gz > diff --git a/package/bind/bind.mk b/package/bind/bind.mk > index 6201991..95051d1 100644 > --- a/package/bind/bind.mk > +++ b/package/bind/bind.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > > -BIND_VERSION = 9.9.7-P2 > +BIND_VERSION = 9.9.7-P3 > BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION) > BIND_INSTALL_STAGING = YES > BIND_CONFIG_SCRIPTS = bind9-config isc-config.sh > Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Compile test for MIPS architecture: $ grep ^BIND_VERSION package/bind/bind.mk BIND_VERSION = 9.9.7-P3 $ file output/target/usr/sbin/named output/target/usr/sbin/named: ELF 32-bit MSB executable, MIPS, MIPS32 rel2 version 1, dynamically linked (uses shared libs), for GNU/Linux 2.6.32, with unknown capability 0x41000000 = 0xf676e75, with unknown capability 0x10000 = 0x70401, not stripped Regards, Vincent.
>>>>> "Gustavo" == Gustavo Zacarias <gustavo@zacarias.com.ar> writes: > Fixes: > CVE-2015-5722 - denial-of-service vector which can be exploited remotely > against a BIND server that is performing validation on DNSSEC-signed > records. > CVE-2015-5986 - denial-of-service vector which can be used against a > BIND server that is performing recursion and (under limited conditions) > an authoritative-only nameserver. > Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Committed, thanks.
diff --git a/package/bind/bind.hash b/package/bind/bind.hash index 6bc2d1b..4c9fc40 100644 --- a/package/bind/bind.hash +++ b/package/bind/bind.hash @@ -1,2 +1,2 @@ -# Verified from ftp://ftp.isc.org/isc/bind9/9.9.7-P2/bind-9.9.7-P2.tar.gz.sha256.asc -sha256 f5f433567e5f68d61460d86f691471259a49b6d10d7422acbd88b7fdb038b518 bind-9.9.7-P2.tar.gz +# Verified from ftp://ftp.isc.org/isc/bind9/9.9.7-P3/bind-9.9.7-P3.tar.gz.sha256.asc +sha256 cb737dce18350890f350dd7d3bc836c62ea440103dfde184c09bc18cfad8a844 bind-9.9.7-P3.tar.gz diff --git a/package/bind/bind.mk b/package/bind/bind.mk index 6201991..95051d1 100644 --- a/package/bind/bind.mk +++ b/package/bind/bind.mk @@ -4,7 +4,7 @@ # ################################################################################ -BIND_VERSION = 9.9.7-P2 +BIND_VERSION = 9.9.7-P3 BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION) BIND_INSTALL_STAGING = YES BIND_CONFIG_SCRIPTS = bind9-config isc-config.sh
Fixes: CVE-2015-5722 - denial-of-service vector which can be exploited remotely against a BIND server that is performing validation on DNSSEC-signed records. CVE-2015-5986 - denial-of-service vector which can be used against a BIND server that is performing recursion and (under limited conditions) an authoritative-only nameserver. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> --- package/bind/bind.hash | 4 ++-- package/bind/bind.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)