From patchwork Fri Jan 22 12:28:11 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gustavo Zacarias <gustavo@zacarias.com.ar>
X-Patchwork-Id: 571670
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
	by ozlabs.org (Postfix) with ESMTP id 2D14914031D
	for <incoming@patchwork.ozlabs.org>;
	Fri, 22 Jan 2016 23:28:25 +1100 (AEDT)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (1024-bit key;
	unprotected) header.d=zacarias.com.ar header.i=@zacarias.com.ar
	header.b=Kr/MOJnn; dkim-atps=neutral
Received: from localhost (localhost [127.0.0.1])
	by hemlock.osuosl.org (Postfix) with ESMTP id 6D77F9482B;
	Fri, 22 Jan 2016 12:28:24 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id iEvkGVudnPFf; Fri, 22 Jan 2016 12:28:22 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by hemlock.osuosl.org (Postfix) with ESMTP id 8DB97938EC;
	Fri, 22 Jan 2016 12:28:22 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	by ash.osuosl.org (Postfix) with ESMTP id F13FA1C2D87
	for <buildroot@lists.busybox.net>;
	Fri, 22 Jan 2016 12:28:21 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id B37748C055
	for <buildroot@lists.busybox.net>;
	Fri, 22 Jan 2016 12:28:20 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id Ty5zqX54tt-c for <buildroot@lists.busybox.net>;
	Fri, 22 Jan 2016 12:28:18 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from www.zacarias.com.ar (www.zacarias.com.ar [176.9.42.171])
	by whitealder.osuosl.org (Postfix) with ESMTPS id E6DCE8C01C
	for <buildroot@busybox.net>; Fri, 22 Jan 2016 12:28:17 +0000 (UTC)
Received: from asgard (cpe-181-46-100-24.telecentro-reversos.com.ar
	[181.46.100.24] (may be forged)) (authenticated bits=0)
	by www.zacarias.com.ar (8.15.1/8.15.1) with ESMTPSA id u0MCSCpT019632
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
	Fri, 22 Jan 2016 12:28:14 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=zacarias.com.ar;
	s=dkey; t=1453465696;
	bh=XYaiagtJExjWcW4PLGP7CvOj9X+g0BEySuxDcez4Gjo=;
	h=From:To:Cc:Subject:Date;
	b=Kr/MOJnn4oxwKVTq8XzERIJrKy20wRrogys6t6yET24FPd4i8m3svCwQSgGaPy01J
	1e6eVzn/HZcAAqG9xW/oOKwf3lw8FdZzu3nLb6Te/ScqH3IxpS/6XhxB3XNcLolb6z
	0su+aEHGHldPV5VVxQFifFdBYWDjkHsk6TMv9evg=
Received: by asgard (sSMTP sendmail emulation);
	Fri, 22 Jan 2016 09:28:11 -0300
From: Gustavo Zacarias <gustavo@zacarias.com.ar>
To: buildroot@busybox.net
Date: Fri, 22 Jan 2016 09:28:11 -0300
Message-Id: <1453465691-24718-1-git-send-email-gustavo@zacarias.com.ar>
X-Mailer: git-send-email 2.4.10
X-Virus-Scanned: clamav-milter 0.98.7 at www
X-Virus-Status: Clean
Subject: [Buildroot] [PATCH] bind: security bump to version 9.10.3-P3
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Fixes:

CVE-2015-8704 - apl_42.c in ISC BIND 9.x before 9.9.8-P3 and 9.9.x and
9.10.x before 9.10.3-P3 allows remote authenticated users to cause a
denial of service (INSIST assertion failure and daemon exit) via a
malformed Address Prefix List (APL) record.

CVE-2015-8705 - buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3,
when debug logging is enabled, allows remote attackers to cause a denial
of service (REQUIRE assertion failure and daemon exit, or daemon crash)
or possibly have unspecified other impact via (1) OPT data or (2) an ECS
option.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
 package/bind/bind.hash | 4 ++--
 package/bind/bind.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/bind/bind.hash b/package/bind/bind.hash
index ae71bd1..fea800c 100644
--- a/package/bind/bind.hash
+++ b/package/bind/bind.hash
@@ -1,2 +1,2 @@
-# Verified from ftp://ftp.isc.org/isc/bind9/9.10.3-P2/bind-9.10.3-P2.tar.gz.sha256.asc
-sha256	4a6c1911ac0d4b6be635b63de3429b6c168ea244043f12bbc8a4eb3368fd6ecd	bind-9.10.3-P2.tar.gz
+# Verified from ftp://ftp.isc.org/isc/bind9/9.10.3-P3/bind-9.10.3-P3.tar.gz.sha256.asc
+sha256	690810d1fbb72afa629e74638d19cd44e28d2b2e5eb63f55c705ad85d1a4cb83	bind-9.10.3-P3.tar.gz
diff --git a/package/bind/bind.mk b/package/bind/bind.mk
index f74774b..a5b571a 100644
--- a/package/bind/bind.mk
+++ b/package/bind/bind.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.10.3-P2
+BIND_VERSION = 9.10.3-P3
 BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 BIND_INSTALL_STAGING = YES
 BIND_CONFIG_SCRIPTS = bind9-config isc-config.sh