From patchwork Wed Jan 17 07:42:43 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Korsgaard <peter@korsgaard.com>
X-Patchwork-Id: 862069
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=busybox.net
	(client-ip=140.211.166.138; helo=whitealder.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="QuyTMRVe"; dkim-atps=neutral
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3zLzb74QJSz9sNV
	for <incoming@patchwork.ozlabs.org>;
	Wed, 17 Jan 2018 18:42:59 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id C522488ECC;
	Wed, 17 Jan 2018 07:42:55 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 4NymakUYRQCC; Wed, 17 Jan 2018 07:42:54 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by whitealder.osuosl.org (Postfix) with ESMTP id 601E588E81;
	Wed, 17 Jan 2018 07:42:54 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	by ash.osuosl.org (Postfix) with ESMTP id B586A1C2646
	for <buildroot@lists.busybox.net>;
	Wed, 17 Jan 2018 07:42:52 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id B194C88E6F
	for <buildroot@lists.busybox.net>;
	Wed, 17 Jan 2018 07:42:52 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 5Oi7yWtPbV+V for <buildroot@lists.busybox.net>;
	Wed, 17 Jan 2018 07:42:51 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com
	[74.125.82.65])
	by whitealder.osuosl.org (Postfix) with ESMTPS id 9661A88E61
	for <buildroot@buildroot.org>; Wed, 17 Jan 2018 07:42:51 +0000 (UTC)
Received: by mail-wm0-f65.google.com with SMTP id b141so13227792wme.1
	for <buildroot@buildroot.org>; Tue, 16 Jan 2018 23:42:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id;
	bh=K3LsTYWYdDatmbFVrHi/FcrIYARE81Wa9URkkxM9TzQ=;
	b=QuyTMRVeAKiSEUkBrCnzwOkMHnTao0ejhvzcV3TIUpsEw0LPO/a70qXdcj4xFaqiSF
	puJNtKQyOGF7fnH4zJKjdUPQdGPRXqvKqGRcI6GOoPNQyIXK/G+Vt7sGDm4zKUbWwG1i
	1VnqnajThnPSTfYticqThEvJcKGwB8g13PiKBVGrPoztHvMiNyhuKy51PERcxMUl3ocd
	yr9Gj+HcAyHx7I4743DaOzNbBDy0Fm98TfG0dUjeT66ONMG3or9Bh/li5svJ7Bg5hooC
	KYFcjztX4fbDxhpy+VVk5mds9DeeAZgTGbP4hJTALvBCzuPHeHgDVEL64FgzMkz64g41
	BXhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id;
	bh=K3LsTYWYdDatmbFVrHi/FcrIYARE81Wa9URkkxM9TzQ=;
	b=R0jztRzhTV2R+jJiCuMOcfaV0u7fqZi4NZ+LMcn2ffHAlyfziUziUec0BMpYbqyRNc
	ldNkKhyf5iG9z5P6Ya7rj7Mmvr+XCXHL8JgKP2pQcJzTArBPYKNe1aOaVOW/WpxcBaQ5
	aVVfg9LRgVvQ/jnBipC6ysLyeyRXMi7qDQJMA9VuyQ+nbw2c8YriUDPJN9SeQpOWAnHq
	SX/l+dLRdipecRmNxFhfZoSGhFo3V6nTyPcuOMcIqn8JgKJu+gmkiuxhw8WhLReoacoV
	TD30pn9lFP1LWzlxfy+kmZSOTpfYa7VEzJ4UVehUi0mDe/ZwJCBvBXaLoloe5r77e9zc
	4xHw==
X-Gm-Message-State: AKwxyteD34BCNIjdnTbbq64VB9ONdfS886ztkDbBhcZnr1Hmsqw0ORRG
	/FphOmit6+VM3TNrW/9bAjXx782T
X-Google-Smtp-Source: 
 ACJfBot7t4TPCx1RsF4XNN9JsuCJ1Ua8/Zdqa0LqTafkdcvGX2G0CT3jnxjEOy72sWvOkcQGmMtzrw==
X-Received: by 10.80.179.146 with SMTP id s18mr1642844edd.190.1516174969516;
	Tue, 16 Jan 2018 23:42:49 -0800 (PST)
Received: from dell.be.48ers.dk
	(ptr-bvxwyj727vs9q9ai4a6.18120a2.ip6.access.telenet.be.
	[2a02:1811:8c2c:ff00:1adb:f2ff:fe1c:d42e])
	by smtp.gmail.com with ESMTPSA id
	j39sm2416981ede.38.2018.01.16.23.42.48
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Tue, 16 Jan 2018 23:42:48 -0800 (PST)
Received: from peko by dell.be.48ers.dk with local (Exim 4.89)
	(envelope-from <peko@dell.be.48ers.dk>)
	id 1ebiMx-0008AO-NM; Wed, 17 Jan 2018 08:42:47 +0100
From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@buildroot.org
Date: Wed, 17 Jan 2018 08:42:43 +0100
Message-Id: <20180117074243.31352-1-peter@korsgaard.com>
X-Mailer: git-send-email 2.11.0
Subject: [Buildroot] [PATCH] bind: security bump to version 9.11.2-P1
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.24
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Fixes the following security issue:

CVE-2017-3145: Improper sequencing during cleanup can lead to a
use-after-free error, triggering an assertion failure and crash in
named.

For more details, see the advisory:
https://lists.isc.org/pipermail/bind-announce/2018-January/001072.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/bind/bind.hash | 4 ++--
 package/bind/bind.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/bind/bind.hash b/package/bind/bind.hash
index 95362309e1..199db704fe 100644
--- a/package/bind/bind.hash
+++ b/package/bind/bind.hash
@@ -1,3 +1,3 @@
-# Verified from http://ftp.isc.org/isc/bind9/9.11.2/bind-9.11.2.tar.gz.sha256.asc
-sha256 7f46ad8620f7c3b0ac375d7a5211b15677708fda84ce25d7aeb7222fe2e3c77a bind-9.11.2.tar.gz
+# Verified from http://ftp.isc.org/isc/bind9/9.11.2-P1/bind-9.11.2-P1.tar.gz.sha256.asc
+sha256 cec31548832fca3f85d95178d4019b7d702039e8595d4c93914feba337df1212 bind-9.11.2-P1.tar.gz
 sha256 d3906dfe153e2c48440d3ca1d5319f5e89b4b820cdfc5d0779c23d7ac2b175e9 COPYRIGHT
diff --git a/package/bind/bind.mk b/package/bind/bind.mk
index f6aa7253ed..bec902079c 100644
--- a/package/bind/bind.mk
+++ b/package/bind/bind.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.2
+BIND_VERSION = 9.11.2-P1
 BIND_SITE = http://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)