squeeze update of bind9?
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Squeeze version of bind9:
https://security-tracker.debian.org/tracker/CVE-2015-4620
I have already prepared a patched package, available for review and test
at the repository:
deb https://people.debian.org/~santiago/debian santiago-squeeze-lts/
Please, tell me if you want to upload it by yourself, following the
workflow we have defined here:
http://wiki.debian.org/LTS/Development
Otherwise, I will upload it in the following couple of days.
Santiago Ruano Rincón,
on behalf of the Debian LTS team.
diff -u bind9-9.7.3.dfsg/lib/dns/validator.c bind9-9.7.3.dfsg/lib/dns/validator.c
--- bind9-9.7.3.dfsg/lib/dns/validator.c
+++ bind9-9.7.3.dfsg/lib/dns/validator.c
@@ -1775,7 +1775,6 @@
*/
static isc_boolean_t
isselfsigned(dns_validator_t *val) {
- dns_fixedname_t fixed;
dns_rdataset_t *rdataset, *sigrdataset;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_t sigrdata = DNS_RDATA_INIT;
@@ -1825,8 +1824,7 @@
continue;
result = dns_dnssec_verify2(name, rdataset, dstkey,
- ISC_TRUE, mctx, &sigrdata,
- dns_fixedname_name(&fixed));
+ ISC_TRUE, mctx, &sigrdata, NULL);
dst_key_free(&dstkey);
if (result != ISC_R_SUCCESS)
continue;
diff -u bind9-9.7.3.dfsg/debian/changelog bind9-9.7.3.dfsg/debian/changelog
--- bind9-9.7.3.dfsg/debian/changelog
+++ bind9-9.7.3.dfsg/debian/changelog
@@ -1,3 +1,12 @@
+bind9 (1:9.7.3.dfsg-1~squeeze15~1) santiago-squeeze-lts; urgency=medium
+
+ * Non-maintainer upload by the Squeeze LTS Team.
+ * CVE-2015-1349: avoid crash due to managed-key rollover.
+Revoking a managed trust anchor and supplying an untrusted replacement
+could cause named to crash with an assertion failure.
+
+ -- Santiago Ruano Rincón Sat, 11 Jul 2015 09:28:06 +0200
+
bind9 (1:9.7.3.dfsg-1~squeeze14) squeeze-lts; urgency=high
* Non-maintainer upload by the Squeeze LTS Team.
only in patch2:
unchanged:
--- bind9-9.7.3.dfsg.orig/debian/patches-applied/CVE-2015-4620.patch
+++ bind9-9.7.3.dfsg/debian/patches-applied/CVE-2015-4620.patch
@@ -0,0 +1,27 @@
+Description: A uninitialized value in validator.c could result in a assertion failure (CVE-2015-4620).
+Origin: upstream, https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=a85c6b35affa7179434c41b277109dca2cbe01ec
+
+---
+
+diff --git a/lib/dns/validator.c b/lib/dns/validator.c
+index 9e8a057..cd97781 100644
+--- a/lib/dns/validator.c
b/lib/dns/validator.c
+@@ -1775,7 +1775,6 @@ compute_keytag(dns_rdata_t *rdata, dns_rdata_dnskey_t *key) {
+ */
+ static isc_boolean_t
+ isselfsigned(dns_validator_t *val) {
+- dns_fixedname_t fixed;
+ dns_rdataset_t *rdataset, *sigrdataset;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdata_t sigrdata = DNS_RDATA_INIT;
+@@ -1825,8 +1824,7 @@ isselfsigned(dns_validator_t *val) {
+ continue;
+
+ result = dns_dnssec_verify2(name, rdataset, dstkey,
+- ISC_TRUE, mctx, &sigrdata,
+- dns_fixedname_name(&fixed));
++ ISC_TRUE, mctx, &sigrdata, NULL);
+ dst_key_free(&dstkey);
+ if (result != ISC_R_SUCCESS)
+ continue;
only in patch2:
unchanged:
--- bind9-9.7.3.dfsg.orig/debian/patches-applied/README
+++ bind9-9.7.3.dfsg/debian/patches-applied/README
@@ -0,0 +1,4 @@
+The patches included in this directory are not applied during build
+time. They have been applied directly to the source code since bind9
+1:9.7.3.dfsg-1~squeeze15 revision, and they are here for documentation
+purposes.
signature.asc
Description: Digital signature
Re: squeeze update of bind9?
On Sat, Jul 11, 2015 at 7:22 AM, Santiago Ruano Rincón wrote: > Hello dear maintainer(s), > > the Debian LTS team would like to fix the security issues which are > currently open in the Squeeze version of bind9: > https://security-tracker.debian.org/tracker/CVE-2015-4620 >From my perspective, please just go ahead with all bind LTS updates without permission/delay. Same goes for any of my other packages. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=MP=BnHCQs=vosafys2vrgjxdsee7hqty0219ovkuad...@mail.gmail.com
squeeze update of tidy?
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Squeeze version of tidy:
https://security-tracker.debian.org/tracker/TEMP-000-616DBB
I have already prepared a patched package, available for review and test
at the repository:
deb https://people.debian.org/~santiago/debian santiago-squeeze-lts/
Please, tell me if you want to upload it by yourself, following the
workflow we have defined here:
http://wiki.debian.org/LTS/Development
Otherwise, I will upload it in the following days.
Santiago Ruano Rincón,
on behalf of the Debian LTS team.
P.S. The same patch can be applied to the tidy versions available in
debian, including stable.
diff -u tidy-20091223cvs/debian/changelog tidy-20091223cvs/debian/changelog
--- tidy-20091223cvs/debian/changelog
+++ tidy-20091223cvs/debian/changelog
@@ -1,3 +1,11 @@
+tidy (20091223cvs-1+deb6u1~1) santiago-squeeze-lts; urgency=medium
+
+ * Non-maintainer upload.
+ * Add 20-prevent-heap-buffer-overflow.patch: Fix heap-buffer-overflow when
+processing malformed html files.
+
+ -- Santiago Ruano Rincón Sun, 05 Jul 2015 14:24:52 +0200
+
tidy (20091223cvs-1) unstable; urgency=low
* New cvs snapshot
only in patch2:
unchanged:
--- tidy-20091223cvs.orig/debian/patches/20-prevent-heap-buffer-overflow.patch
+++ tidy-20091223cvs/debian/patches/20-prevent-heap-buffer-overflow.patch
@@ -0,0 +1,30 @@
+Desription: Prevents heap-buffer-overflow when processing malformed html files.
+Origin: upstream, https://github.com/htacg/tidy-html5/issues/217
+
+---
+
+diff --git a/src/lexer.c b/src/lexer.c
+index 3ae2897..801fb8c 100644
+--- a/src/lexer.c
b/src/lexer.c
+@@ -3467,16 +3467,17 @@ static tmbstr ParseValue( TidyDocImpl* doc, ctmbstr name,
+ /* and prompts attributes unless --literal-attributes is set to yes */
+ /* #994841 - Whitespace is removed from value attributes */
+
+-if (munge &&
++/* Issue #217 - Also only if/while (len > 0) - MUST NEVER GO NEGATIVE! */
++if ((len > 0) && munge &&
+ TY_(tmbstrcasecmp)(name, "alt") &&
+ TY_(tmbstrcasecmp)(name, "title") &&
+ TY_(tmbstrcasecmp)(name, "value") &&
+ TY_(tmbstrcasecmp)(name, "prompt"))
+ {
+-while (TY_(IsWhite)(lexer->lexbuf[start+len-1]))
++while (TY_(IsWhite)(lexer->lexbuf[start+len-1]) && (len > 0))
+ --len;
+
+-while (TY_(IsWhite)(lexer->lexbuf[start]) && start < len)
++while (TY_(IsWhite)(lexer->lexbuf[start]) && (start < len) && (len > 0))
+ {
+ ++start;
+ --len;
signature.asc
Description: Digital signature
Re: squeeze update of bind9?
El 11/07/15 a las 10:36, Michael Gilbert escribió: > On Sat, Jul 11, 2015 at 7:22 AM, Santiago Ruano Rincón wrote: > > Hello dear maintainer(s), > > > > the Debian LTS team would like to fix the security issues which are > > currently open in the Squeeze version of bind9: > > https://security-tracker.debian.org/tracker/CVE-2015-4620 > > >From my perspective, please just go ahead with all bind LTS updates > without permission/delay. Same goes for any of my other packages. > Ok, I've corrected the duplicated changelog entry and I'm preparing the upload. Kind regards, Santiago signature.asc Description: Digital signature
