Author: delphij
Date: Fri Jul 26 22:40:17 2013
New Revision: 253692
URL: http://svnweb.freebsd.org/changeset/base/253692
Log:
Fix Denial of Service vulnerability in named(8). [13:07]
Security: CVE-2013-4854
Security: FreeBSD-SA-13:07.bind
Approved by: so
Modified:
head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c
Changes in other areas also in this revision:
Modified:
releng/8.4/UPDATING
releng/8.4/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c
releng/8.4/sys/conf/newvers.sh
Modified: head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c
==============================================================================
--- head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Fri Jul 26
22:04:11 2013 (r253691)
+++ head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Fri Jul 26
22:40:17 2013 (r253692)
@@ -176,7 +176,7 @@ fromwire_keydata(ARGS_FROMWIRE) {
UNUSED(options);
isc_buffer_activeregion(source, &sr);
- if (sr.length < 4)
+ if (sr.length < 16)
return (ISC_R_UNEXPECTEDEND);
isc_buffer_forward(source, sr.length);
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
