ports/134700: [MAINTAINER] dns/nsd2: vulnerability fix

Olafur Osvaldsson osvaldsson at icelandic.net
Tue May 19 04:40:01 UTC 2009 

>Number:         134700
>Category:       ports
>Synopsis:       [MAINTAINER] dns/nsd2: vulnerability fix
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue May 19 04:40:00 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Olafur Osvaldsson
>Release:        FreeBSD 7.1-STABLE i386
>Organization:
>Environment:
System: FreeBSD portbuild.icelandic.net 7.1-STABLE FreeBSD 7.1-STABLE #2: Fri Jan  9 01:33:17 GMT
>Description:
[DESCRIBE CHANGES]
- Fixing a vulnerability
- Using the update to fix my email address since I quit ISNIC a long time ago (see dns/nsd history)

We have released version 3.2.2. of NSD. This is *critical* bugfix
release. One of the bugs is a one-byte buffer overflow that allows a
carefully crafted exploit to take down your name-server. It is highly
unlikely that the one-byte-off issue can lead to other (system) exploits.

The bug affects all version of NSD 2.0.0 to 3.2.1. Whether the bug can
be exploited to depends on various aspects of the OS and is therefore
distribution and compiler dependent.

For more information:
http://www.nlnetlabs.nl/publications/NSD_vulnerability_announcement.html

We strongly recommend you to update your systems to the latest version.
If you have reasons for not running the latest version of NSD, we
strongly advise you to at least apply the patch that resolves the
critical bug.

Added file(s):
- files/patch-vuln

>How-To-Repeat:
>Fix:

--- nsd-2.3.7_1.patch begins here ---
diff -ruN nsd2.orig/Makefile nsd2/Makefile
--- nsd2.orig/Makefile	2009-05-19 01:29:27.000000000 +0000
+++ nsd2/Makefile	2009-05-19 01:34:49.000000000 +0000
@@ -7,11 +7,12 @@
 
 PORTNAME=	nsd
 PORTVERSION=	2.3.7
+PORTREVISION=	1
 CATEGORIES=	dns ipv6
 MASTER_SITES=	http://www.nlnetlabs.nl/downloads/nsd/	\
 		ftp://ftp.rhnet.is/pub/nsd/
 
-MAINTAINER=	oli at isnic.is
+MAINTAINER=	osvaldsson at icelandic.net
 COMMENT=	An authoritative only non-recursive name server
 
 CONFLICTS=	nsd-[3-9]*
diff -ruN nsd2.orig/files/patch-vuln nsd2/files/patch-vuln
--- nsd2.orig/files/patch-vuln	1970-01-01 00:00:00.000000000 +0000
+++ nsd2/files/patch-vuln	2009-05-18 13:02:50.000000000 +0000
@@ -0,0 +1,13 @@
+--- query.c
++++ query.c
+@@ -239,8 +239,8 @@
+ 		 * MAXDOMAINLEN ...
+ 		 */
+ 		if ((*src & 0xc0) ||
+-		    (src + *src + 1 > buffer_end(query->packet)) || 
+-		    (src + *src + 1 > query_name + MAXDOMAINLEN))
++		    (src + *src + 2 > buffer_end(query->packet)) || 
++		    (src + *src + 2 > query_name + MAXDOMAINLEN))
+ 		{
+ 			return 0;
+ 		}
--- nsd-2.3.7_1.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list