Critical vulnerability patch need in BINDx ports
Dennis Yusupoff
denissia at mail.ru
Wed Jul 9 14:37:19 UTC 2008
Hello, Doug.
I hope, you've already seen patch for BINDx, that close critical
vulnerability.
Could you register it in your FreeBSD-port(s)?
http://www.isc.org/index.pl?/sw/bind/index.php
===
Index: inet_network.c
diff -u inet_network.c:1.5 inet_network.c:1.6
--- inet_network.c:1.5 Wed Apr 27 04:56:21 2005
+++ inet_network.c Tue Jan 15 04:02:01 2008
@@ -84,9 +84,9 @@
}
if (!digit)
return (INADDR_NONE);
+ if (pp >= parts + 4 || val > 0xffU)
+ return (INADDR_NONE);
if (*cp == '.') {
- if (pp >= parts + 4 || val > 0xffU)
- return (INADDR_NONE);
*pp++ = val, cp++;
goto again;
}
===
---
With best regards,
sysadmin of Ozerki.Net
Dennis Yusupoff
More information about the freebsd-ports
mailing list