svn commit: r253692 - head/contrib/bind9/lib/dns/rdata/generic releng/8.4 releng/8.4/contrib/bind9/lib/dns/rdata/generic releng/8.4/sys/conf
Xin LI
delphij at FreeBSD.org
Fri Jul 26 22:40:18 UTC 2013
Author: delphij
Date: Fri Jul 26 22:40:17 2013
New Revision: 253692
URL: http://svnweb.freebsd.org/changeset/base/253692
Log:
Fix Denial of Service vulnerability in named(8). [13:07]
Security: CVE-2013-4854
Security: FreeBSD-SA-13:07.bind
Approved by: so
Modified:
head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c
Changes in other areas also in this revision:
Modified:
releng/8.4/UPDATING
releng/8.4/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c
releng/8.4/sys/conf/newvers.sh
Modified: head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c
==============================================================================
--- head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Fri Jul 26 22:04:11 2013 (r253691)
+++ head/contrib/bind9/lib/dns/rdata/generic/keydata_65533.c Fri Jul 26 22:40:17 2013 (r253692)
@@ -176,7 +176,7 @@ fromwire_keydata(ARGS_FROMWIRE) {
UNUSED(options);
isc_buffer_activeregion(source, &sr);
- if (sr.length < 4)
+ if (sr.length < 16)
return (ISC_R_UNEXPECTEDEND);
isc_buffer_forward(source, sr.length);
More information about the svn-src-all
mailing list