svn commit: r248788 - in head: contrib/bind9 lib/bind lib/bind/dns lib/bind/dns/dns
Erwin Lansing
erwin at FreeBSD.org
Wed Mar 27 10:11:46 UTC 2013
Author: erwin
Date: Wed Mar 27 10:11:43 2013
New Revision: 248788
URL: http://svnweb.freebsd.org/changeset/base/248788
Log:
Update to 9.8.4-P2
Removed the check for regex.h in configure in order
to disable regex syntax checking, as it exposes
BIND to a critical flaw in libregex on some
platforms. [RT #32688]
Security: CVE-2013-2266
Approved by: delphij (mentor)
Sponsored by: DK Hostmaster A/S
Modified:
head/contrib/bind9/CHANGES
head/contrib/bind9/config.h.in
head/contrib/bind9/configure.in
head/contrib/bind9/version
head/lib/bind/config.h
head/lib/bind/dns/code.h
head/lib/bind/dns/dns/enumclass.h
head/lib/bind/dns/dns/enumtype.h
head/lib/bind/dns/dns/rdatastruct.h
Directory Properties:
head/contrib/bind9/ (props changed)
Modified: head/contrib/bind9/CHANGES
==============================================================================
--- head/contrib/bind9/CHANGES Wed Mar 27 07:58:29 2013 (r248787)
+++ head/contrib/bind9/CHANGES Wed Mar 27 10:11:43 2013 (r248788)
@@ -1,3 +1,10 @@
+ --- 9.8.4-P2 released ---
+
+3516. [security] Removed the check for regex.h in configure in order
+ to disable regex syntax checking, as it exposes
+ BIND to a critical flaw in libregex on some
+ platforms. [RT #32688]
+
--- 9.8.4-P1 released ---
3407. [security] Named could die on specific queries with dns64 enabled.
Modified: head/contrib/bind9/config.h.in
==============================================================================
--- head/contrib/bind9/config.h.in Wed Mar 27 07:58:29 2013 (r248787)
+++ head/contrib/bind9/config.h.in Wed Mar 27 10:11:43 2013 (r248788)
@@ -286,9 +286,6 @@ int sigwait(const unsigned int *set, int
/* Define if your OpenSSL version supports GOST. */
#undef HAVE_OPENSSL_GOST
-/* Define to 1 if you have the <regex.h> header file. */
-#undef HAVE_REGEX_H
-
/* Define to 1 if you have the `setegid' function. */
#undef HAVE_SETEGID
Modified: head/contrib/bind9/configure.in
==============================================================================
--- head/contrib/bind9/configure.in Wed Mar 27 07:58:29 2013 (r248787)
+++ head/contrib/bind9/configure.in Wed Mar 27 10:11:43 2013 (r248788)
@@ -298,7 +298,7 @@ esac
AC_HEADER_STDC
-AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
+AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
[$ac_includes_default
#ifdef HAVE_SYS_PARAM_H
# include <sys/param.h>
Modified: head/contrib/bind9/version
==============================================================================
--- head/contrib/bind9/version Wed Mar 27 07:58:29 2013 (r248787)
+++ head/contrib/bind9/version Wed Mar 27 10:11:43 2013 (r248788)
@@ -7,4 +7,4 @@ MAJORVER=9
MINORVER=8
PATCHVER=4
RELEASETYPE=-P
-RELEASEVER=1
+RELEASEVER=2
Modified: head/lib/bind/config.h
==============================================================================
--- head/lib/bind/config.h Wed Mar 27 07:58:29 2013 (r248787)
+++ head/lib/bind/config.h Wed Mar 27 10:11:43 2013 (r248788)
@@ -286,9 +286,6 @@ int sigwait(const unsigned int *set, int
/* Define if your OpenSSL version supports GOST. */
/* #undef HAVE_OPENSSL_GOST */
-/* Define to 1 if you have the <regex.h> header file. */
-#define HAVE_REGEX_H 1
-
/* Define to 1 if you have the `setegid' function. */
#define HAVE_SETEGID 1
Modified: head/lib/bind/dns/code.h
==============================================================================
--- head/lib/bind/dns/code.h Wed Mar 27 07:58:29 2013 (r248787)
+++ head/lib/bind/dns/code.h Wed Mar 27 10:11:43 2013 (r248788)
@@ -1,7 +1,7 @@
/* $FreeBSD$ */
/*
- * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
Modified: head/lib/bind/dns/dns/enumclass.h
==============================================================================
--- head/lib/bind/dns/dns/enumclass.h Wed Mar 27 07:58:29 2013 (r248787)
+++ head/lib/bind/dns/dns/enumclass.h Wed Mar 27 10:11:43 2013 (r248788)
@@ -1,7 +1,7 @@
/* $FreeBSD$ */
/*
- * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
Modified: head/lib/bind/dns/dns/enumtype.h
==============================================================================
--- head/lib/bind/dns/dns/enumtype.h Wed Mar 27 07:58:29 2013 (r248787)
+++ head/lib/bind/dns/dns/enumtype.h Wed Mar 27 10:11:43 2013 (r248788)
@@ -1,7 +1,7 @@
/* $FreeBSD$ */
/*
- * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
Modified: head/lib/bind/dns/dns/rdatastruct.h
==============================================================================
--- head/lib/bind/dns/dns/rdatastruct.h Wed Mar 27 07:58:29 2013 (r248787)
+++ head/lib/bind/dns/dns/rdatastruct.h Wed Mar 27 10:11:43 2013 (r248788)
@@ -1,7 +1,7 @@
/* $FreeBSD$ */
/*
- * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
More information about the svn-src-head
mailing list