Import 9.10.3-P4:

4322. [security] Duplicate EDNS COOKIE options in a response could trigger an assertion failure. (CVE-2016-2088) [RT #41809] 4319. [security] Fix resolver assertion failure due to improper DNAME handling when parsing fetch reply messages. (CVE-2016-1286) [RT #41753] 4318. [security] Malformed control messages can trigger assertions in named and rndc. (CVE-2016-1285) [RT #41666]
2016-03-10 03:22:13 +00:00 · 2016-03-10 03:22:13 +00:00 · f89b1f3091
commit f89b1f3091
parent 9d3fab3e74
14 changed files with 97 additions and 57 deletions
--- a/external/bsd/bind/dist/COPYRIGHT
+++ b/external/bsd/bind/dist/COPYRIGHT
@ -1,4 +1,4 @@
-Copyright (C) 2004-2015  Internet Systems Consortium, Inc. ("ISC")
+Copyright (C) 2004-2016  Internet Systems Consortium, Inc. ("ISC")
 Copyright (C) 1996-2003  Internet Software Consortium.

 Permission to use, copy, modify, and/or distribute this software for any
--- a/external/bsd/bind/dist/bin/named/bind9.xsl
+++ b/external/bsd/bind/dist/bin/named/bind9.xsl
@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
- - Copyright (C) 2006-2009, 2012-2014  Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2006-2009, 2012-2014, 2016  Internet Systems Consortium, Inc. ("ISC")
 -
 - Permission to use, copy, modify, and/or distribute this software for any
 - purpose with or without fee is hereby granted, provided that the above
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch01.html
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch01.html
@ -556,6 +556,6 @@
 </tr>
 </table>
 </div>
-<p style="text-align: center;">BIND 9.10.3-P3</p>
+<p style="text-align: center;">BIND 9.10.3-P4</p>
 </body>
 </html>
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch02.html
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch02.html
@ -154,6 +154,6 @@
 </tr>
 </table>
 </div>
-<p style="text-align: center;">BIND 9.10.3-P3</p>
+<p style="text-align: center;">BIND 9.10.3-P4</p>
 </body>
 </html>
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch03.html
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch03.html
@ -671,6 +671,6 @@ controls {
 </tr>
 </table>
 </div>
-<p style="text-align: center;">BIND 9.10.3-P3</p>
+<p style="text-align: center;">BIND 9.10.3-P4</p>
 </body>
 </html>
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch05.html
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch05.html
@ -139,6 +139,6 @@
 </tr>
 </table>
 </div>
-<p style="text-align: center;">BIND 9.10.3-P3</p>
+<p style="text-align: center;">BIND 9.10.3-P4</p>
 </body>
 </html>
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch10.html
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch10.html
@ -163,6 +163,6 @@
 </tr>
 </table>
 </div>
-<p style="text-align: center;">BIND 9.10.3-P3</p>
+<p style="text-align: center;">BIND 9.10.3-P4</p>
 </body>
 </html>
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch11.html
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch11.html
@ -514,6 +514,6 @@
 </tr>
 </table>
 </div>
-<p style="text-align: center;">BIND 9.10.3-P3</p>
+<p style="text-align: center;">BIND 9.10.3-P4</p>
 </body>
 </html>
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch12.html
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch12.html
@ -47,13 +47,13 @@
 <dl>
 <dt><span class="sect1"><a href="Bv9ARM.ch12.html#bind9.library">BIND 9 DNS Library Support</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2614332">Prerequisite</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613591">Compilation</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613616">Installation</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613646">Known Defects/Restrictions</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613723">The dns.conf File</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613750">Sample Applications</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2614723">Library References</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613604">Prerequisite</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613613">Compilation</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613638">Installation</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613669">Known Defects/Restrictions</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613746">The dns.conf File</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2613772">Sample Applications</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2614677">Library References</a></span></dt>
 </dl></dd>
 </dl>
 </div>
@ -89,7 +89,7 @@
 </ul></div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2614332"></a>Prerequisite</h3></div></div></div>
+<a name="id2613604"></a>Prerequisite</h3></div></div></div>
 <p>GNU make is required to build the export libraries (other
  part of BIND 9 can still be built with other types of make). In
  the reminder of this document, "make" means GNU make. Note that
@ -98,7 +98,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2613591"></a>Compilation</h3></div></div></div>
+<a name="id2613613"></a>Compilation</h3></div></div></div>
 <pre class="screen">
 $ <strong class="userinput"><code>./configure --enable-exportlib <em class="replaceable"><code>[other flags]</code></em></code></strong>
 $ <strong class="userinput"><code>make</code></strong>
@ -113,7 +113,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2613616"></a>Installation</h3></div></div></div>
+<a name="id2613638"></a>Installation</h3></div></div></div>
 <pre class="screen">
 $ <strong class="userinput"><code>cd lib/export</code></strong>
 $ <strong class="userinput"><code>make install</code></strong>
@ -135,7 +135,7 @@ $ <strong class="userinput"><code>make install</code></strong>
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2613646"></a>Known Defects/Restrictions</h3></div></div></div>
+<a name="id2613669"></a>Known Defects/Restrictions</h3></div></div></div>
 <div class="itemizedlist"><ul type="disc">
 <li><p>Currently, win32 is not supported for the export
      library. (Normal BIND 9 application can be built as
@ -175,7 +175,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2613723"></a>The dns.conf File</h3></div></div></div>
+<a name="id2613746"></a>The dns.conf File</h3></div></div></div>
 <p>The IRS library supports an "advanced" configuration file
  related to the DNS library for configuration parameters that
  would be beyond the capability of the
@ -193,14 +193,14 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2613750"></a>Sample Applications</h3></div></div></div>
+<a name="id2613772"></a>Sample Applications</h3></div></div></div>
 <p>Some sample application programs using this API are
  provided for reference. The following is a brief description of
  these applications.
  </p>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2613758"></a>sample: a simple stub resolver utility</h4></div></div></div>
+<a name="id2613781"></a>sample: a simple stub resolver utility</h4></div></div></div>
 <p>
  It sends a query of a given name (of a given optional RR type) to a
  specified recursive server, and prints the result as a list of
@ -264,7 +264,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2613917"></a>sample-async: a simple stub resolver, working asynchronously</h4></div></div></div>
+<a name="id2614213"></a>sample-async: a simple stub resolver, working asynchronously</h4></div></div></div>
 <p>
  Similar to "sample", but accepts a list
  of (query) domain names as a separate file and resolves the names
@ -305,7 +305,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2613971"></a>sample-request: a simple DNS transaction client</h4></div></div></div>
+<a name="id2614266"></a>sample-request: a simple DNS transaction client</h4></div></div></div>
 <p>
  It sends a query to a specified server, and
  prints the response with minimal processing. It doesn't act as a
@ -346,7 +346,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2614035"></a>sample-gai: getaddrinfo() and getnameinfo() test code</h4></div></div></div>
+<a name="id2614330"></a>sample-gai: getaddrinfo() and getnameinfo() test code</h4></div></div></div>
 <p>
  This is a test program
  to check getaddrinfo() and getnameinfo() behavior. It takes a
@ -363,7 +363,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2614050"></a>sample-update: a simple dynamic update client program</h4></div></div></div>
+<a name="id2614345"></a>sample-update: a simple dynamic update client program</h4></div></div></div>
 <p>
  It accepts a single update command as a
  command-line argument, sends an update request message to the
@ -458,7 +458,7 @@ $ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mm
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2614659"></a>nsprobe: domain/name server checker in terms of RFC 4074</h4></div></div></div>
+<a name="id2614613"></a>nsprobe: domain/name server checker in terms of RFC 4074</h4></div></div></div>
 <p>
  It checks a set
  of domains to see the name servers of the domains behave
@ -515,7 +515,7 @@ $ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mm
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2614723"></a>Library References</h3></div></div></div>
+<a name="id2614677"></a>Library References</h3></div></div></div>
 <p>As of this writing, there is no formal "manual" of the
  libraries, except this document, header files (some of them
  provide pretty detailed explanations), and sample application
@ -540,6 +540,6 @@ $ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mm
 </tr>
 </table>
 </div>
-<p style="text-align: center;">BIND 9.10.3-P3</p>
+<p style="text-align: center;">BIND 9.10.3-P4</p>
 </body>
 </html>
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch13.html
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch13.html
@ -149,6 +149,6 @@
 </tr>
 </table>
 </div>
-<p style="text-align: center;">BIND 9.10.3-P3</p>
+<p style="text-align: center;">BIND 9.10.3-P4</p>
 </body>
 </html>
--- a/external/bsd/bind/dist/doc/arm/notes.html
+++ b/external/bsd/bind/dist/doc/arm/notes.html
@ -21,13 +21,17 @@
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="article" lang="en"><div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2542126"></a>Release Notes for BIND Version 9.10.3-P3</h2></div></div></div>
+<a name="id2542126"></a>Release Notes for BIND Version 9.10.3-P4</h2></div></div></div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
 <a name="relnotes_intro"></a>Introduction</h3></div></div></div>
 <p>
      This document summarizes changes since BIND 9.10.3:
    </p>
+<p>
+      BIND 9.10.3-P4 addresses the security issues described in
+      CVE-2016-1285, CVE-2016-1286 and CVE-2016-2088.
+    </p>
 <p>
      BIND 9.10.3-P3 addresses the security issues described in
      CVE-2015-8704 and CVE-2015-8705. It also fixes a serious
@ -58,21 +62,39 @@
 <a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
 <div class="itemizedlist"><ul type="disc">
 <li><p>
-	  Specific APL data could trigger an INSIST.  This flaw
-	  was discovered by Brian Mitchell and is disclosed in
-	  CVE-2015-8704. [RT #41396]
+	  Duplicate EDNS COOKIE options in a response could trigger
+	  an assertion failure. This flaw is disclosed in CVE-2016-2088.
+	  [RT #41809]
+	</p></li>
+<li><p>
+	  The resolver could abort with an assertion failure due to
+	  improper DNAME handling when parsing fetch reply
+	  messages. This flaw is disclosed in CVE-2016-1286. [RT #41753]
+	</p></li>
+<li><p>
+	  Malformed control messages can trigger assertions in named
+	  and rndc. This flaw is disclosed in CVE-2016-1285. [RT
+	  #41666]
 	</p></li>
 <li><p>
 	  Certain errors that could be encountered when printing out
 	  or logging an OPT record containing a CLIENT-SUBNET option
 	  could be mishandled, resulting in an assertion failure.
-	  This flaw was discovered by Brian Mitchell and is disclosed
-	  in CVE-2015-8705. [RT #41397]
+	  This flaw is disclosed in CVE-2015-8705. [RT #41397]
 	</p></li>
 <li><p>
-	  Named is potentially vulnerable to the OpenSSL vulnerabilty
+	  Specific APL data could trigger an INSIST.  This flaw
+	  is disclosed in CVE-2015-8704. [RT #41396]
+	</p></li>
+<li><p>
+	  Named is potentially vulnerable to the OpenSSL vulnerability
 	  described in CVE-2015-3193.
 	</p></li>
+<li><p>
+	  Incorrect reference counting could result in an INSIST
+	  failure if a socket error occurred while performing a
+	  lookup.  This flaw is disclosed in CVE-2015-8461. [RT#40945]
+	</p></li>
 <li><p>
 	  Insufficient testing when parsing a message allowed
 	  records with an incorrect class to be be accepted,
@ -80,11 +102,6 @@
 	  were subsequently cached.  This flaw is disclosed
 	  in CVE-2015-8000. [RT #40987]
 	</p></li>
-<li><p>
-	  Incorrect reference counting could result in an INSIST
-	  failure if a socket error occurred while performing a
-	  lookup.  This flaw is disclosed in CVE-2015-8461. [RT#40945]
-	</p></li>
 </ul></div>
 </div>
 <div class="sect2" lang="en">
--- a/external/bsd/bind/dist/doc/arm/notes.pdf
+++ b/external/bsd/bind/dist/doc/arm/notes.pdf
--- a/external/bsd/bind/dist/doc/arm/notes.xml
+++ b/external/bsd/bind/dist/doc/arm/notes.xml
@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
- - Copyright (C) 2014, 2015  Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2014-2016  Internet Systems Consortium, Inc. ("ISC")
 -
 - Permission to use, copy, modify, and/or distribute this software for any
 - purpose with or without fee is hereby granted, provided that the above
@ -22,6 +22,10 @@
    <para>
      This document summarizes changes since BIND 9.10.3:
    </para>
+    <para>
+      BIND 9.10.3-P4 addresses the security issues described in
+      CVE-2016-1285, CVE-2016-1286 and CVE-2016-2088.
+    </para>
    <para>
      BIND 9.10.3-P3 addresses the security issues described in
      CVE-2015-8704 and CVE-2015-8705. It also fixes a serious
@ -52,9 +56,23 @@
    <itemizedlist>
      <listitem>
 	<para>
-	  Specific APL data could trigger an INSIST.  This flaw
-	  was discovered by Brian Mitchell and is disclosed in
-	  CVE-2015-8704. [RT #41396]
+	  Duplicate EDNS COOKIE options in a response could trigger
+	  an assertion failure. This flaw is disclosed in CVE-2016-2088.
+	  [RT #41809]
+	</para>
+      </listitem>
+      <listitem>
+	<para>
+	  The resolver could abort with an assertion failure due to
+	  improper DNAME handling when parsing fetch reply
+	  messages. This flaw is disclosed in CVE-2016-1286. [RT #41753]
+	</para>
+      </listitem>
+      <listitem>
+	<para>
+	  Malformed control messages can trigger assertions in named
+	  and rndc. This flaw is disclosed in CVE-2016-1285. [RT
+	  #41666]
 	</para>
      </listitem>
      <listitem>
@ -62,16 +80,28 @@
 	  Certain errors that could be encountered when printing out
 	  or logging an OPT record containing a CLIENT-SUBNET option
 	  could be mishandled, resulting in an assertion failure.
-	  This flaw was discovered by Brian Mitchell and is disclosed
-	  in CVE-2015-8705. [RT #41397]
+	  This flaw is disclosed in CVE-2015-8705. [RT #41397]
 	</para>
      </listitem>
      <listitem>
 	<para>
-	  Named is potentially vulnerable to the OpenSSL vulnerabilty
+	  Specific APL data could trigger an INSIST.  This flaw
+	  is disclosed in CVE-2015-8704. [RT #41396]
+	</para>
+      </listitem>
+      <listitem>
+	<para>
+	  Named is potentially vulnerable to the OpenSSL vulnerability
 	  described in CVE-2015-3193.
 	</para>
      </listitem>
+      <listitem>
+	<para>
+	  Incorrect reference counting could result in an INSIST
+	  failure if a socket error occurred while performing a
+	  lookup.  This flaw is disclosed in CVE-2015-8461. [RT#40945]
+	</para>
+      </listitem>
      <listitem>
 	<para>
 	  Insufficient testing when parsing a message allowed
@ -81,13 +111,6 @@
 	  in CVE-2015-8000. [RT #40987]
 	</para>
      </listitem>
-      <listitem>
-	<para>
-	  Incorrect reference counting could result in an INSIST
-	  failure if a socket error occurred while performing a
-	  lookup.  This flaw is disclosed in CVE-2015-8461. [RT#40945]
-	</para>
-      </listitem>
    </itemizedlist>
  </sect2>
  <sect2 id="relnotes_features">
--- a/external/bsd/bind/dist/lib/isccc/api
+++ b/external/bsd/bind/dist/lib/isccc/api
@ -6,5 +6,5 @@
 # 9.9-sub: 130-139
 # 9.10: 140-149
 LIBINTERFACE = 140
-LIBREVISION = 3
+LIBREVISION = 4
 LIBAGE = 0