Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NetBSD/dist/bind/lib/dns
History
adrianp ee74a1421a Fixes for CVE-2006-4095 and CVE-2006-4096 from bind-9.3.2-P1 
* Assertion failure in ISC BIND SIG query processing (CVE-2006-4095)

- Recursive servers
Queries for SIG records will trigger an assertion failure if more
than one RRset is returned. However exposure can be minimized by
restricting which sources can ask for recursion.

- Authoritative servers
If a nameserver is serving a RFC 2535 DNSSEC zone and is queried
for the SIG records where there are multiple RRsets, then the
named program will trigger an assertion failure when it tries
to construct the response.

* INSIST failure in ISC BIND recursive query handling code (CVE-2006-4096)

It is possible to trigger an INSIST failure by sending enough
recursive queries such that the response to the query arrives after
all the clients waiting for the response have left the recursion
queue. However exposure can be minimized by restricting which sources
can ask for recursion.

ok'ed christos@
 		2006-09-05 19:31:47 +00:00
..
include import the real 9.3.2 not 9.2.3. 2005-12-21 23:16:49 +00:00
rdata resolve conflicts. 2005-12-22 00:26:23 +00:00
win32 import the real 9.3.2 not 9.2.3. 2005-12-21 23:16:49 +00:00
Makefile.in import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
a6.c from ftp.isc.org 2005-12-21 19:50:15 +00:00
acl.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
adb.c Coverity CID 2486: Fix uninitialized variable 2006-03-29 16:09:53 +00:00
api import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
byaddr.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
cache.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
callbacks.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
compress.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
db.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dbiterator.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dbtable.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
diff.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dispatch.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dnssec.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
ds.c
dst_api.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dst_internal.h import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dst_lib.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dst_openssl.h import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dst_parse.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dst_parse.h import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
dst_result.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
forward.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
gen-unix.h import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
gen-win32.h import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
gen.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
gssapi_link.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
gssapictx.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
hmac_link.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
journal.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
key.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
keytable.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
lib.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
log.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
lookup.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
master.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
masterdump.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
message.c Initialize rdataset. 2006-05-14 01:18:41 +00:00
name.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
ncache.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
nsec.c
nxt.c from ftp.isc.org 2005-12-21 19:50:15 +00:00
openssl_link.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
openssldh_link.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
openssldsa_link.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
opensslrsa_link.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
order.c
peer.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
portlist.c
rbt.c resolve conflicts. 2005-12-22 00:26:23 +00:00
rbtdb.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rbtdb.h import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rbtdb64.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rbtdb64.h import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rcode.c
rdata.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rdatalist.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rdatalist_p.h import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rdataset.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rdatasetiter.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rdataslab.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
request.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
resolver.c Fixes for CVE-2006-4095 and CVE-2006-4096 from bind-9.3.2-P1 2006-09-05 19:31:47 +00:00
result.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
rootns.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
sdb.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
soa.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
ssu.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
stats.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
tcpmsg.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
time.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
timer.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
tkey.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
tsig.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
ttl.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
validator.c resolve conflicts. 2005-12-22 00:26:23 +00:00
version.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
view.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
xfrin.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
zone.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
zonekey.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00
zt.c import the real 9.3.2 not 9.2.3. 2005-12-21 23:06:48 +00:00