diff options
| author | erwin <erwin@FreeBSD.org> | 2013-03-27 10:11:43 +0000 |
|---|---|---|
| committer | erwin <erwin@FreeBSD.org> | 2013-03-27 10:11:43 +0000 |
| commit | 180e2fcdc7fba9b47d94a88df00f5e61c7e07e44 (patch) | |
| tree | e193b7a4992e135aeda2c98b8eeb17bc40eadace | |
| parent | e3a102cae666fa972c9774344b65874ff9ae9205 (diff) | |
| download | FreeBSD-src-180e2fcdc7fba9b47d94a88df00f5e61c7e07e44.zip FreeBSD-src-180e2fcdc7fba9b47d94a88df00f5e61c7e07e44.tar.gz | |
Update to 9.8.4-P2
Removed the check for regex.h in configure in order
to disable regex syntax checking, as it exposes
BIND to a critical flaw in libregex on some
platforms. [RT #32688]
Security: CVE-2013-2266
Approved by: delphij (mentor)
Sponsored by: DK Hostmaster A/S
| -rw-r--r-- | contrib/bind9/CHANGES | 7 | ||||
| -rw-r--r-- | contrib/bind9/config.h.in | 3 | ||||
| -rw-r--r-- | contrib/bind9/configure.in | 2 | ||||
| -rw-r--r-- | contrib/bind9/version | 2 | ||||
| -rw-r--r-- | lib/bind/config.h | 3 | ||||
| -rw-r--r-- | lib/bind/dns/code.h | 2 | ||||
| -rw-r--r-- | lib/bind/dns/dns/enumclass.h | 2 | ||||
| -rw-r--r-- | lib/bind/dns/dns/enumtype.h | 2 | ||||
| -rw-r--r-- | lib/bind/dns/dns/rdatastruct.h | 2 |
9 files changed, 13 insertions, 12 deletions
diff --git a/contrib/bind9/CHANGES b/contrib/bind9/CHANGES index 6d1ee31..bd064e5 100644 --- a/contrib/bind9/CHANGES +++ b/contrib/bind9/CHANGES @@ -1,3 +1,10 @@ + --- 9.8.4-P2 released --- + +3516. [security] Removed the check for regex.h in configure in order + to disable regex syntax checking, as it exposes + BIND to a critical flaw in libregex on some + platforms. [RT #32688] + --- 9.8.4-P1 released --- 3407. [security] Named could die on specific queries with dns64 enabled. diff --git a/contrib/bind9/config.h.in b/contrib/bind9/config.h.in index e2f5999..42d7a21 100644 --- a/contrib/bind9/config.h.in +++ b/contrib/bind9/config.h.in @@ -286,9 +286,6 @@ int sigwait(const unsigned int *set, int *sig); /* Define if your OpenSSL version supports GOST. */ #undef HAVE_OPENSSL_GOST -/* Define to 1 if you have the <regex.h> header file. */ -#undef HAVE_REGEX_H - /* Define to 1 if you have the `setegid' function. */ #undef HAVE_SETEGID diff --git a/contrib/bind9/configure.in b/contrib/bind9/configure.in index a0ec700..0567add 100644 --- a/contrib/bind9/configure.in +++ b/contrib/bind9/configure.in @@ -298,7 +298,7 @@ esac AC_HEADER_STDC -AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,, +AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,, [$ac_includes_default #ifdef HAVE_SYS_PARAM_H # include <sys/param.h> diff --git a/contrib/bind9/version b/contrib/bind9/version index 1090bee..da686fa 100644 --- a/contrib/bind9/version +++ b/contrib/bind9/version @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=8 PATCHVER=4 RELEASETYPE=-P -RELEASEVER=1 +RELEASEVER=2 diff --git a/lib/bind/config.h b/lib/bind/config.h index 5e9d74b..bf6f8ce 100644 --- a/lib/bind/config.h +++ b/lib/bind/config.h @@ -286,9 +286,6 @@ int sigwait(const unsigned int *set, int *sig); /* Define if your OpenSSL version supports GOST. */ /* #undef HAVE_OPENSSL_GOST */ -/* Define to 1 if you have the <regex.h> header file. */ -#define HAVE_REGEX_H 1 - /* Define to 1 if you have the `setegid' function. */ #define HAVE_SETEGID 1 diff --git a/lib/bind/dns/code.h b/lib/bind/dns/code.h index a451eeb..99944ad 100644 --- a/lib/bind/dns/code.h +++ b/lib/bind/dns/code.h @@ -1,7 +1,7 @@ /* $FreeBSD$ */ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any diff --git a/lib/bind/dns/dns/enumclass.h b/lib/bind/dns/dns/enumclass.h index 7ee27fe..f9249ec 100644 --- a/lib/bind/dns/dns/enumclass.h +++ b/lib/bind/dns/dns/enumclass.h @@ -1,7 +1,7 @@ /* $FreeBSD$ */ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any diff --git a/lib/bind/dns/dns/enumtype.h b/lib/bind/dns/dns/enumtype.h index 4c9a2f9..5ab36d1 100644 --- a/lib/bind/dns/dns/enumtype.h +++ b/lib/bind/dns/dns/enumtype.h @@ -1,7 +1,7 @@ /* $FreeBSD$ */ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any diff --git a/lib/bind/dns/dns/rdatastruct.h b/lib/bind/dns/dns/rdatastruct.h index 9504fa8..10cba31 100644 --- a/lib/bind/dns/dns/rdatastruct.h +++ b/lib/bind/dns/dns/rdatastruct.h @@ -1,7 +1,7 @@ /* $FreeBSD$ */ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any |
