aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-04-29 04:25:03 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-04-29 04:25:22 -0600
commitabbb1276cee4a53b393caff5e514360ddf2bc351 (patch)
treed7b7dc9e90248d73eb62f01065a8f236968e7b99
parenteaaea5da53c549497c0b164944ff5ba5c605cdca (diff)
downloadaports-abbb1276cee4a53b393caff5e514360ddf2bc351.tar.gz
aports-abbb1276cee4a53b393caff5e514360ddf2bc351.tar.bz2
aports-abbb1276cee4a53b393caff5e514360ddf2bc351.tar.xz
main/bind: security upgrade to 9.16.15 (CVE-2021-25214, CVE-2021-25215, CVE-2021-25216)
-rw-r--r--main/bind/APKBUILD23
-rw-r--r--main/bind/CVE-2020-8625.patch45
2 files changed, 16 insertions, 52 deletions
diff --git a/main/bind/APKBUILD b/main/bind/APKBUILD
index 2ab5fcb3fd..e360ae30c3 100644
--- a/main/bind/APKBUILD
+++ b/main/bind/APKBUILD
@@ -5,7 +5,7 @@
# Contributor: ungleich <alpinelinux@ungleich.ch>
# Maintainer:
pkgname=bind
-pkgver=9.16.11
+pkgver=9.16.15
_ver=${pkgver%_p*}
_p=${pkgver#*_p}
_major=${pkgver%%.*}
@@ -49,7 +49,6 @@ subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc
"
source="
https://downloads.isc.org/isc/bind$_major/$_ver/bind-$_ver.tar.xz
- CVE-2020-8625.patch
bind.plugindir.patch
bind.so_bsdcompat.patch
named.initd
@@ -61,6 +60,10 @@ source="
"
# secfixes:
+# 9.16.15-r0:
+# - CVE-2021-25214
+# - CVE-2021-25215
+# - CVE-2021-25216
# 9.16.11-r2:
# - CVE-2020-8625
# 9.16.6-r0:
@@ -244,21 +247,27 @@ root_keys() {
ln -s "../../$_dir/$_file" "$_link"
}
-# TODO: remove when abuild is sufficiently upgraded
+# The default_libs() in abuild uses the wrong pattern.
libs() {
depends="$depends_libs"
- default_libs
+ pkgdesc="$pkgdesc (libraries)"
+ local dir= file=
+ for dir in lib usr/lib; do
+ for file in "$pkgdir"/$dir/lib*.so; do
+ [ -f "$file" ] || continue
+ mkdir -p "$subpkgdir"/$dir
+ mv "$file" "$subpkgdir"/$dir/
+ done
+ done
}
-
_gpg_signature_extensions="sha512.asc"
_gpgfingerprints="
good:AE3F AC79 6711 EC59 FC00 7AA4 74BB 6B9A 4CBB 3D38
BE0E 9748 B718 253A 28BB 89FF F1B1 1BF0 5CF0 2E57
"
-sha512sums="5ed632df7c74f5e6693db9b378450ea3073b8002e9924df1d0465f8b8edb933df3a853d3965a290a0477a67ca2bfa79f679d7e344db08a65462860c58d04dc1b bind-9.16.11.tar.xz
-ca726f08e0ad939dd78fae9a6e30c0f2dfab0ce9a4ec0da79570820fe05481c705d51791952ad258fde3446f5f11217459aa2e09f025c5cd264c3c0fed4f2a7f CVE-2020-8625.patch
+sha512sums="30dad6e2144b3ac53ef0a2d1ed3c8342120f148fc0eb6409113a6d5ed3444eecb917915fdf39c26fd223396fc1e873410a50da305f0b870864f7fbbdccec8033 bind-9.16.15.tar.xz
2b32d1e7f62cd1e01bb4fdd92d15460bc14761b933d5acc463a91f5ecd4773d7477c757c5dd2738e8e433693592cf3f623ffc142241861c91848f01aa84640d6 bind.plugindir.patch
7167dccdb2833643dfdb92994373d2cc087e52ba23b51bd68bd322ff9aca6744f01fa9d8a4b9cd8c4ce471755a85c03ec956ec0d8a1d4fae02124ddbed6841f6 bind.so_bsdcompat.patch
53db80f7ee4902f42fb1d0bc959242bcb6f20d95256bda99ce2c206af8b4703c7f72bb26d026c633f70451b84a37c3946b210951e34dd5d6620b181cd0183de4 named.initd
diff --git a/main/bind/CVE-2020-8625.patch b/main/bind/CVE-2020-8625.patch
deleted file mode 100644
index 143b6b3841..0000000000
--- a/main/bind/CVE-2020-8625.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From b04cb88462863d762093760ffcfe1946200e30f5 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
-Date: Thu, 7 Jan 2021 10:44:46 +0100
-Subject: [PATCH] Fix off-by-one bug in ISC SPNEGO implementation
-
-The ISC SPNEGO implementation is based on mod_auth_kerb code. When
-CVE-2006-5989 was disclosed, the relevant fix was not applied to the
-BIND 9 codebase, making the latter vulnerable to the aforementioned flaw
-when "tkey-gssapi-keytab" or "tkey-gssapi-credential" is set in
-named.conf.
-
-The original description of CVE-2006-5989 was:
-
- Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0
- allows remote attackers to cause a denial of service (crash) via a
- crafted Kerberos message that triggers a heap-based buffer overflow
- in the component array.
-
-Later research revealed that this flaw also theoretically enables remote
-code execution, though achieving the latter in real-world conditions is
-currently deemed very difficult.
-
-This vulnerability was responsibly reported as ZDI-CAN-12302 ("ISC BIND
-TKEY Query Heap-based Buffer Overflow Remote Code Execution
-Vulnerability") by Trend Micro Zero Day Initiative.
----
- lib/dns/spnego.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
-index e61d1c600f..753dc8049f 100644
---- a/lib/dns/spnego.c
-+++ b/lib/dns/spnego.c
-@@ -848,7 +848,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
- return (ASN1_OVERRUN);
- }
-
-- data->components = malloc(len * sizeof(*data->components));
-+ data->components = malloc((len + 1) * sizeof(*data->components));
- if (data->components == NULL) {
- return (ENOMEM);
- }
---
-GitLab
-