diff options
Diffstat (limited to 'source/n/bind')
-rw-r--r-- | source/n/bind/bind-9.16.11.CVE-2020-8625.diff | 12 | ||||
-rwxr-xr-x | source/n/bind/bind.SlackBuild | 6 |
2 files changed, 17 insertions, 1 deletions
diff --git a/source/n/bind/bind-9.16.11.CVE-2020-8625.diff b/source/n/bind/bind-9.16.11.CVE-2020-8625.diff new file mode 100644 index 000000000..419b5bea0 --- /dev/null +++ b/source/n/bind/bind-9.16.11.CVE-2020-8625.diff @@ -0,0 +1,12 @@ +diff -u -r --new-file bind-9.16.11.orig/lib/dns/spnego.c bind-9.16.11/lib/dns/spnego.c +--- bind-9.16.11.orig/lib/dns/spnego.c 2021-01-11 07:23:31.000000000 -0600 ++++ bind-9.16.11/lib/dns/spnego.c 2021-02-24 13:57:17.199873321 -0600 +@@ -848,7 +848,7 @@ + return (ASN1_OVERRUN); + } + +- data->components = malloc(len * sizeof(*data->components)); ++ data->components = malloc((len + 1) * sizeof(*data->components)); + if (data->components == NULL) { + return (ENOMEM); + } diff --git a/source/n/bind/bind.SlackBuild b/source/n/bind/bind.SlackBuild index 1b7af8957..a77c53178 100755 --- a/source/n/bind/bind.SlackBuild +++ b/source/n/bind/bind.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=bind VERSION=${VERSION:-$(echo ${PKGNAM}-[0-9]*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -82,6 +82,10 @@ else GSSAPI=" " fi +# Fix a security vulnerability. This is fixed in 9.16.12, but we can't use +# that version due to other regressions. +zcat $CWD/bind-9.16.11.CVE-2020-8625.diff.gz | patch -p1 --verbose || exit 1 + # Configure: CFLAGS="$SLKCFLAGS" \ ./configure \ |