diff options
| author | Doug Barton <dougb@FreeBSD.org> | 2010-12-04 05:58:56 +0000 |
|---|---|---|
| committer | Doug Barton <dougb@FreeBSD.org> | 2010-12-04 05:58:56 +0000 |
| commit | c3c441cd465bac8445ac300e23175c4241a23231 (patch) | |
| tree | f01f0fcdfd363df827bfbc878514d9fc94ccdca9 /contrib/bind9/bin/named/client.c | |
| parent | bef5da7f9807b61ba1878f9308ec51e7b52bf719 (diff) | |
| parent | f805c4c11684ad447d955512cb705ebc2aba9ef3 (diff) | |
Update to version 9.6-ESV-R3, the latest from ISC, which addresses
the following security vulnerabilities.
For more information regarding these issues please see:
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
1. Cache incorrectly allows ncache and rrsig for the same type
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613
Affects resolver operators whose servers are open to potential
attackers. Triggering the bug will cause the server to crash.
This bug applies even if you do not have DNSSEC enabled.
2. Key algorithm rollover
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614
Affects resolver operators who are validating with DNSSEC, and
querying zones which are in a key rollover period. The bug will
cause answers to incorrectly be marked as insecure.
Notes
Notes:
svn path=/head/; revision=216175
Diffstat (limited to 'contrib/bind9/bin/named/client.c')
| -rw-r--r-- | contrib/bind9/bin/named/client.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/contrib/bind9/bin/named/client.c b/contrib/bind9/bin/named/client.c index ae5386cb4893..a0e034ae2d27 100644 --- a/contrib/bind9/bin/named/client.c +++ b/contrib/bind9/bin/named/client.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: client.c,v 1.259.12.3 2009/01/29 22:40:33 jinmei Exp $ */ +/* $Id: client.c,v 1.259.12.3.24.2 2010/09/29 23:46:31 tbox Exp $ */ #include <config.h> @@ -1859,13 +1859,13 @@ client_request(isc_task_t *task, isc_event_t *event) { client->view->recursionacl, ISC_TRUE) == ISC_R_SUCCESS && ns_client_checkaclsilent(client, NULL, - client->view->queryacl, + client->view->cacheacl, ISC_TRUE) == ISC_R_SUCCESS && ns_client_checkaclsilent(client, &client->interface->addr, client->view->recursiononacl, ISC_TRUE) == ISC_R_SUCCESS && ns_client_checkaclsilent(client, &client->interface->addr, - client->view->queryonacl, + client->view->cacheonacl, ISC_TRUE) == ISC_R_SUCCESS) ra = ISC_TRUE; |