diff --git a/SOURCES/bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch b/SOURCES/bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch new file mode 100644 index 0000000..f15275f --- /dev/null +++ b/SOURCES/bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch @@ -0,0 +1,36 @@ +From 96f169464ea6ec54192c4e5307a9e3f4c85927e1 Mon Sep 17 00:00:00 2001 +From: Masahiro Matsuya +Date: Thu, 4 Apr 2024 15:07:34 +0900 +Subject: [PATCH] Rebuild required for BIND changes for KeyTrap change + +--- + src/mldap.c | 13 +------------ + 1 file changed, 1 insertion(+), 12 deletions(-) + +diff --git a/src/mldap.c b/src/mldap.c +index 088c7cb..501e106 100644 +--- a/src/mldap.c ++++ b/src/mldap.c +@@ -50,18 +50,7 @@ + static unsigned char uuid_rootname_ndata[] + = { 4, 'u', 'u', 'i', 'd', 4, 'l', 'd', 'a', 'p', 0 }; + static unsigned char uuid_rootname_offsets[] = { 0, 5, 10 }; +-static dns_name_t uuid_rootname = +-{ +- DNS_NAME_MAGIC, +- uuid_rootname_ndata, +- sizeof(uuid_rootname_ndata), +- sizeof(uuid_rootname_offsets), +- DNS_NAMEATTR_READONLY | DNS_NAMEATTR_ABSOLUTE, +- uuid_rootname_offsets, +- NULL, +- { (void *)-1, (void *)-1 }, +- { NULL, NULL } +-}; ++static dns_name_t uuid_rootname = DNS_NAME_INITABSOLUTE(uuid_rootname_ndata, uuid_rootname_offsets); + + struct mldapdb { + isc_mem_t *mctx; +-- +2.43.0 + diff --git a/SPECS/bind-dyndb-ldap.spec b/SPECS/bind-dyndb-ldap.spec index 10ab556..22e14f9 100644 --- a/SPECS/bind-dyndb-ldap.spec +++ b/SPECS/bind-dyndb-ldap.spec @@ -4,7 +4,7 @@ Name: bind-dyndb-ldap Version: 11.1 -Release: 7%{?dist} +Release: 7%{?dist}.1 Summary: LDAP back-end plug-in for BIND Group: System Environment/Libraries @@ -21,6 +21,7 @@ Patch6: bind-dyndb-ldap-pemensik-0008-Support-for-BIND-9.11.3.patch Patch7: bind-dyndb-ldap-pemensik-0009-Support-for-BIND-9.11.5.patch Patch8: bind-dyndb-ldap-pemensik-0010-Use-correct-dn-value.patch Patch9: bind-dyndb-ldap-template-attribute-defaults.patch +Patch10: bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -111,6 +112,9 @@ rm -rf %{buildroot} %changelog +* Wed May 22 2024 Stepan Broz - 11.1-7.1 +- Rebuild required for BIND changes for KeyTrap change (CVE-2023-50387) + * Wed Sep 04 2019 Alexander Bokovoy - 11.1-7 - Fix attribute templating in case of a missing default value - Resolves: rhbz#1748904