Blame SOURCES/bind99-CVE-2017-3136.patch
|
 |
900526 |
From d4d151cf34fab415e2823deada3433df7f475c71 Mon Sep 17 00:00:00 2001
|
|
|
900526 |
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
|
|
|
900526 |
Date: Tue, 11 Apr 2017 16:19:08 +0200
|
|
|
900526 |
Subject: [PATCH 1/3] 4575. [security] DNS64 with "break-dnssec yes;"
|
|
|
900526 |
can result in an assertion failure. (CVE-2017-3136)
|
|
|
900526 |
[RT #44653]
|
|
|
900526 |
|
|
|
900526 |
---
|
|
|
900526 |
bin/named/query.c | 1 +
|
|
|
900526 |
1 file changed, 1 insertion(+)
|
|
|
900526 |
|
|
|
900526 |
diff --git a/bin/named/query.c b/bin/named/query.c
|
|
|
900526 |
index f60078b..6e988f5 100644
|
|
|
900526 |
--- a/bin/named/query.c
|
|
|
900526 |
+++ b/bin/named/query.c
|
|
|
900526 |
@@ -7324,6 +7324,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
|
|
|
900526 |
result = query_dns64(client, &fname, rdataset,
|
|
|
900526 |
sigrdataset, dbuf,
|
|
|
900526 |
DNS_SECTION_ANSWER);
|
|
|
900526 |
+ noqname = NULL;
|
|
|
900526 |
dns_rdataset_disassociate(rdataset);
|
|
|
900526 |
dns_message_puttemprdataset(client->message, &rdataset);
|
|
|
900526 |
if (result == ISC_R_NOMORE) {
|
|
|
900526 |
--
|
|
|
900526 |
2.9.3
|
|
|
900526 |
|