From 7e24dfe67f2c966604f432a9a73c6772198c3238 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Feb 27 2023 12:10:51 +0000 Subject: import bind9.16-9.16.23-0.13.el8 --- diff --git a/SOURCES/bind-9.16-CVE-2022-3094-1.patch b/SOURCES/bind-9.16-CVE-2022-3094-1.patch new file mode 100644 index 0000000..53f6629 --- /dev/null +++ b/SOURCES/bind-9.16-CVE-2022-3094-1.patch @@ -0,0 +1,241 @@ +From 0c0dc08d3ef26b7411cfe089e8144454831e8af5 Mon Sep 17 00:00:00 2001 +From: Evan Hunt +Date: Thu, 1 Sep 2022 16:05:04 -0700 +Subject: [PATCH] add an update quota + +limit the number of simultaneous DNS UPDATE events that can be +processed by adding a quota for update and update forwarding. +this quota currently, arbitrarily, defaults to 100. + +also add a statistics counter to record when the update quota +has been exceeded. + +(cherry picked from commit 7c47254a140c3e9cf383cda73c7b6a55c4782826) +--- + bin/named/bind9.xsl | 4 +++- + bin/named/bind9.xsl.h | 6 +++++- + bin/named/statschannel.c | 5 +++-- + doc/arm/reference.rst | 5 +++++ + lib/ns/include/ns/server.h | 1 + + lib/ns/include/ns/stats.h | 4 +++- + lib/ns/server.c | 2 ++ + lib/ns/update.c | 38 +++++++++++++++++++++++++++++++++++++- + 8 files changed, 59 insertions(+), 6 deletions(-) + +diff --git a/bin/named/bind9.xsl b/bin/named/bind9.xsl +index 5078115..194625b 100644 +--- a/bin/named/bind9.xsl ++++ b/bin/named/bind9.xsl +@@ -12,7 +12,9 @@ + + + +- ++ ++ ++ + + + +diff --git a/bin/named/bind9.xsl.h b/bin/named/bind9.xsl.h +index e30f7f5..b182742 100644 +--- a/bin/named/bind9.xsl.h ++++ b/bin/named/bind9.xsl.h +@@ -20,7 +20,11 @@ static char xslmsg[] = + "\n" + " \n" +- " \n" ++ " \n" ++ " \n" ++ " \n" + " \n" + " \n" + "