Bug 132366

Summary: [PATCH] dns/djbdns: Fix a recent bug (AXFRed subdomains overwrite domains)
Product: Ports & Packages Reporter: Renato Botelho <garga>
Component: Individual Port(s)Assignee: Peter Pentchev <roam>
Status: Closed FIXED    
Severity: Affects Only Me CC: roam
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
djbdns-1.05_13.patch none

Description Renato Botelho freebsd_committer freebsd_triage 2009-03-06 16:10:04 UTC 
If the administrator of example.com publishes the example.com DNS data
through tinydns and axfrdns, and includes data for sub.example.com
transferred from an untrusted third party, then that third party can
control cache entries for example.com, not just sub.example.com. This is
the result of a bug in djbdns pointed out by Matthew Dempsky. (In short,
axfrdns compresses some outgoing DNS packets incorrectly.)

More detailed description at:

Since i'm here, pacify a bit portlint removing quotes from BROKEN messages

Added file(s):
- files/patch-response.c

Port maintainer (roam@FreeBSD.org) is cc'd.

Generated with FreeBSD Port Tools 0.77
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2009-03-06 16:10:15 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->roam

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 dfilter service freebsd_committer freebsd_triage 2009-03-06 16:20:26 UTC 
roam        2009-03-06 16:20:17 UTC

  FreeBSD ports repository

  Modified files:
    dns/djbdns           Makefile 
  Added files:
    dns/djbdns/files     patch-response.c 
  Log:
  Fix the AXFR subdomain overwrite vulnerability discovered by
  Matthew Dempsky.  Also, fix the quoting of the BROKEN messages.
  
  PR:             132366, 132349
  Submitted by:   Renato Botelho <garga@FreeBSD.org>,
                  Howard Goldstein <hg@queue.to>
  
  Revision  Changes    Path
  1.34      +3 -3      ports/dns/djbdns/Makefile
  1.1       +11 -0     ports/dns/djbdns/files/patch-response.c (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 3 Peter Pentchev freebsd_committer freebsd_triage 2009-03-06 16:20:33 UTC 
State Changed
From-To: open->closed

I've just committed the patch.  Thanks!