diff options
| author | Noah Meyerhans <frodo@morgul.net> | 2022-09-21 11:57:50 -0700 |
|---|---|---|
| committer | Rosen Penev <rosenp@gmail.com> | 2022-09-22 01:22:39 -0700 |
| commit | ba76684a3d487fb92b3824aa3a0b7a20fd86ea9a (patch) | |
| tree | d568249472b5b291a780a73fecbb4395c1191ef0 | |
| parent | 8cb0ed95dd101b1c8d4b44482ef2033a202b030f (diff) | |
bind: bump to 9.18.7
Fixes multiple security issues:
CVE-2022-38178 - Fix memory leak in EdDSA verify processing
CVE-2022-3080 - Fix serve-stale crash that could happen when
stale-answer-client-timeout was set to 0 and there was
a stale CNAME in the cache for an incoming query
CVE-2022-2906 - Fix memory leaks in the DH code when using OpenSSL 3.0.0
and later versions. The openssldh_compare(),
openssldh_paramcompare(), and openssldh_todns()
functions were affected
CVE-2022-2881 - When an HTTP connection was reused to get
statistics from the stats channel, and zlib
compression was in use, each successive
response sent larger and larger blocks of memory,
potentially reading past the end of the allocated
buffer
CVE-2022-2795 - Prevent excessive resource use while processing large
delegations
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
| -rw-r--r-- | net/bind/Makefile | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/bind/Makefile b/net/bind/Makefile index 779dc1759..bc4a9a877 100644 --- a/net/bind/Makefile +++ b/net/bind/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=bind -PKG_VERSION:=9.18.4 +PKG_VERSION:=9.18.7 PKG_RELEASE:=$(AUTORELEASE) USERID:=bind=57:bind=57 @@ -22,7 +22,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:= \ https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \ https://ftp.isc.org/isc/bind9/$(PKG_VERSION) -PKG_HASH:=f277ae50159a00c300eb926a9c5d51953038a936bd8242d6913dfb6eac42761d +PKG_HASH:=9e2acf1698f49d70ad12ffbad39ec6716a7da524e9ebd98429c7c70ba1262981 PKG_FIXUP:=autoreconf PKG_REMOVE_FILES:=aclocal.m4 libtool.m4 |