File bind-9.16-CVE-2024-4076.patch of Package bind

Overview Repositories Revisions Requests Users Attributes Meta

File bind-9.16-CVE-2024-4076.patch of Package bind

commit b5ed2908f09795cb928095259fce6ca173a12a78
Author: Nicki Křížek <nicki@isc.org>
Date:   Wed Jul 24 12:43:19 2024 +0000

[9.16] [CVE-2024-4076]
    
    Backport of MR isc-private/bind9!631
    
    Merge branch '4507-clear-zversion-v9_16' into 'bind-9.16'
    
    See merge request isc-projects/bind9!9175

diff --git a/CHANGES b/CHANGES
index 36169a577d..1a00427045 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,10 @@
 6396.	[security]	Remove SIG(0) support from named as a countermeasure
 			for CVE-2024-1975. [GL #4480]
 
+6383.	[bug]		qctx-zversion was not being cleared when it should have
+			been leading to an assertion failure if it needed to be
+			reused. (CVE-2024-4076) [GL #4507]
+
 	--- 9.16.50 released ---
 
 6364.	[protocol]	Add RESOLVER.ARPA to the built in empty zones.
diff --git a/lib/ns/query.c b/lib/ns/query.c
index 1290c308af..ec9bf5b769 100644
--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@@ -5260,6 +5260,7 @@ qctx_freedata(query_ctx_t *qctx) {
 		ns_client_releasename(qctx->client, &qctx->zfname);
 		dns_db_detachnode(qctx->zdb, &qctx->znode);
 		dns_db_detach(&qctx->zdb);
+		qctx->zversion = NULL;
 	}
 
 	if (qctx->event != NULL && !qctx->client->nodetach) {

Places

File bind-9.16-CVE-2024-4076.patch of Package bind

Places