From the URL:
A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query.
BIND 9 version 9.8.5-P2 and 9.9.3-P2 have been released to resolve this.
*** Bug 478464 has been marked as a duplicate of this bug. ***
Created attachment 354474 [details]
ebuild for Bind 9.9.3_p2
Here is an ebuild for Bind 9.9.3_p2; the only change I had to make was to remove the patch for bug 463626 which was added upstream.
I built and tested this ebuild using a minimal set of use flags and I also built but did not extensively test a more full-featured build with most of the database backends enabled.
Created attachment 354554 [details, diff]
Please submit diffs.
- stable keywords?
- no newstats/ecdsa?
- no systemd unit file?
- no generate-rndc-key.sh?
9.9.3-P2 has been added yesterday. Feel free to stabilize.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
GLSA vote: yes
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before
9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND
9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause
a denial of service (assertion failure and named daemon exit) via a query
with a malformed RDATA section that is not properly handled during
construction of a log message, as exploited in the wild in July 2013.
Added to existing request.
This issue was resolved and addressed in
GLSA 201401-34 at http://security.gentoo.org/glsa/glsa-201401-34.xml
by GLSA coordinator Sean Amoss (ackle).