From nobody@FreeBSD.org  Wed Sep 19 07:31:13 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B567D106566C
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 19 Sep 2012 07:31:13 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 9E19E8FC16
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 19 Sep 2012 07:31:13 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.5/8.14.5) with ESMTP id q8J7VCQc079944
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 19 Sep 2012 07:31:12 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.5/8.14.5/Submit) id q8J7VCo2079938;
	Wed, 19 Sep 2012 07:31:12 GMT
	(envelope-from nobody)
Message-Id: <201209190731.q8J7VCo2079938@red.freebsd.org>
Date: Wed, 19 Sep 2012 07:31:12 GMT
From: Alexey <alexey@kouznetsov.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Bind security problem: A Specially Crafted Resource Record Could Cause named to Terminate
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         171765
>Category:       bin
>Synopsis:       Bind security problem: A Specially Crafted Resource Record Could Cause named to Terminate
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    dougb
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 19 07:40:10 UTC 2012
>Closed-Date:    Wed Sep 19 18:26:42 UTC 2012
>Last-Modified:  Wed Sep 19 18:26:42 UTC 2012
>Originator:     Alexey
>Release:        Any supported
>Organization:
>Environment:
ISC Bind related, included in base system.
>Description:
http://www.isc.org/software/bind/advisories/cve-2012-4244

-cut-
A nameserver can be caused to exit with a REQUIRE exception if it can be induced to load a specially crafted resource record.

If a record with RDATA in excess of 65535 bytes is loaded into a nameserver, a subsequent query for that record will cause named to exit with an assertion failure.

Please Note: Versions of BIND 9.4 and 9.5 are also affected, but these branches are beyond their "end of life" (EOL) and no longer receive testing or security fixes from ISC.

This vulnerability can be exploited remotely against recursive servers by inducing them to query for records provided by an authoritative server. It affects authoritative servers if a zone containing this type of resource record is loaded from file or provided via zone transfer.
-cut-
>How-To-Repeat:

>Fix:
ISC released patches for the problem. Merge patches to the source tree .

BIND versions where problem fixed:
BIND 9 version 9.7.7, 9.7.6-P3
BIND 9 version 9.6-ESV-R8, 9.6-ESV-R7-P3
BIND 9 version 9.8.4, 9.8.3-P3
BIND 9 version 9.9.2, 9.9.1-P3

port versions already updated. Problem still in main base.

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->dougb 
Responsible-Changed-By: eadler 
Responsible-Changed-When: Wed Sep 19 16:48:12 UTC 2012 
Responsible-Changed-Why:  
this is your area of expertise 

http://www.freebsd.org/cgi/query-pr.cgi?pr=171765 
State-Changed-From-To: open->closed 
State-Changed-By: dougb 
State-Changed-When: Wed Sep 19 18:26:11 UTC 2012 
State-Changed-Why:  

As you well know, I'm already aware of this issue. Your PRs are not helping. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=171765 
>Unformatted:
