extra/djbdns: security fix

http://securityandthe.net/2009/03/05/security-issue-in-djbdns-confirmed/

2 files changed, 14 insertions, 1 deletions

diff --git a/extra/djbdns/1.05-response.patch b/extra/djbdns/1.05-response.patch
new file mode 100644
index 000000000..eb6ae5904
--- /dev/null
+++ b/extra/djbdns/1.05-response.patch
@@ -0,0 +1,11 @@
+--- a/response.c.orig     2009-02-24 21:04:06.000000000 -0800
++++ b/response.c  2009-02-24 21:04:25.000000000 -0800
+@@ -34,7 +34,7 @@
+         uint16_pack_big(buf,49152 + name_ptr[i]);
+         return response_addbytes(buf,2);
+       }
+-    if (dlen <= 128)
++    if ((dlen <= 128) && (response_len < 16384))
+       if (name_num < NAMES) {
+        byte_copy(name[name_num],dlen,d);
+        name_ptr[name_num] = response_len;
diff --git a/extra/djbdns/APKBUILD b/extra/djbdns/APKBUILD
index 4449d1d0a..f05c45608 100644
--- a/extra/djbdns/APKBUILD
+++ b/extra/djbdns/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=djbdns
 pkgver=1.05
-pkgrel=22
+pkgrel=23
 pkgdesc="Excellent high-performance DNS services"
 url="http://cr.yp.to/djbdns.html"
 license="public-domain"
@@ -12,6 +12,7 @@ source="http://cr.yp.to/djbdns/$pkgname-$pkgver.tar.gz
 	dnsroots.patch
 	dnstracesort.patch
 	$pkgver-errno.patch
+	$pkgver-response.patch
 	tinydns.install
 	tinydns.initd
 	tinydns.confd
@@ -76,6 +77,7 @@ md5sums="3147c5cd56832aa3b41955c7a51cbeb2  djbdns-1.05.tar.gz
 dfd675b2775efcbb604413a84db8bf1a  dnsroots.patch
 6fe7f473233f1c86b76261afd8345bf0  dnstracesort.patch
 c7be73fe2fb4ae02d5096fa2c1f55a68  1.05-errno.patch
+1292500c04baba3995d9753fe40fdc94  1.05-response.patch
 2e1cd0923248120f8d066967781538be  tinydns.install
 d7be449f5f90457ba785aebb1cadbf88  tinydns.initd
 7dcf6674c07d46c736b3c25d9c92384a  tinydns.confd