rpms/bind/F-7 bind.spec,1.198,1.199
Adam Tkac (atkac)
fedora-extras-commits at redhat.com
Wed Dec 19 16:27:10 UTC 2007
Author: atkac
Update of /cvs/pkgs/rpms/bind/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3718
Modified Files:
bind.spec
Log Message:
- CVE-2007-6283
Index: bind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bind/F-7/bind.spec,v
retrieving revision 1.198
retrieving revision 1.199
diff -u -r1.198 -r1.199
--- bind.spec 5 Dec 2007 12:12:52 -0000 1.198
+++ bind.spec 19 Dec 2007 16:26:33 -0000 1.199
@@ -18,7 +18,7 @@
Name: bind
License: BSD-like
Version: 9.4.2
-Release: 1.1%{?dist}
+Release: 2%{?dist}
Epoch: 31
Url: http://www.isc.org/products/BIND/
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -484,6 +484,9 @@
# fix potential problem with older versions
/bin/sed -i -e 's^@KEY@^'`/usr/sbin/dns-keygen`'^' /etc/rndc.key ;
fi
+ # rndc.key has to have correct perms and ownership, CVE-2007-6283
+ [ -e /etc/rndc.key ] && chown root:named /etc/rndc.key
+ [ -e /etc/rndc.key ] && chmod 0640 /etc/rndc.key
%if %{selinux}
[ -e /selinux/enforce ] && [ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.* /etc/named.* >/dev/null 2>&1 ;
%endif
@@ -523,6 +526,12 @@
fi
:;
+%triggerpostun -n bind -- bind <= 31:9.4.2-2
+if [ "$1" -gt 0 ]; then
+ [ -e /etc/rndc.key ] && chown root:named /etc/rndc.key
+ [ -e /etc/rndc.key ] && chmod 0640 /etc/rndc.key
+fi
+:;
%post libs -p /sbin/ldconfig
@@ -777,6 +786,9 @@
%changelog
+* Wed Dec 19 2007 Adam Tkac <atkac redhat com> 31:9.4.2-2
+- CVE-2007-6283
+
* Wed Dec 05 2007 Adam Tkac <atkac redhat com> 31:9.4.2-1.1
- update named.ca file (new L.ROOT-SERVERS.NET, #411141)
More information about the fedora-extras-commits
mailing list