Bug 174129

Summary: critical upstream bug fixes need backporting
Product: Red Hat Enterprise Linux 3 Reporter: Jason Vas Dias <jvdias>
Component: bindAssignee: Jason Vas Dias <jvdias>
Status: CLOSED ERRATA QA Contact: Ben Levenson <benl>
Severity: high Docs Contact:
Priority: medium    
Version: 3.0   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHBA-2006-0287 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-07-20 14:58:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 174127    
Bug Blocks: 181405    

Description Jason Vas Dias 2005-11-24 21:38:06 UTC 
+++ This bug was initially created as a clone of Bug #174127 +++

Description of problem:

These BIND bugs have been fixed by the upstream ISC BIND maintainers,
and the fixes have been reviewed and tested. I have selected this bare
minimum set of bug fixes from the ISC BIND 9.2.6 release, verified that
the code changes fix genuine problems in the Linux BIND source, and have
backported them to the RHEL-4 bind-9.2.4 release . 

No new features are added by these bug fixes - they fix known problems in
the BIND source code only.

New test cases have been added to the test suite and all tests pass.

        --- ISC BIND 9.2.6 fixes backported to RHEL-4 BIND 9.2.4 ---

1923.   [bug]           ns_client_detach() called too early. [RT #15499]

1895.   [bug]           A escaped character is, potentially, converted to
                        the output character set too early. [RT #14666]

1886.   [bug]           fctx_create() could return success even though it
                        failed. [RT #14993]

1883.   [bug]           dnssec-signzone, dnssec-keygen, dnssec-signkey,
                        dnssec-makekeyset: handle negative debug levels.
                        [RT #14962]

1877.   [bug]           Fix unreasonably low quantum on call to
                        dns_rbt_destroy2().  Remove unnecessay unhash_node()
                        call. [RT #14919]

1875.   [bug]           process_dhtkey() was using the wrong memory context
                        to free some memory. [RT #14890]

1871.   [bug]           dnssec_makekeyset and dnssec-signkey failed to
                        initalize the hash context. [RT #13771]

1854.   [bug]           lwres also needs to know the print format for
                        (long long).  [RT #13754]

1850.   [bug]           Memory leak in lwres_getipnodebyaddr(). [RT #14591]

1847.   [bug]           isc_ondestroy_init() is called too late in
                        dns_rbtdb_create()/dns_rbtdb64_create().
                        [RT #13661]

1844.   [bug]           inet_pton() accepted more that 4 hexadecimal digits
                        for each 16 bit piece of the IPv6 address.  The text
                        representation of a IPv6 address has been tighted
                        to disallow this (draft-ietf-ipv6-addr-arch-v4-02.txt).
                        [RT #5662]

1835.   [bug]           Update dnssec-signzone's usage message. [RT #13657]

1833.   [bug]           Race condition in isc_mutex_lock_profile(). [RT #13660]

1832.   [bug]           named fails to return BADKEY on unknown TSIG algorithm.
                        [RT #13620] (tsig.c)

1830.   [bug]           adb lame cache has sence of test reversed. [RT #13600]

1828.   [bug]           isc_rwlock_init() failed to properly cleanup if it
                        encountered a error. [RT #13549]

1826.   [bug]           Missing DESTROYLOCK() in isc_mem_createx() on out
                        of memory error. [RT #13537]

1825.   [bug]           Missing UNLOCK() on out of memory error from in
                        rbtdb.c:subtractrdataset(). [RT #13519]

1824.   [bug]           Memory leak on dns_zone_setdbtype() failure.
                        [RT #13510]

1823.   [bug]           Wrong macro used to check for point to point interface.

1820.   [bug]           Gracefully handle acl loops. [RT #13659]

1815.   [bug]           nsupdate triggered a REQUIRE if the server was set
                        without also setting the zone and it encountered
                        a CNAME and was using TSIG.  [RT #13086]

1807.   [bug]           When forwarding (forward only) set the active domain
                        from the forward zone name. [RT #13526]

1804.   [bug]           Ensure that if we are queried for glue that it fits
                        in the additional section or TC is set to tell the
                        client to retry using TCP. [RT #10114]


 
Version-Release number of selected component (if applicable):

bind-9.2.4-12(-)

How reproducible:
100%

Steps to Reproduce:
Expect any of the above bugs to be fixed
  
Actual results:
They are not fixed

Additional info:
Running the bind test-suite in RHTS will verify these fixes.

-- Additional comment from jvdias on 2005-11-24 16:14 EST --
These fixes have been backported in the bind-9.2.4-14_EL4 release, with
source code patch 'bind-9.2.4-9-2-6-backport.patch' .

N.B.: fix for ISC bugs: - 1825 and 1847 - should fix RHEL-4 bind bug 173961 .
Comment 1 Jason Vas Dias 2005-11-29 00:02:44 UTC 
fixed with bind-9.2.4-16.EL4
Comment 9 Bob Johnson 2006-04-11 16:01:16 UTC 
This issue is on Red Hat Engineering's list of planned work items 
for the upcoming Red Hat Enterprise Linux 3.8 release.  Engineering 
resources have been assigned and barring unforeseen circumstances, Red 
Hat intends to include this item in the 3.8 release.
Comment 11 Red Hat Bugzilla 2006-07-20 14:58:27 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0287.html