Red Hat Bugzilla – Bug 174127
critical upstream bug fixes need backporting
Last modified: 2007-11-30 17:07:21 EST
Description of problem:
These BIND bugs have been fixed by the upstream ISC BIND maintainers,
and the fixes have been reviewed and tested. I have selected this bare
minimum set of bug fixes from the ISC BIND 9.2.6 release, verified that
the code changes fix genuine problems in the Linux BIND source, and have
backported them to the RHEL-4 bind-9.2.4 release .
No new features are added by these bug fixes - they fix known problems in
the BIND source code only.
New test cases have been added to the test suite and all tests pass.
--- ISC BIND 9.2.6 fixes backported to RHEL-4 BIND 9.2.4 ---
1923. [bug] ns_client_detach() called too early. [RT #15499]
1895. [bug] A escaped character is, potentially, converted to
the output character set too early. [RT #14666]
1886. [bug] fctx_create() could return success even though it
failed. [RT #14993]
1883. [bug] dnssec-signzone, dnssec-keygen, dnssec-signkey,
dnssec-makekeyset: handle negative debug levels.
1877. [bug] Fix unreasonably low quantum on call to
dns_rbt_destroy2(). Remove unnecessay unhash_node()
call. [RT #14919]
1875. [bug] process_dhtkey() was using the wrong memory context
to free some memory. [RT #14890]
1871. [bug] dnssec_makekeyset and dnssec-signkey failed to
initalize the hash context. [RT #13771]
1854. [bug] lwres also needs to know the print format for
(long long). [RT #13754]
1850. [bug] Memory leak in lwres_getipnodebyaddr(). [RT #14591]
1847. [bug] isc_ondestroy_init() is called too late in
1844. [bug] inet_pton() accepted more that 4 hexadecimal digits
for each 16 bit piece of the IPv6 address. The text
representation of a IPv6 address has been tighted
to disallow this (draft-ietf-ipv6-addr-arch-v4-02.txt).
1835. [bug] Update dnssec-signzone's usage message. [RT #13657]
1833. [bug] Race condition in isc_mutex_lock_profile(). [RT #13660]
1832. [bug] named fails to return BADKEY on unknown TSIG algorithm.
[RT #13620] (tsig.c)
1830. [bug] adb lame cache has sence of test reversed. [RT #13600]
1828. [bug] isc_rwlock_init() failed to properly cleanup if it
encountered a error. [RT #13549]
1826. [bug] Missing DESTROYLOCK() in isc_mem_createx() on out
of memory error. [RT #13537]
1825. [bug] Missing UNLOCK() on out of memory error from in
rbtdb.c:subtractrdataset(). [RT #13519]
1824. [bug] Memory leak on dns_zone_setdbtype() failure.
1823. [bug] Wrong macro used to check for point to point interface.
1820. [bug] Gracefully handle acl loops. [RT #13659]
1815. [bug] nsupdate triggered a REQUIRE if the server was set
without also setting the zone and it encountered
a CNAME and was using TSIG. [RT #13086]
1807. [bug] When forwarding (forward only) set the active domain
from the forward zone name. [RT #13526]
1804. [bug] Ensure that if we are queried for glue that it fits
in the additional section or TC is set to tell the
client to retry using TCP. [RT #10114]
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Expect any of the above bugs to be fixed
They are not fixed
Running the bind test-suite in RHTS will verify these fixes.
These fixes have been backported in the bind-9.2.4-14_EL4 release, with
source code patch 'bind-9.2.4-9-2-6-backport.patch' .
N.B.: fix for ISC bugs: - 1825 and 1847 - should fix RHEL-4 bind bug 173961 .
Adding to U3 proposed list. Jason, the backport patch doesn't include the test
suite changes which might verify that these bugs are fixed. Is that the intent?
(In reply to comment #2)
> Jason, the backport patch doesn't include the test
> suite changes which might verify that these bugs are fixed.
> Is that the intent?
Yes, the test suite will test all BIND operations affected by the patches.
This issue is on Red Hat Engineering's list of planned work items
for the upcoming Red Hat Enterprise Linux 3.8 release. Engineering
resources have been assigned and barring unforeseen circumstances, Red
Hat intends to include this item in the 3.8 release.
Status should not be "NEEDINFO_ENG" - changes were submitted, packages built,
errata raised - changing status to "MODIFIED".
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.