Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 174129 - critical upstream bug fixes need backporting
Summary: critical upstream bug fixes need backporting
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: bind
Version: 3.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Jason Vas Dias
QA Contact: Ben Levenson
Depends On: 174127
Blocks: RHEL3U8CanFix
TreeView+ depends on / blocked
Reported: 2005-11-24 21:38 UTC by Jason Vas Dias
Modified: 2007-11-30 22:07 UTC (History)
0 users

Fixed In Version: RHBA-2006-0287
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2006-07-20 14:58:27 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2006:0287 normal SHIPPED_LIVE bind bug fix update 2006-07-19 19:07:00 UTC

Description Jason Vas Dias 2005-11-24 21:38:06 UTC
+++ This bug was initially created as a clone of Bug #174127 +++

Description of problem:

These BIND bugs have been fixed by the upstream ISC BIND maintainers,
and the fixes have been reviewed and tested. I have selected this bare
minimum set of bug fixes from the ISC BIND 9.2.6 release, verified that
the code changes fix genuine problems in the Linux BIND source, and have
backported them to the RHEL-4 bind-9.2.4 release . 

No new features are added by these bug fixes - they fix known problems in
the BIND source code only.

New test cases have been added to the test suite and all tests pass.

        --- ISC BIND 9.2.6 fixes backported to RHEL-4 BIND 9.2.4 ---

1923.   [bug]           ns_client_detach() called too early. [RT #15499]

1895.   [bug]           A escaped character is, potentially, converted to
                        the output character set too early. [RT #14666]

1886.   [bug]           fctx_create() could return success even though it
                        failed. [RT #14993]

1883.   [bug]           dnssec-signzone, dnssec-keygen, dnssec-signkey,
                        dnssec-makekeyset: handle negative debug levels.
                        [RT #14962]

1877.   [bug]           Fix unreasonably low quantum on call to
                        dns_rbt_destroy2().  Remove unnecessay unhash_node()
                        call. [RT #14919]

1875.   [bug]           process_dhtkey() was using the wrong memory context
                        to free some memory. [RT #14890]

1871.   [bug]           dnssec_makekeyset and dnssec-signkey failed to
                        initalize the hash context. [RT #13771]

1854.   [bug]           lwres also needs to know the print format for
                        (long long).  [RT #13754]

1850.   [bug]           Memory leak in lwres_getipnodebyaddr(). [RT #14591]

1847.   [bug]           isc_ondestroy_init() is called too late in
                        [RT #13661]

1844.   [bug]           inet_pton() accepted more that 4 hexadecimal digits
                        for each 16 bit piece of the IPv6 address.  The text
                        representation of a IPv6 address has been tighted
                        to disallow this (draft-ietf-ipv6-addr-arch-v4-02.txt).
                        [RT #5662]

1835.   [bug]           Update dnssec-signzone's usage message. [RT #13657]

1833.   [bug]           Race condition in isc_mutex_lock_profile(). [RT #13660]

1832.   [bug]           named fails to return BADKEY on unknown TSIG algorithm.
                        [RT #13620] (tsig.c)

1830.   [bug]           adb lame cache has sence of test reversed. [RT #13600]

1828.   [bug]           isc_rwlock_init() failed to properly cleanup if it
                        encountered a error. [RT #13549]

1826.   [bug]           Missing DESTROYLOCK() in isc_mem_createx() on out
                        of memory error. [RT #13537]

1825.   [bug]           Missing UNLOCK() on out of memory error from in
                        rbtdb.c:subtractrdataset(). [RT #13519]

1824.   [bug]           Memory leak on dns_zone_setdbtype() failure.
                        [RT #13510]

1823.   [bug]           Wrong macro used to check for point to point interface.

1820.   [bug]           Gracefully handle acl loops. [RT #13659]

1815.   [bug]           nsupdate triggered a REQUIRE if the server was set
                        without also setting the zone and it encountered
                        a CNAME and was using TSIG.  [RT #13086]

1807.   [bug]           When forwarding (forward only) set the active domain
                        from the forward zone name. [RT #13526]

1804.   [bug]           Ensure that if we are queried for glue that it fits
                        in the additional section or TC is set to tell the
                        client to retry using TCP. [RT #10114]

Version-Release number of selected component (if applicable):


How reproducible:

Steps to Reproduce:
Expect any of the above bugs to be fixed
Actual results:
They are not fixed

Additional info:
Running the bind test-suite in RHTS will verify these fixes.

-- Additional comment from on 2005-11-24 16:14 EST --
These fixes have been backported in the bind-9.2.4-14_EL4 release, with
source code patch 'bind-9.2.4-9-2-6-backport.patch' .

N.B.: fix for ISC bugs: - 1825 and 1847 - should fix RHEL-4 bind bug 173961 .

Comment 1 Jason Vas Dias 2005-11-29 00:02:44 UTC
fixed with bind-9.2.4-16.EL4

Comment 9 Bob Johnson 2006-04-11 16:01:16 UTC
This issue is on Red Hat Engineering's list of planned work items 
for the upcoming Red Hat Enterprise Linux 3.8 release.  Engineering 
resources have been assigned and barring unforeseen circumstances, Red 
Hat intends to include this item in the 3.8 release.

Comment 11 Red Hat Bugzilla 2006-07-20 14:58:27 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

Note You need to log in before you can comment on or make changes to this bug.