CVE-2017-15091
This commit is contained in:
parent
cef7f55849
commit
7f366c2f25
|
@ -0,0 +1,30 @@
|
|||
diff -ru pdns-3.4.11.orig/pdns/ws-auth.cc pdns-3.4.11/pdns/ws-auth.cc
|
||||
--- pdns-3.4.11.orig/pdns/ws-auth.cc 2017-01-13 09:13:16.000000000 +0100
|
||||
+++ pdns-3.4.11/pdns/ws-auth.cc 2017-11-02 18:03:50.635753956 +0100
|
||||
@@ -895,7 +895,7 @@
|
||||
static void apiServerZoneAxfrRetrieve(HttpRequest* req, HttpResponse* resp) {
|
||||
string zonename = apiZoneIdToName(req->parameters["id"]);
|
||||
|
||||
- if(req->method != "PUT")
|
||||
+ if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
|
||||
throw HttpMethodNotAllowedException();
|
||||
|
||||
UeberBackend B;
|
||||
@@ -914,7 +914,7 @@
|
||||
static void apiServerZoneNotify(HttpRequest* req, HttpResponse* resp) {
|
||||
string zonename = apiZoneIdToName(req->parameters["id"]);
|
||||
|
||||
- if(req->method != "PUT")
|
||||
+ if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
|
||||
throw HttpMethodNotAllowedException();
|
||||
|
||||
UeberBackend B;
|
||||
@@ -1195,7 +1195,7 @@
|
||||
}
|
||||
|
||||
void apiServerFlushCache(HttpRequest* req, HttpResponse* resp) {
|
||||
- if(req->method != "PUT")
|
||||
+ if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
|
||||
throw HttpMethodNotAllowedException();
|
||||
|
||||
extern PacketCache PC;
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
Name: pdns
|
||||
Version: 3.4.11
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Summary: A modern, advanced and high performance authoritative-only nameserver
|
||||
Group: System Environment/Daemons
|
||||
License: GPLv2
|
||||
|
@ -12,6 +12,7 @@ Source0: http://downloads.powerdns.com/releases/%{name}-%{version}.tar.bz2
|
|||
Patch0: pdns-default-config.patch
|
||||
Patch1: pdns-systemd.patch
|
||||
Patch2: pdns-disable-secpoll.patch
|
||||
Patch3: CVE-2017-15091-3.4.11.patch
|
||||
|
||||
Requires(pre): shadow-utils
|
||||
Requires(post): systemd-sysv
|
||||
|
@ -174,6 +175,7 @@ This package contains the LMDB backend for %{name}
|
|||
%patch0 -p1 -b .default-config-patch
|
||||
%patch1 -p1 -b .systemd-patch
|
||||
%patch2 -p1 -b .disable-secpoll
|
||||
%patch3 -p1 -b .CVE-2017-15091
|
||||
|
||||
%build
|
||||
export CPPFLAGS="-DLDAP_DEPRECATED"
|
||||
|
@ -323,6 +325,9 @@ exit 0
|
|||
%{_libdir}/%{name}/liblmdbbackend.so
|
||||
|
||||
%changelog
|
||||
* Thu Feb 01 2018 Morten Stevens <mstevens@fedoraproject.org> - 3.4.11-4
|
||||
- CVE-2017-15091
|
||||
|
||||
* Mon Jan 29 2018 Richard Shaw <hobbes1069@gmail.com> - 3.4.11-3
|
||||
- Rebuild for reverting yaml-cpp back to 0.5.1.
|
||||
|
||||
|
|
Loading…
Reference in New Issue