summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSven Wegener <swegener@gentoo.org>2017-11-27 17:32:22 +0000
committerSven Wegener <swegener@gentoo.org>2017-11-27 17:36:52 +0000
commita51a7518f3cf54a0c50b6aca22459b761d6525f7 (patch)
treefeef9fc009d232d6ea9fee1b35b18f0a6cc41d80 /net-dns/pdns/files
parentwww-apps/icingaweb2: 2.5.0 bup (diff)
downloadgentoo-a51a7518f3cf54a0c50b6aca22459b761d6525f7.tar.gz
gentoo-a51a7518f3cf54a0c50b6aca22459b761d6525f7.tar.bz2
gentoo-a51a7518f3cf54a0c50b6aca22459b761d6525f7.zip
net-dns/pdns: Revision bump, security bug #638566
Package-Manager: Portage-2.3.14, Repoman-2.3.6 Signed-off-by: Sven Wegener <swegener@gentoo.org>
Diffstat (limited to 'net-dns/pdns/files')
-rw-r--r--net-dns/pdns/files/CVE-2017-15091-4.0.4.patch30
1 files changed, 30 insertions, 0 deletions
diff --git a/net-dns/pdns/files/CVE-2017-15091-4.0.4.patch b/net-dns/pdns/files/CVE-2017-15091-4.0.4.patch
new file mode 100644
index 000000000000..a9506af8ef95
--- /dev/null
+++ b/net-dns/pdns/files/CVE-2017-15091-4.0.4.patch
@@ -0,0 +1,30 @@
+diff -ru pdns-4.0.4.orig/pdns/ws-auth.cc pdns-4.0.4/pdns/ws-auth.cc
+--- pdns-4.0.4.orig/pdns/ws-auth.cc 2017-06-22 22:07:25.000000000 +0200
++++ pdns-4.0.4/pdns/ws-auth.cc 2017-11-02 18:07:20.986764858 +0100
+@@ -860,7 +860,7 @@
+ static void apiServerZoneAxfrRetrieve(HttpRequest* req, HttpResponse* resp) {
+ DNSName zonename = apiZoneIdToName(req->parameters["id"]);
+
+- if(req->method != "PUT")
++ if(req->method != "PUT" || ::arg().mustDo("api-readonly"))
+ throw HttpMethodNotAllowedException();
+
+ UeberBackend B;
+@@ -879,7 +879,7 @@
+ static void apiServerZoneNotify(HttpRequest* req, HttpResponse* resp) {
+ DNSName zonename = apiZoneIdToName(req->parameters["id"]);
+
+- if(req->method != "PUT")
++ if(req->method != "PUT" || ::arg().mustDo("api-readonly"))
+ throw HttpMethodNotAllowedException();
+
+ UeberBackend B;
+@@ -1191,7 +1191,7 @@
+ }
+
+ void apiServerCacheFlush(HttpRequest* req, HttpResponse* resp) {
+- if(req->method != "PUT")
++ if(req->method != "PUT" || ::arg().mustDo("api-readonly"))
+ throw HttpMethodNotAllowedException();
+
+ DNSName canon = apiNameToDNSName(req->getvars["domain"]);