dhcp/backport-0003-CVE-2024-1737.patch

From b27c6bcce894786a8e082eafd59eccbf6f2731cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Mon, 17 Jun 2024 11:40:40 +0200
Subject: [PATCH] Expand the list of the priority types and move it to db_p.h
 
Add HTTPS, SVCB, SRV, PTR, NAPTR, DNSKEY and TXT records to the list of
the priority types that are put at the beginning of the slabheader list
for faster access and to avoid eviction when there are more types than
the max-types-per-name limit.
 
Conflict:NA
Reference:https://gitlab.isc.org/isc-projects/bind9/-/commit/b27c6bcce894786a8e082eafd59eccbf6f2731cb
 
---
 bind/bind-9.11.36/lib/dns/rbtdb.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 
diff --git a/bind/bind-9.11.36/lib/dns/rbtdb.c b/bind/bind-9.11.36/lib/dns/rbtdb.c
index 0cfef36..0aed13c 100644
--- a/bind/bind-9.11.36/lib/dns/rbtdb.c
+++ b/bind/bind-9.11.36/lib/dns/rbtdb.c
@@ -1171,6 +1171,8 @@ prio_type(rbtdb_rdatatype_t type) {
 	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_soa):
 	case dns_rdatatype_a:
 	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_a):
+	case dns_rdatatype_mx:
+	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_mx):
 	case dns_rdatatype_aaaa:
 	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_aaaa):
 	case dns_rdatatype_nsec:
@@ -1183,6 +1185,18 @@ prio_type(rbtdb_rdatatype_t type) {
 	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_ds):
 	case dns_rdatatype_cname:
 	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_cname):
+	case dns_rdatatype_dname:
+	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_dname):
+	case dns_rdatatype_dnskey:
+	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_dnskey):
+	case dns_rdatatype_srv:
+	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_srv):
+	case dns_rdatatype_txt:
+	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_txt):
+	case dns_rdatatype_ptr:
+	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_ptr):
+	case dns_rdatatype_naptr:
+	case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_naptr):
 		return (true);
 	}
 	return (false);
-- 
2.33.0
[Backport] fix CVE-2024-1975 CVE-2024-1737 CVE:CVE-2024-1975,CVE-2024-1737 Reference: https://downloads.isc.org/isc/bind9/9.18.28/patches/0003-CVE-2024-1975.patch https://gitlab.isc.org/isc-projects/bind9/-/commit/8ef414a7f38a04cfc11df44adaedaf3126fa3878 https://gitlab.isc.org/isc-projects/bind9/-/commit/5360c90612abf51deb4a80b30e1da84fd61212a5 https://gitlab.isc.org/isc-projects/bind9/-/commit/5360c90612abf51deb4a80b30e1da84fd61212a5 https://gitlab.isc.org/isc-projects/bind9/-/commit/b27c6bcce894786a8e082eafd59eccbf6f2731cb https://gitlab.isc.org/isc-projects/bind9/-/commit/57cd34441a1b4ecc9874a4a106c2c95b8d7a3120 Conflict:yes Type: CVE (cherry picked from commit 0fedc4d5ad2af61f78c06695bd1265880f2925f2) 2024-11-11 19:28:06 +08:00			`From b27c6bcce894786a8e082eafd59eccbf6f2731cb Mon Sep 17 00:00:00 2001`
			`From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>`
			`Date: Mon, 17 Jun 2024 11:40:40 +0200`
			`Subject: [PATCH] Expand the list of the priority types and move it to db_p.h`

			`Add HTTPS, SVCB, SRV, PTR, NAPTR, DNSKEY and TXT records to the list of`
			`the priority types that are put at the beginning of the slabheader list`
			`for faster access and to avoid eviction when there are more types than`
			`the max-types-per-name limit.`

			`Conflict:NA`
			`Reference:https://gitlab.isc.org/isc-projects/bind9/-/commit/b27c6bcce894786a8e082eafd59eccbf6f2731cb`

			`---`
			`bind/bind-9.11.36/lib/dns/rbtdb.c \| 14 ++++++++++++++`
			`1 file changed, 14 insertions(+)`

			`diff --git a/bind/bind-9.11.36/lib/dns/rbtdb.c b/bind/bind-9.11.36/lib/dns/rbtdb.c`
			`index 0cfef36..0aed13c 100644`
			`--- a/bind/bind-9.11.36/lib/dns/rbtdb.c`
			`+++ b/bind/bind-9.11.36/lib/dns/rbtdb.c`
			`@@ -1171,6 +1171,8 @@ prio_type(rbtdb_rdatatype_t type) {`
			`case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_soa):`
			`case dns_rdatatype_a:`
			`case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_a):`
			`+ case dns_rdatatype_mx:`
			`+ case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_mx):`
			`case dns_rdatatype_aaaa:`
			`case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_aaaa):`
			`case dns_rdatatype_nsec:`
			`@@ -1183,6 +1185,18 @@ prio_type(rbtdb_rdatatype_t type) {`
			`case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_ds):`
			`case dns_rdatatype_cname:`
			`case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_cname):`
			`+ case dns_rdatatype_dname:`
			`+ case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_dname):`
			`+ case dns_rdatatype_dnskey:`
			`+ case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_dnskey):`
			`+ case dns_rdatatype_srv:`
			`+ case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_srv):`
			`+ case dns_rdatatype_txt:`
			`+ case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_txt):`
			`+ case dns_rdatatype_ptr:`
			`+ case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_ptr):`
			`+ case dns_rdatatype_naptr:`
			`+ case RBTDB_RDATATYPE_VALUE(dns_rdatatype_rrsig, dns_rdatatype_naptr):`
			`return (true);`
			`}`
			`return (false);`
			`--`
			`2.33.0`