Fix an off by one which can result in a assertion failure in BIND

related to large RRSIG RRsets and Negative Caching. This can cause
named to crash.

Security:	FreeBSD-SA-11:02.bind
Security:	CVE-2011-1910
Security:	https://www.isc.org/software/bind/advisories/cve-2011-1910
Obtained from:	ISC
Approved by:	so (simon)

3 files changed, 6 insertions, 2 deletions

diff --git a/UPDATING b/UPDATING
index a92fedb06e7e..6855f89153f9 100644
--- a/UPDATING
+++ b/UPDATING
@@ -8,6 +8,10 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before running
 portupgrade.
 
+20110528:	p2	FreeBSD-SA-11:02.bind
+	Fix BIND remote DoS with large RRSIG RRsets and negative
+	caching.
+
 20110420:	p1	FreeBSD-SA-11:01.mountd
 	Fix CIDR parsing bug in mountd ACLs.
 
diff --git a/contrib/bind9/lib/dns/ncache.c b/contrib/bind9/lib/dns/ncache.c
index 5ee79bfc9ffc..dc6faf69f08e 100644
--- a/contrib/bind9/lib/dns/ncache.c
+++ b/contrib/bind9/lib/dns/ncache.c
@@ -175,7 +175,7 @@ dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node,
 					 */
 					isc_buffer_availableregion(&buffer,
 								   &r);
-					if (r.length < 2)
+					if (r.length < 3)
 						return (ISC_R_NOSPACE);
 					isc_buffer_putuint16(&buffer,
 							     rdataset->type);
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 0a81cea9d58f..59b31a50b3dd 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
 
 TYPE="FreeBSD"
 REVISION="7.4"
-BRANCH="RELEASE-p1"
+BRANCH="RELEASE-p2"
 if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi