From 008465586b75180c7c0ae705fd5c023a0141dfac Mon Sep 17 00:00:00 2001
From: renmingshuai <renmingshuai@huawei.com>
Date: Wed, 28 Sep 2022 17:20:42 +0800
Subject: [PATCH] fix CVE

Signed-off-by: renmingshuai <renmingshuai@huawei.com>
---
 CVE-2022-38177.patch | 25 +++++++++++++++++++++++++
 CVE-2022-38178.patch | 31 +++++++++++++++++++++++++++++++
 bind.spec            |  6 +++++-
 3 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2022-38177.patch
 create mode 100644 CVE-2022-38178.patch

diff --git a/CVE-2022-38177.patch b/CVE-2022-38177.patch
new file mode 100644
index 0000000..dc8cb41
--- /dev/null
+++ b/CVE-2022-38177.patch
@@ -0,0 +1,25 @@
+From 5b2282afff760b1ed3471f6666bdfe8e1d34e590 Mon Sep 17 00:00:00 2001
+From: Mark Andrews <marka@isc.org>
+Date: Thu, 11 Aug 2022 15:15:34 +1000
+Subject: [PATCH] Free eckey on siglen mismatch
+
+---
+ lib/dns/opensslecdsa_link.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c
+index 1f16ca70738..5ee4342b387 100644
+--- a/lib/dns/opensslecdsa_link.c
++++ b/lib/dns/opensslecdsa_link.c
+@@ -230,7 +230,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
+ 	}
+ 
+ 	if (sig->length != siglen) {
+-		return (DST_R_VERIFYFAILURE);
++		DST_RET(DST_R_VERIFYFAILURE);
+ 	}
+ 
+ 	if (!EVP_DigestFinal_ex(evp_md_ctx, digest, &dgstlen)) {
+-- 
+GitLab
+
diff --git a/CVE-2022-38178.patch b/CVE-2022-38178.patch
new file mode 100644
index 0000000..a0ab793
--- /dev/null
+++ b/CVE-2022-38178.patch
@@ -0,0 +1,31 @@
+From 1af23378ebb11da2eb0f412e4563d6c4165fbd3d Mon Sep 17 00:00:00 2001
+From: Mark Andrews <marka@isc.org>
+Date: Thu, 11 Aug 2022 15:28:13 +1000
+Subject: [PATCH] Free ctx on invalid siglen
+
+(cherry picked from commit 6ddb480a84836641a0711768a94122972c166825)
+---
+ lib/dns/openssleddsa_link.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c
+index b5ab3b3d8a2..12fdf650eb6 100644
+--- a/lib/dns/openssleddsa_link.c
++++ b/lib/dns/openssleddsa_link.c
+@@ -236,11 +236,11 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
+ 	}
+ #endif /* if HAVE_OPENSSL_ED448 */
+ 	if (siglen == 0) {
+-		return (ISC_R_NOTIMPLEMENTED);
++		DST_RET(ISC_R_NOTIMPLEMENTED);
+ 	}
+ 
+ 	if (sig->length != siglen) {
+-		return (DST_R_VERIFYFAILURE);
++		DST_RET(DST_R_VERIFYFAILURE);
+ 	}
+ 
+ 	isc_buffer_usedregion(buf, &tbsreg);
+-- 
+GitLab
+
diff --git a/bind.spec b/bind.spec
index 071563d..2248e3d 100644
--- a/bind.spec
+++ b/bind.spec
@@ -30,7 +30,7 @@ Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
 Name:     bind
 License:  MPLv2.0
 Version:  9.16.23
-Release:  9
+Release:  10
 Epoch:    32
 Url:      https://www.isc.org/downloads/bind/
 #
@@ -81,6 +81,8 @@ Patch164:bind-9.11-rh1666814.patch
 
 Patch6000: CVE-2022-0396.patch
 Patch6001: CVE-2021-25220.patch
+Patch6002: CVE-2022-38177.patch
+Patch6003: CVE-2022-38178.patch
 Patch9000: bugfix-limit-numbers-of-test-threads.patch
 
 %{?systemd_ordering}
@@ -379,6 +381,8 @@ in HTML and PDF format.
 
 %patch6000 -p1
 %patch6001 -p1
+%patch6002 -p1
+%patch6003 -p1
 %patch9000 -p1
 
 %if %{with PKCS11}
-- 
Gitee