From 17041914b25e30297474b5932a6a3fb1632f958f Mon Sep 17 00:00:00 2001
From: PeilinHe <he.peilin@zte.com.cn>
Date: Tue, 10 Sep 2024 06:25:39 +0000
Subject: [PATCH] fix CVE-2024-4076

---
 0001-fix-CVE-2024-4076.patch | 55 ++++++++++++++++++++++++++++++++++++
 bind.spec                    |  6 +++-
 2 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 0001-fix-CVE-2024-4076.patch

diff --git a/0001-fix-CVE-2024-4076.patch b/0001-fix-CVE-2024-4076.patch
new file mode 100644
index 0000000..ec90443
--- /dev/null
+++ b/0001-fix-CVE-2024-4076.patch
@@ -0,0 +1,55 @@
+From 719070491c15fb9879b384d0a725fb0a76686894 Mon Sep 17 00:00:00 2001
+From: PeilinHe <he.peilin@zte.com.cn>
+Date: Wed, 4 Sep 2024 09:43:38 +0000
+Subject: [PATCH] fix CVE-2024-4076
+
+---
+ CHANGES                     | 3 +++
+ doc/notes/notes-9.18.27.rst | 6 ++++++
+ lib/ns/query.c              | 1 +
+ 3 files changed, 10 insertions(+)
+
+diff --git a/CHANGES b/CHANGES
+index 598feff..2149495 100644
+--- a/CHANGES
++++ b/CHANGES
+@@ -1,4 +1,7 @@
+ 	--- 9.18.27 released ---
++6375.	[security]	qctx-zversion was not being cleared when it should have
++			been leading to an assertion failure if it needed to be
++			reused. (CVE-2024-4076) [GL #4507]
+ 
+ 6374.	[bug]		Skip to next RRSIG if signature has expired or is in
+ 			the future rather than failing immediately. [GL #4586]
+diff --git a/doc/notes/notes-9.18.27.rst b/doc/notes/notes-9.18.27.rst
+index ff8c6cc..137c9b3 100644
+--- a/doc/notes/notes-9.18.27.rst
++++ b/doc/notes/notes-9.18.27.rst
+@@ -12,6 +12,12 @@
+ Notes for BIND 9.18.27
+ ----------------------
+ 
++Security Fixes
++~~~~~~~~~~~~~~
++- Due to a logic error, lookups that trigger serving stale data and require
++    lookups in local authoritative zone data may result in an assertion failure.
++      This has been fixed. :cve:`2024-4076` :gl:`#4507`
++
+ New Features
+ ~~~~~~~~~~~~
+ 
+diff --git a/lib/ns/query.c b/lib/ns/query.c
+index 537d332..be4cbb6 100644
+--- a/lib/ns/query.c
++++ b/lib/ns/query.c
+@@ -5325,6 +5325,7 @@ qctx_freedata(query_ctx_t *qctx) {
+ 		ns_client_releasename(qctx->client, &qctx->zfname);
+ 		dns_db_detachnode(qctx->zdb, &qctx->znode);
+ 		dns_db_detach(&qctx->zdb);
++		qctx->zversion = NULL;
+ 	}
+ 
+ 	if (qctx->event != NULL && !qctx->client->nodetach) {
+-- 
+2.25.1
+
diff --git a/bind.spec b/bind.spec
index 10a39d7..d6f8354 100644
--- a/bind.spec
+++ b/bind.spec
@@ -1,4 +1,4 @@
-%define anolis_release 1
+%define anolis_release 2
 
 %bcond_with    SYSTEMTEST
 %bcond_without GSSTSIG
@@ -63,6 +63,7 @@ Source48: setup-named-softhsm.sh
 Source49: named-chroot.files
 
 # Common patches
+Patch0: 0001-fix-CVE-2024-4076.patch
 
 %{?systemd_ordering}
 Requires:       coreutils
@@ -868,6 +869,9 @@ fi;
 %endif
 
 %changelog
+* Thu Sep 04 2024 Peilin He <he.peilin@zte.com.cn> - 32:9.18.27-2
+- fix CVE-2024-4076
+
 * Fri Aug 02 2024 Kaiqiang Wang <wangkaiqiang@inspur.com> - 32:9.18.27-1
 - update to 9.18.27
 - fix CVE-2024-1975
-- 
Gitee