|
[-]
[+]
|
Changed |
pdns.changes
|
|
|
|
[-]
[+]
|
Changed |
pdns.spec
^
|
|
|
|
[-]
[+]
|
Added |
CVE-2017-15091-3.4.11.patch
^
|
| @@ -0,0 +1,30 @@
+diff -ru pdns-3.4.11.orig/pdns/ws-auth.cc pdns-3.4.11/pdns/ws-auth.cc
+--- pdns-3.4.11.orig/pdns/ws-auth.cc 2017-01-13 09:13:16.000000000 +0100
++++ pdns-3.4.11/pdns/ws-auth.cc 2017-11-02 18:03:50.635753956 +0100
+@@ -895,7 +895,7 @@
+ static void apiServerZoneAxfrRetrieve(HttpRequest* req, HttpResponse* resp) {
+ string zonename = apiZoneIdToName(req->parameters["id"]);
+
+- if(req->method != "PUT")
++ if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
+ throw HttpMethodNotAllowedException();
+
+ UeberBackend B;
+@@ -914,7 +914,7 @@
+ static void apiServerZoneNotify(HttpRequest* req, HttpResponse* resp) {
+ string zonename = apiZoneIdToName(req->parameters["id"]);
+
+- if(req->method != "PUT")
++ if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
+ throw HttpMethodNotAllowedException();
+
+ UeberBackend B;
+@@ -1195,7 +1195,7 @@
+ }
+
+ void apiServerFlushCache(HttpRequest* req, HttpResponse* resp) {
+- if(req->method != "PUT")
++ if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
+ throw HttpMethodNotAllowedException();
+
+ extern PacketCache PC;
|
