File CVE-2017-15090-4.0.6.patch of Package pdns-recursor.7583

diff -ru pdns-recursor-4.0.6.orig/validate-recursor.cc pdns-recursor-4.0.6/validate-recursor.cc
--- pdns-recursor-4.0.6.orig/validate-recursor.cc	2017-07-04 17:43:07.000000000 +0200
+++ pdns-recursor-4.0.6/validate-recursor.cc	2017-11-02 18:29:16.612520450 +0100
@@ -87,6 +87,11 @@
     bool first = true;
     for(const auto& csp : cspmap) {
       for(const auto& sig : csp.second.signatures) {
+
+        if (!csp.first.first.isPartOf(sig->d_signer)) {
+          return increaseDNSSECStateCounter(Bogus);
+        }
+
         vState newState = getKeysFor(sro, sig->d_signer, keys); // XXX check validity here
 
         if (newState == Bogus) // No hope