summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--recipes-connectivity/bind/bind/CVE-2017-3135.patch30
-rw-r--r--recipes-connectivity/bind/bind_%.bbappend1
2 files changed, 31 insertions, 0 deletions
diff --git a/recipes-connectivity/bind/bind/CVE-2017-3135.patch b/recipes-connectivity/bind/bind/CVE-2017-3135.patch
new file mode 100644
index 0000000..8cb2340
--- /dev/null
+++ b/recipes-connectivity/bind/bind/CVE-2017-3135.patch
@@ -0,0 +1,30 @@
1From 6106ed6841b253c78c6120be24c8722d6310a9b9 Mon Sep 17 00:00:00 2001
2From: Mark Andrews <marka@isc.org>
3Date: Tue, 31 Jan 2017 11:20:03 +1100
4Subject: [PATCH] add a REQUIRE to catch the NULL pointer dereference that
5 triggered CVE-2017-3135
6
7CVE: CVE-2017-3135
8Upstream-Status: Backport [backport from remotes/origin/v9_10]
9
10(cherry picked from commit 1d8995d226d8bca96b8ba286316018be4b7835f2)
11Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
12---
13 lib/dns/rdataset.c | 1 +
14 1 file changed, 1 insertion(+)
15
16diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c
17index 1870394..79bcecb 100644
18--- a/lib/dns/rdataset.c
19+++ b/lib/dns/rdataset.c
20@@ -338,6 +338,7 @@ towiresorted(dns_rdataset_t *rdataset, const dns_name_t *owner_name,
21 */
22
23 REQUIRE(DNS_RDATASET_VALID(rdataset));
24+ REQUIRE(rdataset->methods != NULL);
25 REQUIRE(countp != NULL);
26 REQUIRE((order == NULL) == (order_arg == NULL));
27 REQUIRE(cctx != NULL && cctx->mctx != NULL);
28--
291.9.1
30
diff --git a/recipes-connectivity/bind/bind_%.bbappend b/recipes-connectivity/bind/bind_%.bbappend
index 2e8ba00..5730d2f 100644
--- a/recipes-connectivity/bind/bind_%.bbappend
+++ b/recipes-connectivity/bind/bind_%.bbappend
@@ -2,4 +2,5 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
2 2
3SRC_URI += "file://CVE-2016-9444.patch \ 3SRC_URI += "file://CVE-2016-9444.patch \
4 file://0001-fix-back-port-issue.patch \ 4 file://0001-fix-back-port-issue.patch \
5 file://CVE-2017-3135.patch \
5 " 6 "