2 files changed, 31 insertions, 0 deletions
diff --git a/recipes-connectivity/bind/bind/CVE-2017-3135.patch b/recipes-connectivity/bind/bind/CVE-2017-3135.patch
new file mode 100644
index 0000000..8cb2340
--- /dev/null
+++ b/recipes-connectivity/bind/bind/CVE-2017-3135.patch
@@ -0,0 +1,30 @@
+From 6106ed6841b253c78c6120be24c8722d6310a9b9 Mon Sep 17 00:00:00 2001
+From: Mark Andrews <marka@isc.org>
+Date: Tue, 31 Jan 2017 11:20:03 +1100
+Subject: [PATCH] add a REQUIRE to catch the NULL pointer dereference that
+ triggered CVE-2017-3135
+CVE: CVE-2017-3135
+Upstream-Status: Backport [backport from remotes/origin/v9_10]
+(cherry picked from commit 1d8995d226d8bca96b8ba286316018be4b7835f2)
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/dns/rdataset.c | 1 +
+ 1 file changed, 1 insertion(+)
+diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c
+index 1870394..79bcecb 100644
+--- a/lib/dns/rdataset.c
+++ b/lib/dns/rdataset.c
+@@ -338,6 +338,7 @@ towiresorted(dns_rdataset_t *rdataset, const dns_name_t *owner_name,
+         */
+ 
+        REQUIRE(DNS_RDATASET_VALID(rdataset));
+       REQUIRE(rdataset->methods != NULL);
+        REQUIRE(countp != NULL);
+        REQUIRE((order == NULL) == (order_arg == NULL));
+        REQUIRE(cctx != NULL && cctx->mctx != NULL);
+-- 
+1.9.1
diff --git a/recipes-connectivity/bind/bind_%.bbappend b/recipes-connectivity/bind/bind_%.bbappend
index 2e8ba00..5730d2f 100644
--- a/recipes-connectivity/bind/bind_%.bbappend
+++ b/recipes-connectivity/bind/bind_%.bbappend
@@ -2,4 +2,5 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
 SRC_URI += "file://CVE-2016-9444.patch \
            file://0001-fix-back-port-issue.patch \
+            file://CVE-2017-3135.patch \
           "

diff --git a/recipes-connectivity/bind/bind/CVE-2017-3135.patch b/recipes-connectivity/bind/bind/CVE-2017-3135.patch new file mode 100644 index 0000000..8cb2340 --- /dev/null +++ b/recipes-connectivity/bind/bind/CVE-2017-3135.patch
@@ -0,0 +1,30 @@
		1	From 6106ed6841b253c78c6120be24c8722d6310a9b9 Mon Sep 17 00:00:00 2001
		2	From: Mark Andrews <marka@isc.org>
		3	Date: Tue, 31 Jan 2017 11:20:03 +1100
		4	Subject: [PATCH] add a REQUIRE to catch the NULL pointer dereference that
		5	triggered CVE-2017-3135
		6
		7	CVE: CVE-2017-3135
		8	Upstream-Status: Backport [backport from remotes/origin/v9_10]
		9
		10	(cherry picked from commit 1d8995d226d8bca96b8ba286316018be4b7835f2)
		11	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
		12	---
		13	lib/dns/rdataset.c \| 1 +
		14	1 file changed, 1 insertion(+)
		15
		16	diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c
		17	index 1870394..79bcecb 100644
		18	--- a/lib/dns/rdataset.c
		19	+++ b/lib/dns/rdataset.c
		20	@@ -338,6 +338,7 @@ towiresorted(dns_rdataset_t rdataset, const dns_name_t owner_name,
		21	*/
		22
		23	REQUIRE(DNS_RDATASET_VALID(rdataset));
		24	+ REQUIRE(rdataset->methods != NULL);
		25	REQUIRE(countp != NULL);
		26	REQUIRE((order == NULL) == (order_arg == NULL));
		27	REQUIRE(cctx != NULL && cctx->mctx != NULL);
		28	--
		29	1.9.1
		30


diff --git a/recipes-connectivity/bind/bind_%.bbappend b/recipes-connectivity/bind/bind_%.bbappend index 2e8ba00..5730d2f 100644 --- a/recipes-connectivity/bind/bind_%.bbappend +++ b/recipes-connectivity/bind/bind_%.bbappend
@@ -2,4 +2,5 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
2		2
3	SRC_URI += "file://CVE-2016-9444.patch \	3	SRC_URI += "file://CVE-2016-9444.patch \
4	file://0001-fix-back-port-issue.patch \	4	file://0001-fix-back-port-issue.patch \
		5	file://CVE-2017-3135.patch \
5	"	6	"