summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSona Sarmadi <sona.sarmadi@enea.com>2016-04-07 10:24:20 (GMT)
committerSona Sarmadi <sona.sarmadi@enea.com>2016-04-08 10:32:27 (GMT)
commit4ddc912615a690b7f612517ac5a5b345c9f89f8e (patch)
tree9059fefff6310ee2215e4e50881190f7f9f7c365
parenta64d5f593079ac42c7c378faf7c090fae609e15c (diff)
downloadpoky-4ddc912615a690b7f612517ac5a5b345c9f89f8e.tar.gz
bind: CVE-2015-8461
Fixes a race condition when handling socket errors can lead to an assertion failure in resolver.c Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461 Patch is backported from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/patch /?id=12cdd6d2b3a6d351ea09799be38e6ddd4c041c17 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
-rw-r--r--meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch45
-rw-r--r--meta/recipes-connectivity/bind/bind_9.9.5.bb3
2 files changed, 47 insertions, 1 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch b/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
new file mode 100644
index 0000000..32eeeb1
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
@@ -0,0 +1,45 @@
1From adbf81335b67be0cebdcf9f1f4fcb38ef4814f4d Mon Sep 17 00:00:00 2001
2From: Mark Andrews <marka@isc.org>
3Date: Thu, 25 Jun 2015 18:36:27 +1000
4Subject: [PATCH] 4146. [bug] Address reference leak that could
5 prevent a clean shutdown. [RT #37125]
6
7Upstream-Status: Backport
8
9https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=adbf81335b67be0cebdcf9f1f4fcb38ef4814f4d
10
11CVE: CVE-2015-8461
12Signed-off-by: Armin Kuster <akuster@mvista.com>
13---
14 CHANGES | 3 +++
15 lib/dns/resolver.c | 5 +++++
16 2 files changed, 8 insertions(+)
17
18Index: bind-9.9.5/lib/dns/resolver.c
19===================================================================
20--- bind-9.9.5.orig/lib/dns/resolver.c
21+++ bind-9.9.5/lib/dns/resolver.c
22@@ -1570,6 +1570,11 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr
23 if (query->dispatch != NULL)
24 dns_dispatch_detach(&query->dispatch);
25
26+ LOCK(&res->buckets[fctx->bucketnum].lock);
27+ INSIST(fctx->references > 1);
28+ fctx->references--;
29+ UNLOCK(&res->buckets[fctx->bucketnum].lock);
30+
31 cleanup_query:
32 if (query->connects == 0) {
33 query->magic = 0;
34Index: bind-9.9.5/CHANGES
35===================================================================
36--- bind-9.9.5.orig/CHANGES
37+++ bind-9.9.5/CHANGES
38@@ -1,4 +1,7 @@
39 --- 9.9.6-P2 released ---
40+4146. [bug] Address reference leak that could prevent a clean
41+ shutdown. [RT #37125]
42+
43
44 4053. [security] Revoking a managed trust anchor and supplying
45 an untrusted replacement could cause named
diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb
index 53954c4..68f5367 100644
--- a/meta/recipes-connectivity/bind/bind_9.9.5.bb
+++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb
@@ -20,7 +20,8 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
20 file://CVE-2015-5722.patch \ 20 file://CVE-2015-5722.patch \
21 file://CVE-2015-8000.patch \ 21 file://CVE-2015-8000.patch \
22 file://CVE-2015-8704.patch \ 22 file://CVE-2015-8704.patch \
23 " 23 file://CVE-2015-8461.patch \
24 "
24 25
25SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e" 26SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e"
26SRC_URI[sha256sum] = "d4b64c1dde442145a316679acff2df4008aa117ae52dfa3a6bc69efecc7840d1" 27SRC_URI[sha256sum] = "d4b64c1dde442145a316679acff2df4008aa117ae52dfa3a6bc69efecc7840d1"