bind: 9.10.3-P3 -> 9.10.5-P3

Upgrade bind from 9.10.3-P3 to 9.10.5-P3 * Update md5sum of LIC_FILES_CHKSUM that it update year in file COPYRIGHT * Remvoe mips1-not-support-opcode.diff which has been merged * Remove CVE patches that there are backported from upstream * Use python3 for build and make sure install .py files to right directory (From OE-Core rev: 9ee6a0a6599d081767b63382a576e67aed12cf4d) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Kai Kang <kai.kang@windriver.com> 2017-07-12 09:25:05 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-07-17 14:01:39 +0100
commit: 39f74e11fda240c39135c5f12ed24cc8f0364c72 (patch)
tree: 8cc55d435d41368d4e1169dd7f868689039be6cf /meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
parent: e6c05f57a5ee2eb74f69b8e9367cfd9b36f023a8 (diff)
download: poky-39f74e11fda240c39135c5f12ed24cc8f0364c72.tar.gz
1 files changed, 0 insertions, 79 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
deleted file mode 100644
index ae5cc48d9c..0000000000
--- a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From a3d327bf1ceaaeabb20223d8de85166e940b9f12 Mon Sep 17 00:00:00 2001
-From: Mukund Sivaraman <muks@isc.org>
-Date: Mon, 22 Feb 2016 12:22:43 +0530
-Subject: [PATCH] Fix resolver assertion failure due to improper DNAME handling
- (CVE-2016-1286) (#41753)
-(cherry picked from commit 5995fec51cc8bb7e53804e4936e60aa1537f3673)
-CVE: CVE-2016-1286
-Upstream-Status: Backport
-[Removed doc/arm/notes.xml changes from upstream patch.]
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
-diff -ruN a/CHANGES b/CHANGES
--- a/CHANGES   2016-04-13 07:28:44.940873629 +0200
-+++ b/CHANGES   2016-04-13 07:38:38.923167851 +0200
-@@ -1,3 +1,7 @@
-+4319.  [security]      Fix resolver assertion failure due to improper
-+                       DNAME handling when parsing fetch reply messages.
-+                       (CVE-2016-1286) [RT #41753]
-+
- 4318.  [security]      Malformed control messages can trigger assertions
-                        in named and rndc. (CVE-2016-1285) [RT #41666]
- 
-diff -ruN a/lib/dns/resolver.c b/lib/dns/resolver.c
--- a/lib/dns/resolver.c        2016-04-13 07:28:43.088953790 +0200
-+++ b/lib/dns/resolver.c        2016-04-13 07:38:20.411968925 +0200
-@@ -6967,21 +6967,26 @@
-                                isc_boolean_t found_dname = ISC_FALSE;
-                                dns_name_t *dname_name;
- 
-+                               /*
-+                                * Only pass DNAME or RRSIG(DNAME).
-+                                */
-+                               if (rdataset->type != dns_rdatatype_dname &&
-+                                   (rdataset->type != dns_rdatatype_rrsig ||
-+                                    rdataset->covers != dns_rdatatype_dname))
-+                                       continue;
-+
-+                               /*
-+                                * If we're not chaining, then the DNAME and
-+                                * its signature should not be external.
-+                                */
-+                               if (!chaining && external) {
-+                                       log_formerr(fctx, "external DNAME");
-+                                       return (DNS_R_FORMERR);
-+                               }
-+
-                                found = ISC_FALSE;
-                                aflag = 0;
-                                if (rdataset->type == dns_rdatatype_dname) {
-                                       /*
-                                        * We're looking for something else,
-                                        * but we found a DNAME.
-                                        *
-                                        * If we're not chaining, then the
-                                        * DNAME should not be external.
-                                        */
-                                       if (!chaining && external) {
-                                               log_formerr(fctx,
-                                                           "external DNAME");
-                                               return (DNS_R_FORMERR);
-                                       }
-                                        found = ISC_TRUE;
-                                        want_chaining = ISC_TRUE;
-                                        POST(want_chaining);
-@@ -7010,9 +7015,7 @@
-                                                        &fctx->domain)) {
-                                                return (DNS_R_SERVFAIL);
-                                        }
-                               } else if (rdataset->type == dns_rdatatype_rrsig
-                                          && rdataset->covers ==
-                                          dns_rdatatype_dname) {
-+                               } else {
-                                        /*
-                                         * We've found a signature that
-                                         * covers the DNAME.
author	Kai Kang <kai.kang@windriver.com>	2017-07-12 09:25:05 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-07-17 14:01:39 +0100
commit	39f74e11fda240c39135c5f12ed24cc8f0364c72 (patch)
tree	8cc55d435d41368d4e1169dd7f868689039be6cf /meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
parent	e6c05f57a5ee2eb74f69b8e9367cfd9b36f023a8 (diff)
download	poky-39f74e11fda240c39135c5f12ed24cc8f0364c72.tar.gz

diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch deleted file mode 100644 index ae5cc48d9c..0000000000 --- a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch +++ /dev/null
@@ -1,79 +0,0 @@
1	From a3d327bf1ceaaeabb20223d8de85166e940b9f12 Mon Sep 17 00:00:00 2001
2	From: Mukund Sivaraman <muks@isc.org>
3	Date: Mon, 22 Feb 2016 12:22:43 +0530
4	Subject: [PATCH] Fix resolver assertion failure due to improper DNAME handling
5	(CVE-2016-1286) (#41753)
6
7	(cherry picked from commit 5995fec51cc8bb7e53804e4936e60aa1537f3673)
8
9	CVE: CVE-2016-1286
10	Upstream-Status: Backport
11
12	[Removed doc/arm/notes.xml changes from upstream patch.]
13
14	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
15	---
16	diff -ruN a/CHANGES b/CHANGES
17	--- a/CHANGES 2016-04-13 07:28:44.940873629 +0200
18	+++ b/CHANGES 2016-04-13 07:38:38.923167851 +0200
19	@@ -1,3 +1,7 @@
20	+4319. [security] Fix resolver assertion failure due to improper
21	+ DNAME handling when parsing fetch reply messages.
22	+ (CVE-2016-1286) [RT #41753]
23	+
24	4318. [security] Malformed control messages can trigger assertions
25	in named and rndc. (CVE-2016-1285) [RT #41666]
26
27	diff -ruN a/lib/dns/resolver.c b/lib/dns/resolver.c
28	--- a/lib/dns/resolver.c 2016-04-13 07:28:43.088953790 +0200
29	+++ b/lib/dns/resolver.c 2016-04-13 07:38:20.411968925 +0200
30	@@ -6967,21 +6967,26 @@
31	isc_boolean_t found_dname = ISC_FALSE;
32	dns_name_t *dname_name;
33
34	+ /*
35	+ * Only pass DNAME or RRSIG(DNAME).
36	+ */
37	+ if (rdataset->type != dns_rdatatype_dname &&
38	+ (rdataset->type != dns_rdatatype_rrsig \|\|
39	+ rdataset->covers != dns_rdatatype_dname))
40	+ continue;
41	+
42	+ /*
43	+ * If we're not chaining, then the DNAME and
44	+ * its signature should not be external.
45	+ */
46	+ if (!chaining && external) {
47	+ log_formerr(fctx, "external DNAME");
48	+ return (DNS_R_FORMERR);
49	+ }
50	+
51	found = ISC_FALSE;
52	aflag = 0;
53	if (rdataset->type == dns_rdatatype_dname) {
54	- /*
55	- * We're looking for something else,
56	- * but we found a DNAME.
57	- *
58	- * If we're not chaining, then the
59	- * DNAME should not be external.
60	- */
61	- if (!chaining && external) {
62	- log_formerr(fctx,
63	- "external DNAME");
64	- return (DNS_R_FORMERR);
65	- }
66	found = ISC_TRUE;
67	want_chaining = ISC_TRUE;
68	POST(want_chaining);
69	@@ -7010,9 +7015,7 @@
70	&fctx->domain)) {
71	return (DNS_R_SERVFAIL);
72	}
73	- } else if (rdataset->type == dns_rdatatype_rrsig
74	- && rdataset->covers ==
75	- dns_rdatatype_dname) {
76	+ } else {
77	/*
78	* We've found a signature that
79	* covers the DNAME.