bind: fix CVE-2020-8625

BIND Operational Notification: Zone journal (.jnl) file incompatibility Upstream-Status: Backporting [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch] CVE: CVE-2020-8625 (From OE-Core rev: dcce323a1b651a875da8e51f02f015de442d7d49) Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Minjae Kim <flowergom@gmail.com> 2021-03-02 07:50:12 +0900
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-03-10 00:22:50 +0000
commit: 41057791a7af219de7aab9c99effa2283e2ba1c0 (patch)
tree: 52f5bac5724aca1e90a1548e89864c1a82465440 /meta/recipes-connectivity/bind/bind
parent: e9a38cd0d870df91bdaeac03a6b570fb2095997d (diff)
download: poky-41057791a7af219de7aab9c99effa2283e2ba1c0.tar.gz
1 files changed, 17 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch b/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch
new file mode 100644
index 0000000000..9078f2448e
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch
@@ -0,0 +1,17 @@
+Upstream-Status: Backporting [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch]
+CVE: CVE-2020-8625
+Signed-off-by: Minjae Kim <flowergom@gmail.com>
+diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
+index e61d1c600f2..753dc8049fa 100644
+--- a/lib/dns/spnego.c
+++ b/lib/dns/spnego.c
+@@ -848,7 +848,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
+                return (ASN1_OVERRUN);
+        }
+ 
+-       data->components = malloc(len * sizeof(*data->components));
+       data->components = malloc((len + 1) * sizeof(*data->components));
+        if (data->components == NULL) {
+                return (ENOMEM);
+        }
author	Minjae Kim <flowergom@gmail.com>	2021-03-02 07:50:12 +0900
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-03-10 00:22:50 +0000
commit	41057791a7af219de7aab9c99effa2283e2ba1c0 (patch)
tree	52f5bac5724aca1e90a1548e89864c1a82465440 /meta/recipes-connectivity/bind/bind
parent	e9a38cd0d870df91bdaeac03a6b570fb2095997d (diff)
download	poky-41057791a7af219de7aab9c99effa2283e2ba1c0.tar.gz

diff --git a/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch b/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch new file mode 100644 index 0000000000..9078f2448e --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch
@@ -0,0 +1,17 @@
	1	Upstream-Status: Backporting [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch]
	2	CVE: CVE-2020-8625
	3	Signed-off-by: Minjae Kim <flowergom@gmail.com>
	4
	5	diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
	6	index e61d1c600f2..753dc8049fa 100644
	7	--- a/lib/dns/spnego.c
	8	+++ b/lib/dns/spnego.c
	9	@@ -848,7 +848,7 @@ der_get_oid(const unsigned char p, size_t len, oid data, size_t *size) {
	10	return (ASN1_OVERRUN);
	11	}
	12
	13	- data->components = malloc(len * sizeof(*data->components));
	14	+ data->components = malloc((len + 1) * sizeof(*data->components));
	15	if (data->components == NULL) {
	16	return (ENOMEM);
	17	}