diff options
author | Derek Straka <derek@asterius.io> | 2016-01-25 14:15:28 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-01-30 12:13:09 +0000 |
commit | 049b7db30c51c25006f914cdb502982d733e0bb1 (patch) | |
tree | 6bbb50cf69ebcdbcf2185a2594d5c36ab0fa9117 /meta/recipes-connectivity/bind/bind_9.10.2-P4.bb | |
parent | d632a923dcd4646de827d1d2725d6699730f7feb (diff) | |
download | poky-049b7db30c51c25006f914cdb502982d733e0bb1.tar.gz |
bind: CVE-2015-8704 and CVE-2015-8705
CVE-2015-8704:
Allows remote authenticated users to cause a denial of service via a malformed Address Prefix List record
CVE-2015-8705:
When debug logging is enabled, allows remote attackers to cause a denial of service or have possibly unspecified impact via OPT data or ECS option
[YOCTO 8966]
References:
https://kb.isc.org/article/AA-01346/0/BIND-9.10.3-P3-Release-Notes.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705
(From OE-Core rev: 78ceabeb2df55194f16324d21ba97e81121f996b)
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/bind/bind_9.10.2-P4.bb')
-rw-r--r-- | meta/recipes-connectivity/bind/bind_9.10.2-P4.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb b/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb index 1e1e7262fe..c9a7acd65d 100644 --- a/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb +++ b/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb | |||
@@ -21,6 +21,8 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ | |||
21 | file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ | 21 | file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ |
22 | file://0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch \ | 22 | file://0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch \ |
23 | file://0001-lib-dns-gen.c-fix-too-long-error.patch \ | 23 | file://0001-lib-dns-gen.c-fix-too-long-error.patch \ |
24 | file://CVE-2015-8704.patch \ | ||
25 | file://CVE-2015-8705.patch \ | ||
24 | " | 26 | " |
25 | 27 | ||
26 | SRC_URI[md5sum] = "8b1f5064837756c938eadc1537dec5c7" | 28 | SRC_URI[md5sum] = "8b1f5064837756c938eadc1537dec5c7" |