bind: CVE-2016-2088

Duplicate EDNS COOKIE options in a response could trigger an assertion failure: Fix with a backport. bind as built with the oe-core recipe is not at risk: Only servers which are built with DNS cookie support (--enable-sit) are vulnerable to denial of service. Fixes [YOCTO #9438] (From OE-Core rev: da38a9840b32e80464e2938395db5c9167729f7e) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Jussi Kukkonen <jussi.kukkonen@intel.com> 2016-04-15 15:03:17 +0300
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-04-18 16:28:22 +0100
commit: 74ab080d3475cfbf4ad0f6e747601c71709f2e44 (patch)
tree: c33acd22aec37ec41be50f18e07c6584aaa7dc6e /meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
parent: d488d78db0b60433b54e0aec45624970309567b6 (diff)
download: poky-74ab080d3475cfbf4ad0f6e747601c71709f2e44.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb b/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
index 3ad14b235f..1e3a20f9a3 100644
--- a/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
+++ b/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
@@ -24,6 +24,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
           file://CVE-2016-1285.patch \
           file://CVE-2016-1286_1.patch \
           file://CVE-2016-1286_2.patch \
+           file://CVE-2016-2088.patch \
           "
 SRC_URI[md5sum] = "bcf7e772b616f7259420a3edc5df350a"
author	Jussi Kukkonen <jussi.kukkonen@intel.com>	2016-04-15 15:03:17 +0300
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-04-18 16:28:22 +0100
commit	74ab080d3475cfbf4ad0f6e747601c71709f2e44 (patch)
tree	c33acd22aec37ec41be50f18e07c6584aaa7dc6e /meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
parent	d488d78db0b60433b54e0aec45624970309567b6 (diff)
download	poky-74ab080d3475cfbf4ad0f6e747601c71709f2e44.tar.gz

diff --git a/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb b/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb index 3ad14b235f..1e3a20f9a3 100644 --- a/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb +++ b/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
@@ -24,6 +24,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
24	file://CVE-2016-1285.patch \	24	file://CVE-2016-1285.patch \
25	file://CVE-2016-1286_1.patch \	25	file://CVE-2016-1286_1.patch \
26	file://CVE-2016-1286_2.patch \	26	file://CVE-2016-1286_2.patch \
		27	file://CVE-2016-2088.patch \
27	"	28	"
28		29
29	SRC_URI[md5sum] = "bcf7e772b616f7259420a3edc5df350a"	30	SRC_URI[md5sum] = "bcf7e772b616f7259420a3edc5df350a"