bind: fix for CVE-2014-8500

A denial of service flaw was found in the way BIND followed DNS
delegations. A remote attacker could use a specially crafted zone
containing a large number of referrals which, when looked up and
processed, would cause named to use excessive amounts of memory
or crash.

External References:
===================
https://kb.isc.org/article/AA-01216/74/CVE-2014-8500%3A-A-Defect-in-\
Delegation-Handling-Can-Be-Exploited-to-Crash-BIND.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>

1 files changed, 1 insertions, 0 deletions

diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb
index 604deb6236..a261d78695 100644
--- a/meta/recipes-connectivity/bind/bind_9.9.5.bb
+++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb
@@ -13,6 +13,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
            file://make-etc-initd-bind-stop-work.patch \
            file://mips1-not-support-opcode.diff \
            file://dont-test-on-host.patch \
+           file://bind9_9_5-CVE-2014-8500.patch \
            "
 
 SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e"