diff options
| author | Sona Sarmadi <sona.sarmadi@enea.com> | 2016-04-12 13:25:59 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-05-09 08:11:34 +0100 |
| commit | a8ff4c8f420320c61fbf58195b320b1a27430ada (patch) | |
| tree | 6bc84d83e49970382996a31cd98221700fd30217 /meta/recipes-connectivity/bind/bind_9.9.5.bb | |
| parent | 0c49cef4a6296f7c04f1770027bce1079422d543 (diff) | |
| download | poky-a8ff4c8f420320c61fbf58195b320b1a27430ada.tar.gz | |
bind: CVE-2016-1285 CVE-2016-1286
CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure
CVE-2016-1286 bind: malformed signature records for DNAME records can
trigger assertion failure
[YOCTO #9400]
External References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286
References to the Upstream commits and Security Advisories:
CVE-2016-1285: https://kb.isc.org/article/AA-01352
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=31e4657cf246e41d4c5c890315cb6cf89a0db25a
CVE-2016-1286_1: https://kb.isc.org/article/AA-01353
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=76c3c9fe9f3f1353b47214b8f98b3d7f53e10bc7
CVE-2016-1286_2: https://kb.isc.org/article/AA-01353
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=ce3cd91caee698cb144e1350c6c78292c6be6339
(From OE-Core rev: e289df4daa4b90fb95ae3602c244cba9d56a8c2f)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/bind/bind_9.9.5.bb')
| -rw-r--r-- | meta/recipes-connectivity/bind/bind_9.9.5.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb index 7ba0d2be3c..fbcdbbd684 100644 --- a/meta/recipes-connectivity/bind/bind_9.9.5.bb +++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb | |||
| @@ -28,6 +28,10 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ | |||
| 28 | file://CVE-2015-8000.patch \ | 28 | file://CVE-2015-8000.patch \ |
| 29 | file://CVE-2015-8704.patch \ | 29 | file://CVE-2015-8704.patch \ |
| 30 | file://CVE-2015-8461.patch \ | 30 | file://CVE-2015-8461.patch \ |
| 31 | file://CVE-2016-1285.patch \ | ||
| 32 | file://fix-typo-in-CVE-2016-1285.patch \ | ||
| 33 | file://CVE-2016-1286_1.patch \ | ||
| 34 | file://CVE-2016-1286_2.patch \ | ||
| 31 | " | 35 | " |
| 32 | 36 | ||
| 33 | SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e" | 37 | SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e" |