dhcp: CVE-2016-2774

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2774 (From OE-Core rev: 2fc84114c6323bf1e3d3598af52dd1523168c9fc) Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Catalin Enache <catalin.enache@windriver.com> 2016-04-18 15:52:16 +0300
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-04-18 16:28:22 +0100
commit: 4946ecfb42d71c35c1421061479731a4ea88f762 (patch)
tree: 5c3c1d546213d47381ad37240b2cdbb8fa5c11ef /meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb
parent: c219c6d5826b6f1002f5486eceeb1cc8990d7c28 (diff)
download: poky-4946ecfb42d71c35c1421061479731a4ea88f762.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb b/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb
index 970617ff92..4e8cd272b8 100644
--- a/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb
+++ b/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb
@@ -8,6 +8,7 @@ SRC_URI += "file://dhcp-3.0.3-dhclient-dbus.patch;striplevel=0 \
            file://replace-ifconfig-route.patch \
            file://CVE-2015-8605.patch \
            file://0001-site.h-enable-gentle-shutdown.patch \
+            file://CVE-2016-2774.patch \
           "
 SRC_URI[md5sum] = "c5577b09c9017cdd319a11ff6364268e"
author	Catalin Enache <catalin.enache@windriver.com>	2016-04-18 15:52:16 +0300
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-04-18 16:28:22 +0100
commit	4946ecfb42d71c35c1421061479731a4ea88f762 (patch)
tree	5c3c1d546213d47381ad37240b2cdbb8fa5c11ef /meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb
parent	c219c6d5826b6f1002f5486eceeb1cc8990d7c28 (diff)
download	poky-4946ecfb42d71c35c1421061479731a4ea88f762.tar.gz

diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb b/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb index 970617ff92..4e8cd272b8 100644 --- a/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb +++ b/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb
@@ -8,6 +8,7 @@ SRC_URI += "file://dhcp-3.0.3-dhclient-dbus.patch;striplevel=0 \
8	file://replace-ifconfig-route.patch \	8	file://replace-ifconfig-route.patch \
9	file://CVE-2015-8605.patch \	9	file://CVE-2015-8605.patch \
10	file://0001-site.h-enable-gentle-shutdown.patch \	10	file://0001-site.h-enable-gentle-shutdown.patch \
		11	file://CVE-2016-2774.patch \
11	"	12	"
12		13
13	SRC_URI[md5sum] = "c5577b09c9017cdd319a11ff6364268e"	14	SRC_URI[md5sum] = "c5577b09c9017cdd319a11ff6364268e"