diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2015-08-04 12:36:55 +0200 |
---|---|---|
committer | Sona Sarmadi <sona.sarmadi@enea.com> | 2015-08-04 12:36:55 +0200 |
commit | 856bb19cc85a075854f04eb24f280f22144d3d5a (patch) | |
tree | 24ca899d8299c00b155854a42201ee20cb8bb646 /meta | |
parent | 38657774707334618c35772a9acb7492742a28f6 (diff) | |
download | poky-856bb19cc85a075854f04eb24f280f22144d3d5a.tar.gz |
bind9.9.5: CVE-2015-5477
Fixes a flaw in the way BIND handled requests for TKEY
DNS resource records.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477
https://kb.isc.org/article/AA-01272
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch | 45 | ||||
-rw-r--r-- | meta/recipes-connectivity/bind/bind_9.9.5.bb | 1 |
2 files changed, 46 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch new file mode 100644 index 0000000000..896272a471 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch | |||
@@ -0,0 +1,45 @@ | |||
1 | From dbb064aa7972ef918d9a235b713108a4846cbb62 Mon Sep 17 00:00:00 2001 | ||
2 | From: Mark Andrews <marka@isc.org> | ||
3 | Date: Tue, 14 Jul 2015 14:48:42 +1000 | ||
4 | Subject: [PATCH] 4165. [bug] An failure to reset a value to NULL | ||
5 | in tkey.c could result in an assertion failure. | ||
6 | (CVE-2015-5477) [RT #40046] | ||
7 | |||
8 | Upstream-Status: Backport | ||
9 | [CHANGES file has been edited manually to add CVE-2015-5477 and | ||
10 | an already applied CVE (CVE-2014-8500)]. | ||
11 | |||
12 | Referenc: https://kb.isc.org/article/AA-01272 | ||
13 | |||
14 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
15 | |||
16 | diff -ruN a/CHANGES b/CHANGES | ||
17 | --- a/CHANGES 2014-01-27 19:58:24.000000000 +0100 | ||
18 | +++ b/CHANGES 2015-07-30 11:03:18.871670769 +0200 | ||
19 | @@ -1,4 +1,15 @@ | ||
20 | --- 9.9.5 released --- | ||
21 | +4165. [security] An failure to reset a value to NULL in tkey.c could | ||
22 | + result in an assertion failure. (CVE-2015-5477) | ||
23 | + [RT #40046] | ||
24 | + | ||
25 | +4006. [security] A flaw in delegation handling could be exploited | ||
26 | + to put named into an infinite loop. This has | ||
27 | + been addressed by placing limits on the number | ||
28 | + of levels of recursion named will allow (default 7), | ||
29 | + and the number of iterative queries that it will | ||
30 | + send (default 50) before terminating a recursive | ||
31 | + query (CVE-2014-8500). | ||
32 | |||
33 | --- 9.9.5rc2 released --- | ||
34 | |||
35 | diff -ruN a/lib/dns/tkey.c b/lib/dns/tkey.c | ||
36 | --- a/lib/dns/tkey.c 2014-01-27 19:58:24.000000000 +0100 | ||
37 | +++ b/lib/dns/tkey.c 2015-07-30 10:58:30.647945942 +0200 | ||
38 | @@ -650,6 +650,7 @@ | ||
39 | * Try the answer section, since that's where Win2000 | ||
40 | * puts it. | ||
41 | */ | ||
42 | + name = NULL; | ||
43 | if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname, | ||
44 | dns_rdatatype_tkey, 0, &name, | ||
45 | &tkeyset) != ISC_R_SUCCESS) { | ||
diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb index a261d78695..a8410e66cc 100644 --- a/meta/recipes-connectivity/bind/bind_9.9.5.bb +++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb | |||
@@ -14,6 +14,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ | |||
14 | file://mips1-not-support-opcode.diff \ | 14 | file://mips1-not-support-opcode.diff \ |
15 | file://dont-test-on-host.patch \ | 15 | file://dont-test-on-host.patch \ |
16 | file://bind9_9_5-CVE-2014-8500.patch \ | 16 | file://bind9_9_5-CVE-2014-8500.patch \ |
17 | file://bind9_9_5-CVE-2015-5477.patch \ | ||
17 | " | 18 | " |
18 | 19 | ||
19 | SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e" | 20 | SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e" |