summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorMinjae Kim <flowergom@gmail.com>2021-03-02 23:28:15 +0900
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-03-10 00:24:27 +0000
commitf943f43cc1da7e1faeb8520091a0e00c90c1269a (patch)
tree0400611c2f628dd38488d50025c2694828339cc6 /meta
parent1c0cb223c56d781fc71fe50e8e9540ee62cc1830 (diff)
downloadpoky-f943f43cc1da7e1faeb8520091a0e00c90c1269a.tar.gz
bind: fix CVE-2020-8625
BIND Operational Notification: Zone journal (.jnl) file incompatibility. (From OE-Core rev: 294afc40fb6cb847bf50a5839806a4351bb0e8b0) Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch29
-rw-r--r--meta/recipes-connectivity/bind/bind_9.16.7.bb1
2 files changed, 30 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch b/meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch
new file mode 100644
index 0000000000..98b8623139
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch
@@ -0,0 +1,29 @@
1From 5b671538216af78a0a7ef7464dc52ab2241ea7db Mon Sep 17 00:00:00 2001
2From: Minjae Kim <flowergom@gmail.com>
3Date: Tue, 2 Mar 2021 14:03:49 +0000
4Subject: [PATCH] BIND Operational Notification: Zone journal (.jnl) file
5 incompatibility
6
7Upstream-Status: Backport [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch]
8CVE: CVE-2020-8625
9Signed-off-by: Minjae Kim <flowergom@gmail.com>
10---
11 lib/dns/spnego.c | 2 +-
12 1 file changed, 1 insertion(+), 1 deletion(-)
13
14diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
15index 671838c..82fd49a 100644
16--- a/lib/dns/spnego.c
17+++ b/lib/dns/spnego.c
18@@ -846,7 +846,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
19 return (ASN1_OVERRUN);
20 }
21
22- data->components = malloc(len * sizeof(*data->components));
23+ data->components = malloc((len + 1) * sizeof(*data->components));
24 if (data->components == NULL) {
25 return (ENOMEM);
26 }
27--
282.17.1
29
diff --git a/meta/recipes-connectivity/bind/bind_9.16.7.bb b/meta/recipes-connectivity/bind/bind_9.16.7.bb
index 5fc2c1d3cd..82c1bb66df 100644
--- a/meta/recipes-connectivity/bind/bind_9.16.7.bb
+++ b/meta/recipes-connectivity/bind/bind_9.16.7.bb
@@ -17,6 +17,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
17 file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ 17 file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
18 file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ 18 file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
19 file://0001-avoid-start-failure-with-bind-user.patch \ 19 file://0001-avoid-start-failure-with-bind-user.patch \
20 file://CVE-2020-8625.patch \
20 " 21 "
21 22
22SRC_URI[sha256sum] = "9f7d1812ebbd26a699f62b6fa8522d5dec57e4bf43af0042a0d60d39ed8314d1" 23SRC_URI[sha256sum] = "9f7d1812ebbd26a699f62b6fa8522d5dec57e4bf43af0042a0d60d39ed8314d1"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-04 20:17:50 +0000