diff options
Diffstat (limited to 'meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2012-3817.patch')
-rw-r--r-- | meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2012-3817.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2012-3817.patch b/meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2012-3817.patch new file mode 100644 index 0000000000..1e159bd2f8 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2012-3817.patch | |||
@@ -0,0 +1,40 @@ | |||
1 | bind: fix for CVE-2012-3817 | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | |||
5 | ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; | ||
6 | 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation | ||
7 | is enabled, does not properly initialize the failing-query cache, which allows | ||
8 | remote attackers to cause a denial of service (assertion failure and daemon exit) | ||
9 | by sending many queries. | ||
10 | |||
11 | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3817 | ||
12 | |||
13 | This patch is back-ported from bind-9.3.6-20.P1.el5_8.2.src.rpm package. | ||
14 | |||
15 | Signed-off-by: Ming Liu <ming.liu@windriver.com> | ||
16 | --- | ||
17 | resolver.c | 5 +++-- | ||
18 | 1 file changed, 3 insertions(+), 2 deletions(-) | ||
19 | |||
20 | --- a/lib/dns/resolver.c | ||
21 | +++ b/lib/dns/resolver.c | ||
22 | @@ -8318,6 +8318,7 @@ dns_resolver_addbadcache(dns_resolver_t | ||
23 | goto cleanup; | ||
24 | bad->type = type; | ||
25 | bad->hashval = hashval; | ||
26 | + bad->expire = *expire; | ||
27 | isc_buffer_init(&buffer, bad + 1, name->length); | ||
28 | dns_name_init(&bad->name, NULL); | ||
29 | dns_name_copy(name, &bad->name, &buffer); | ||
30 | @@ -8329,8 +8330,8 @@ dns_resolver_addbadcache(dns_resolver_t | ||
31 | if (resolver->badcount < resolver->badhash * 2 && | ||
32 | resolver->badhash > DNS_BADCACHE_SIZE) | ||
33 | resizehash(resolver, &now, ISC_FALSE); | ||
34 | - } | ||
35 | - bad->expire = *expire; | ||
36 | + } else | ||
37 | + bad->expire = *expire; | ||
38 | cleanup: | ||
39 | UNLOCK(&resolver->lock); | ||
40 | } | ||