summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch')
-rw-r--r--meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch48
1 files changed, 48 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch b/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch
new file mode 100644
index 0000000000..d3b89884b5
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch
@@ -0,0 +1,48 @@
1commit ea75187b4a656477f1f50ecc407e3352614a06f8
2Author: Mark Andrews <marka@isc.org>
3Date: Thu Dec 31 13:43:21 2015 +1100
4
5 4285. [security] Specific APL data could trigger a INSIST.
6 (CVE-2015-8704) [RT #41396]
7
8 (cherry picked from commit 1b3d21180244529f0099894fe9d29beb3f11efb3)
9
10Fixes: CVE-2015-8704
11Upstream Status: Backport from bind 9.9.8:
12 [ea75187b4a656477f1f50ecc407e3352614a06f8]
13
14Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
15---
16diff -ruN a/CHANGES b/CHANGES
17--- a/CHANGES 2016-01-20 08:25:33.023218819 +0100
18+++ b/CHANGES 2016-01-20 08:38:22.270736131 +0100
19@@ -1,5 +1,8 @@
20 --- 9.9.6-P2 released ---
21
22+4285. [security] Specific APL data could trigger a INSIST.
23+ (CVE-2015-8704) [RT #41396]
24+
25 4053. [security] Revoking a managed trust anchor and supplying
26 an untrusted replacement could cause named
27 to crash with an assertion failure.
28diff -ruN a/lib/dns/rdata/in_1/apl_42.c b/lib/dns/rdata/in_1/apl_42.c
29--- a/lib/dns/rdata/in_1/apl_42.c 2016-01-20 08:36:01.580676442 +0100
30+++ b/lib/dns/rdata/in_1/apl_42.c 2016-01-20 08:37:18.149443474 +0100
31@@ -116,7 +116,7 @@
32 isc_uint8_t len;
33 isc_boolean_t neg;
34 unsigned char buf[16];
35- char txt[sizeof(" !64000")];
36+ char txt[sizeof(" !64000:")];
37 const char *sep = "";
38 int n;
39
40@@ -140,7 +140,7 @@
41 isc_region_consume(&sr, 1);
42 INSIST(len <= sr.length);
43 n = snprintf(txt, sizeof(txt), "%s%s%u:", sep,
44- neg ? "!": "", afi);
45+ neg ? "!" : "", afi);
46 INSIST(n < (int)sizeof(txt));
47 RETERR(str_totext(txt, target));
48 switch (afi) {