summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind
Commit message (Collapse)AuthorAgeFilesLines
* bind: Security fix CVE-2016-2088Armin Kuster2016-09-231-0/+216
| | | | | | | (From OE-Core rev: 91e05c25eb221ff1dc2bde5cfaa0bea88345b1e4) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-1285 CVE-2016-1286Sona Sarmadi2016-05-093-0/+535
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=e7e15d1302b26a96fa0a5307d6f2cb0d8ad4ea63 CVE-2016-1286: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=456e1eadd2a3a2fb9617e60d4db90ef4ba7c6ba3 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=499952eb459c9a41d2092f1d98899c131f9103b2 (From OE-Core rev: e8bc043f871e507542955ad28de74f67afa9bc36) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2015-8461Armin Kuster2016-02-041-0/+44
| | | | | | | | | CVE-2015-8461 bind: race condition when handling socket errors can lead to an assertion failure in resolver.c\ (From OE-Core rev: 1656eaa722952861ec73362776bd0c4826aec3da) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2015-8000Armin Kuster2016-02-041-0/+278
| | | | | | | | | CVE-2015-8000 bind: responses with a malformed class attribute can trigger an assertion failure in db.c (From OE-Core rev: a159f9dcf3806f2c3677775d6fb131dab17a5a17) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2015-8704 and CVE-2015-8705Derek Straka2016-01-302-0/+72
| | | | | | | | | | | | | | | | | | | | | CVE-2015-8704: Allows remote authenticated users to cause a denial of service via a malformed Address Prefix List record CVE-2015-8705: When debug logging is enabled, allows remote attackers to cause a denial of service or have possibly unspecified impact via OPT data or ECS option [YOCTO 8966] References: https://kb.isc.org/article/AA-01346/0/BIND-9.10.3-P3-Release-Notes.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705 (From OE-Core rev: 78ceabeb2df55194f16324d21ba97e81121f996b) Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix too long error from genRobert Yang2015-09-231-0/+34
| | | | | | | | | | | gen.c uses 512 as the path length which is a little short when build in deep dir, and cause "too long" error, use PATH_MAX if defined. (From OE-Core rev: 10e017fd3de3ff1ab0c1b32ac7a9610a04f8ff13) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Fix Upstream-Status statementsRoss Burton2015-09-121-1/+1
| | | | | | | | | | Fix a variety of problems such as typos, bad punctuations, or incorrect Upstream-Status values. (From OE-Core rev: bd220fe6ce8c3a0805f13a14706d3130ea872604) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix compile failure when building path is longChen Qi2015-09-121-0/+25
| | | | | | | | | | | | | | | | Fix the building path is long, when building bind, we would meet the following error. ".../long/path/to/bind/9.10.2-P3-r0/bind-9.10.2-P3/lib/dns" too long This is because the in gen.c, DIRNAMESIZE is limited to 256. But in OE, the path length limit is more than 400. So we change it to 512. (From OE-Core rev: 2f22eb1ce8083afb929cce432b8dda84682520e8) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: ensure searching for json headers searches sysrootPaul Gortmaker2015-06-111-0/+49
| | | | | | | | | | | | Bind can fail configure by detecting headers w/o libs, or it can fail the host contamination check. More details are within the commit log in the contained patch. (From OE-Core rev: 6fa5671c5cf8e5e88c5ad1e39742d59453e02695) Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update libxml2 detection patchRoss Burton2015-05-092-35/+42
| | | | | | | | | | Refresh the libxml2 detection patch to directly call pkg-config instead of attempting to use xml2-config, which will always return an error in OE. (From OE-Core rev: 76c53feaec1b8c1045aaf2a78a9225a732a37f1f) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade to 9.10.2Roy Li2015-05-096-1089/+3
| | | | | | | | | | | | | | 1. Remove two unneeded CVE patches, 9.10.2 fixed the CVE-2015-1349 also 2. Remove bind-subdirs-run-serially.patch and cross-build-fix.patch, similar fixes are merged into 9.10.2 3. update the dont-test-on-host.patch 4. update the Copyright file checksum, since the date in it has been changed. 5. replace the hardcode lib dir with $base_libdir in bind-add-crosscripts*.patch (From OE-Core rev: 41d53f0139a9cb29679dbcaaab8311a1364c65f4) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: remove 5 backport patchesRobert Yang2015-05-035-482/+0
| | | | | | | | | | They are backport patches, and verified that the patches are in the source. (From OE-Core rev: 6e4a10ab030c192e2437592538e4713b1ee2032b) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Fix parallel make issueRobert Yang2015-02-191-0/+44
| | | | | | | | | | | | | | | | | | Fixed: unix/os.o: file not recognized: File truncated collect2: error: ld returned 1 exit status This is because os.o was built twice: * The implicity rule (depends on unix/os.o) * The "make all" in unix subdir (depends on unix/os.o) Depend on subdirs which is unix only rather than unix/os.o will fix the problem. (From OE-Core rev: 1af699e1af2552659b90a1fadd8de73d780226ba) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix and enable parallel buildRobert Yang2015-02-151-0/+35
| | | | | | | (From OE-Core rev: af851c7cdeab0ef53f00866da3da1a96b96bd63a) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix typo chown->chmodTing Liu2015-01-292-2/+2
| | | | | | | | (From OE-Core rev: a6ee74222b43d0bb7fe9ef0072ede78f82a5e446) Signed-off-by: Ting Liu <ting.liu@freescale.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Update libxml2 check to make it deterministic.Noor2015-01-081-0/+35
| | | | | | | | | | | | | | * Firstly configure scritp was testing files from bin folder. In our case we don't copy bin folder to sysroot for target recipes. So added extra check to validate .pc file from lib folder via a patch to configure.in file. * Secondly linxml2 dependency was missing. So added PACKAGECONFIG for libxml2. (From OE-Core rev: b61a2acc321489c3427f0afa3059486dc144a13b) Signed-off-by: Noor Ahsan <noor_ahsan@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix for CVE-2014-8500Sona Sarmadi2014-12-311-0/+990
| | | | | | | | | | | | | | | [From upstream commit: 603a0e2637b35a2da820bc807f69bcf09c682dce] [YOCTO #7098] External References: =================== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 (From OE-Core rev: 7225d6e0c82f264057de40c04b31655f2b0e0c96) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix conf.patch to add db.255 configuration fileChen Qi2014-12-251-0/+16
| | | | | | | | | | | Add in conf.patch /etc/bind/db.255 file so that we don't get the following error. zone 255.in-addr.arpa/IN: loading from master file /etc/bind/db.255 failed: file not found (From OE-Core rev: 98caaf4b92bf3350cc74ef66dc9eda35aa7d428a) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix to use correct environment file in service fileChen Qi2014-11-041-1/+1
| | | | | | | | | | Use /etc/default/bind9 as the environment file in named.service. (From OE-Core rev: 0ee1fa68a4d749585c43fc706c8da6e849d10857) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: refer ubuntu/redhat to add bind user/groupHongxu Jia2014-08-231-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | We refer what ubuntu/redhat did, gave bind a user/group Here is the example in ubuntu 14.04: $ ps -eo user,group,cmd | grep "named" ... bind bind /usr/sbin/named -u bind ... $vim bind9_1%3a9.9.5.dfsg-3_amd64.deb/postinst ... # lets give them a bind user/group in all cases. getent group bind >/dev/null 2>&1 || addgroup --system bind getent passwd bind >/dev/null 2>&1 || adduser --system --home /var/cache/bind --no-create-home \ --disabled-password --ingroup bind bind ... (From OE-Core rev: e37841faf746895f41627130623196c0bebe0740) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Upstream-Status CleanupsSaul Wold2014-04-251-0/+4
| | | | | | | (From OE-Core rev: ea438b58c9a90e4c3147f99d63a9afc66963c5a1) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: add support for read-only rootfsChen Qi2014-04-251-0/+65
| | | | | | | | | | | | This patch adds support for read-only rootfs to the bind service. Basically it just bind mounts several directories so that the bind service could start correctly without reporting any error. (From OE-Core rev: 99cc96eaee28bfde89096689b1296d28937ead88) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: add systemd supportChen Qi2014-04-242-0/+29
| | | | | | | | | Add systemd support for bind. (From OE-Core rev: 812f69fee5fceef853c42960f3d90491bda8378a) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Update to 9.9.5Saul Wold2014-03-1111-0/+1016
Remove CVE patches that are in bind Updated COPYRIGHT includes date changes the NetBSD Copyright Modifies the Base BSD License to 3-Clause (removes advertising clause)w Add patch to disable running tests on host Add python-core to RDEPENDS for dnssec-checkds and dnssec-coverage and fix path to python (From OE-Core rev: 041576d6d63ad807ca405dcea9eeecf1c9ccd7fe) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-28 13:00:40 +0000