summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb
Commit message (Collapse)AuthorAgeFilesLines
* bind: Security fix CVE-2016-2776Armin Kuster2016-12-061-0/+1
| | | | | | | | | affect bind < 9.10.4-p3 (From OE-Core rev: 57b4c03b263f2ad056d7973038662d6d6614a9de) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2016-2775Armin Kuster2016-12-061-0/+1
| | | | | | | | | affect bind < 9.10.4-p2 (From OE-Core rev: 54bf7379036eec6d6c4399aa374f898ba3464996) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2016-2088Armin Kuster2016-09-231-0/+1
| | | | | | | (From OE-Core rev: 91e05c25eb221ff1dc2bde5cfaa0bea88345b1e4) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-1285 CVE-2016-1286Sona Sarmadi2016-05-091-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=e7e15d1302b26a96fa0a5307d6f2cb0d8ad4ea63 CVE-2016-1286: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=456e1eadd2a3a2fb9617e60d4db90ef4ba7c6ba3 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=499952eb459c9a41d2092f1d98899c131f9103b2 (From OE-Core rev: e8bc043f871e507542955ad28de74f67afa9bc36) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2015-8461Armin Kuster2016-02-041-0/+1
| | | | | | | | | CVE-2015-8461 bind: race condition when handling socket errors can lead to an assertion failure in resolver.c\ (From OE-Core rev: 1656eaa722952861ec73362776bd0c4826aec3da) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2015-8000Armin Kuster2016-02-041-0/+1
| | | | | | | | | CVE-2015-8000 bind: responses with a malformed class attribute can trigger an assertion failure in db.c (From OE-Core rev: a159f9dcf3806f2c3677775d6fb131dab17a5a17) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2015-8704 and CVE-2015-8705Derek Straka2016-01-301-0/+2
| | | | | | | | | | | | | | | | | | | | | CVE-2015-8704: Allows remote authenticated users to cause a denial of service via a malformed Address Prefix List record CVE-2015-8705: When debug logging is enabled, allows remote attackers to cause a denial of service or have possibly unspecified impact via OPT data or ECS option [YOCTO 8966] References: https://kb.isc.org/article/AA-01346/0/BIND-9.10.3-P3-Release-Notes.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705 (From OE-Core rev: 78ceabeb2df55194f16324d21ba97e81121f996b) Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix too long error from genRobert Yang2015-09-231-0/+1
| | | | | | | | | | | gen.c uses 512 as the path length which is a little short when build in deep dir, and cause "too long" error, use PATH_MAX if defined. (From OE-Core rev: 10e017fd3de3ff1ab0c1b32ac7a9610a04f8ff13) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix compile failure when building path is longChen Qi2015-09-121-0/+1
| | | | | | | | | | | | | | | | Fix the building path is long, when building bind, we would meet the following error. ".../long/path/to/bind/9.10.2-P3-r0/bind-9.10.2-P3/lib/dns" too long This is because the in gen.c, DIRNAMESIZE is limited to 256. But in OE, the path length limit is more than 400. So we change it to 512. (From OE-Core rev: 2f22eb1ce8083afb929cce432b8dda84682520e8) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update to 9.10.2-p4Armin Kuster2015-09-091-0/+101
fixes two secruity issues: CVE-2015-5722 and CVE-2015-5986. see release notes for more information. ftp://ftp.isc.org/isc/bind9/9.10.2-P4/RELEASE-NOTES.bind-9.10.2-P4.html (From OE-Core rev: 0dab62934e69019557ebae392dc8cb25e37748c2) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>