summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind
Commit message (Collapse)AuthorAgeFilesLines
* bind: CVE-2015-8461Sona Sarmadi2016-04-082-1/+47
| | | | | | | | | | | | | | | | Fixes a race condition when handling socket errors can lead to an assertion failure in resolver.c Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461 Patch is backported from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/patch /?id=12cdd6d2b3a6d351ea09799be38e6ddd4c041c17 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* bind: CVE-2015-8704Sona Sarmadi2016-04-082-0/+49
| | | | | | | | | | | | | | A buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl_42.c. References: https://kb.isc.org/article/AA-01335 https://kb.isc.org/article/AA-00913 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* bind: CVE-2015-8000Sona Sarmadi2016-04-082-0/+195
| | | | | | | | | | | | | | | | | | | Fixes a denial of service in BIND. An error in the parsing of incoming responses allows some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. References: http://www.openwall.com/lists/oss-security/2015/12/15/14 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000 https://bugzilla.redhat.com/attachment.cgi?id=1105581 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* bind: CVE-2015-1349 CVE-2015-4620 CVE-2015-5722Sona Sarmadi2016-04-084-0/+589
| | | | | | | | | | | | | | | | | | | | | CVE-2015-1349: https://kb.isc.org/article/AA-01235/0/CVE-2015-1349%3A- A-Problem-with-Trust-Anchor-Management-Can-Cause-named-to-Crash.html CVE-2015-4620 https://kb.isc.org/article/AA-01267/0/CVE-2015-4620%3A- Specially-Constructed-Zone-Data-Can-Cause-a-Resolver-to-Crash-when-Validating.html CVE-2015-5722 https://kb.isc.org/article/AA-01287/0/CVE-2015-5722%3A- Parsing-malformed-keys-may-cause-BIND-to-exit-due-to-a-failed-assertion-in-buffer.c.html (From OE-Core rev: d3af844b05e566c2188fc3145e66a9826fed0ec8) Reference: https://kb.isc.org/category/74/0/10/Software-Products/BIND9/Security-Advisories/ Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* bind9.9.5: CVE-2015-5477Sona Sarmadi2015-08-042-0/+46
| | | | | | | | | | | Fixes a flaw in the way BIND handled requests for TKEY DNS resource records. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477 https://kb.isc.org/article/AA-01272 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* bind: fix for CVE-2014-8500Sona Sarmadi2015-07-062-0/+991
| | | | | | | | | | | | | | | | A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. External References: =================== https://kb.isc.org/article/AA-01216/74/CVE-2014-8500%3A-A-Defect-in-\ Delegation-Handling-Can-Be-Exploited-to-Crash-BIND.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* initial commit for Enea Linux 4.0Adrian Dudau2014-06-2612-0/+1081
Migrated from the internal git server on the daisy-enea branch Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-11 14:11:45 +0000