From 3f66cbfdff13798a6893abb7a43d45abc7004a49 Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Fri, 8 Apr 2016 10:21:05 +0200
Subject: bind: CVE-2015-1349 CVE-2015-4620 CVE-2015-5722

CVE-2015-1349:
https://kb.isc.org/article/AA-01235/0/CVE-2015-1349%3A-
A-Problem-with-Trust-Anchor-Management-Can-Cause-named-to-Crash.html

CVE-2015-4620
https://kb.isc.org/article/AA-01267/0/CVE-2015-4620%3A-
Specially-Constructed-Zone-Data-Can-Cause-a-Resolver-to-Crash-when-Validating.html

CVE-2015-5722
https://kb.isc.org/article/AA-01287/0/CVE-2015-5722%3A-
Parsing-malformed-keys-may-cause-BIND-to-exit-due-to-a-failed-assertion-in-buffer.c.html

(From OE-Core rev: d3af844b05e566c2188fc3145e66a9826fed0ec8)

Reference:
https://kb.isc.org/category/74/0/10/Software-Products/BIND9/Security-Advisories/

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 .../bind/bind/CVE-2015-4620.patch                  | 36 ++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch

(limited to 'meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch')

diff --git a/meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch b/meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch
new file mode 100644
index 0000000000..1a5051e638
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch
@@ -0,0 +1,36 @@
+CVE-2015-4620 bind: abort DoS caused by uninitialized value use in isselfsigned()
+
+issue introduced by git commit
+
+https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=44f175a90a855326725439b2f1178f0dcca8f67d
+
+which is in this version of bind.
+
+Upstream Status: Backport from Redhat
+
+https://bugzilla.redhat.com/attachment.cgi?id=1044719
+
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+Index: bind-9.9.5/lib/dns/validator.c
+===================================================================
+--- bind-9.9.5.orig/lib/dns/validator.c
++++ bind-9.9.5/lib/dns/validator.c
+@@ -1406,7 +1406,6 @@ compute_keytag(dns_rdata_t *rdata, dns_r
+  */
+ static isc_boolean_t
+ isselfsigned(dns_validator_t *val) {
+-	dns_fixedname_t fixed;
+ 	dns_rdataset_t *rdataset, *sigrdataset;
+ 	dns_rdata_t rdata = DNS_RDATA_INIT;
+ 	dns_rdata_t sigrdata = DNS_RDATA_INIT;
+@@ -1462,8 +1461,7 @@ isselfsigned(dns_validator_t *val) {
+ 			result = dns_dnssec_verify3(name, rdataset, dstkey,
+ 						    ISC_TRUE,
+ 						    val->view->maxbits,
+-						    mctx, &sigrdata,
+-						    dns_fixedname_name(&fixed));
++						    mctx, &sigrdata, NULL);
+ 			dst_key_free(&dstkey);
+ 			if (result != ISC_R_SUCCESS)
+ 				continue;
-- 
cgit v1.2.3-54-g00ecf