From b6105680bfb85915e0012c456118441c4c74463d Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sat, 12 Sep 2015 15:17:26 -0700 Subject: bind: CVE-2015-1349 CVE-2015-4620 CVE-2015-5722 three security fixes. (From OE-Core rev: d3af844b05e566c2188fc3145e66a9826fed0ec8) Signed-off-by: Armin Kuster Signed-off-by: Richard Purdie Signed-off-by: Tudor Florea --- .../bind/bind/CVE-2015-4620.patch | 36 ++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch (limited to 'meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch') diff --git a/meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch b/meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch new file mode 100644 index 0000000000..1a5051e638 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/CVE-2015-4620.patch @@ -0,0 +1,36 @@ +CVE-2015-4620 bind: abort DoS caused by uninitialized value use in isselfsigned() + +issue introduced by git commit + +https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=44f175a90a855326725439b2f1178f0dcca8f67d + +which is in this version of bind. + +Upstream Status: Backport from Redhat + +https://bugzilla.redhat.com/attachment.cgi?id=1044719 + +Signed-off-by: Armin Kuster + +Index: bind-9.9.5/lib/dns/validator.c +=================================================================== +--- bind-9.9.5.orig/lib/dns/validator.c ++++ bind-9.9.5/lib/dns/validator.c +@@ -1406,7 +1406,6 @@ compute_keytag(dns_rdata_t *rdata, dns_r + */ + static isc_boolean_t + isselfsigned(dns_validator_t *val) { +- dns_fixedname_t fixed; + dns_rdataset_t *rdataset, *sigrdataset; + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdata_t sigrdata = DNS_RDATA_INIT; +@@ -1462,8 +1461,7 @@ isselfsigned(dns_validator_t *val) { + result = dns_dnssec_verify3(name, rdataset, dstkey, + ISC_TRUE, + val->view->maxbits, +- mctx, &sigrdata, +- dns_fixedname_name(&fixed)); ++ mctx, &sigrdata, NULL); + dst_key_free(&dstkey); + if (result != ISC_R_SUCCESS) + continue; -- cgit v1.2.3-54-g00ecf