From 71129828ff4cfda3d66aa9378be3c5a53f2beb8b Mon Sep 17 00:00:00 2001 From: Sona Sarmadi Date: Thu, 7 Apr 2016 12:27:27 +0200 Subject: bind: CVE-2016-1285 CVE-2016-1286 CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=31e4657cf246e41d4c5c890315cb6cf89a0db25a CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=76c3c9fe9f3f1353b47214b8f98b3d7f53e10bc7 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=ce3cd91caee698cb144e1350c6c78292c6be6339 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea Signed-off-by: Sona Sarmadi --- .../bind/bind/fix-typo-in-CVE-2016-1285.patch | 31 ++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch (limited to 'meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch') diff --git a/meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch b/meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch new file mode 100644 index 0000000000..5858c805df --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch @@ -0,0 +1,31 @@ +From a078c9eeae8c2db7edf2b15ff1d25a3a297c7512 Mon Sep 17 00:00:00 2001 +From: Evan Hunt +Date: Wed, 17 Feb 2016 19:13:22 -0800 +Subject: [PATCH] [v9_9] fix backport error + +This fixes typo in the: +CVE-2016-1285.patch [upstream commit 31e4657cf246e41d4c5c890315cb6cf89a0db25a] + +Upstream-Status: Backport + +Signed-off-by: Sona Sarmadi +--- + lib/isccc/cc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c +index ffcd584..9c7d18c 100644 +--- a/lib/isccc/cc.c ++++ b/lib/isccc/cc.c +@@ -287,7 +287,7 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, + if (!isccc_alist_alistp(_auth)) + return (ISC_R_FAILURE); + hmd5 = isccc_alist_lookup(_auth, "hmd5"); +- if (!isccc_sexpr_binaryp(hmac)) ++ if (!isccc_sexpr_binaryp(hmd5)) + return (ISC_R_FAILURE); + /* + * Compute digest. +-- +1.9.1 + -- cgit v1.2.3-54-g00ecf