From 143136f7c830a5beb149f05886d2a649a29fca7a Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Mon, 21 Dec 2015 10:18:02 +0100
Subject: bind: CVE-2015-8000

Fixes a denial of service in BIND.

An error in the parsing of incoming responses allows some
records with an incorrect class to be accepted by BIND
instead of being rejected as malformed. This can trigger
a REQUIRE assertion failure when those records are subsequently
cached.

References:
http://www.openwall.com/lists/oss-security/2015/12/15/14
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
https://bugzilla.redhat.com/attachment.cgi?id=1105581

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
---
 meta/recipes-connectivity/bind/bind_9.9.5.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-connectivity/bind/bind_9.9.5.bb')

diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb
index ee940112f7..6e4878d06b 100644
--- a/meta/recipes-connectivity/bind/bind_9.9.5.bb
+++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb
@@ -22,6 +22,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
 	   file://CVE-2015-1349.patch \ 
 	   file://CVE-2015-4620.patch \
 	   file://CVE-2015-5722.patch \
+           file://CVE-2015-8000.patch \
 	   "
 
 SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e"
-- 
cgit v1.2.3-54-g00ecf