From 2ee2433765a3502a61af09bdd183cd60300948dc Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Tue, 23 Dec 2014 08:49:28 +0100
Subject: bind: fix for CVE-2014-8500

A denial of service flaw was found in the way BIND followed DNS
delegations. A remote attacker could use a specially crafted zone
containing a large number of referrals which, when looked up and
processed, would cause named to use excessive amounts of memory
or crash.

External References:
===================
https://kb.isc.org/article/AA-01216/74/CVE-2014-8500%3A-A-Defect-in-\
Delegation-Handling-Can-Be-Exploited-to-Crash-BIND.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 meta/recipes-connectivity/bind/bind_9.9.5.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-connectivity/bind/bind_9.9.5.bb')

diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb
index 604deb6236..a261d78695 100644
--- a/meta/recipes-connectivity/bind/bind_9.9.5.bb
+++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb
@@ -13,6 +13,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
            file://make-etc-initd-bind-stop-work.patch \
            file://mips1-not-support-opcode.diff \
            file://dont-test-on-host.patch \
+           file://bind9_9_5-CVE-2014-8500.patch \
 	   "
 
 SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e"
-- 
cgit v1.2.3-54-g00ecf