bind: CVE-2016-1285 CVE-2016-1286 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Sona Sarmadi <sona.sarmadi@enea.com>	2016-04-13 08:32:15 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-04-14 10:58:33 +0100
commit	c3c55478f5d346c65bd6f1e0a188da49e5a1369e (patch)
tree	fa3be5ecc1e990668a2211e78c0d92fdd4d4a72f /meta/lib
parent	c4387a8b65cd1666a3eac1c85fb107d2b494ce0a (diff)
download	openembedded-core-contrib-c3c55478f5d346c65bd6f1e0a188da49e5a1369e.tar.gz

bind: CVE-2016-1285 CVE-2016-1286

Fixes following vulnerabilities: CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: =========================================================== CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=70037e040e587329cec82123e12b9f4f7c945f67 CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=a3d327bf1ceaaeabb20223d8de85166e940b9f12 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=7602be276a73a6eb5431c5acd9718e68a55e8b61 (From OE-Core rev: 080d1a313e4982dd05846b375ebf936c46934d80) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: