1 files changed, 0 insertions, 90 deletions

diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-2775.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-2775.patch
deleted file mode 100644
index 5393063c56..0000000000
--- a/meta/recipes-connectivity/bind/bind/CVE-2016-2775.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From 9d8aba8a7778721ae2cee6e4670a8e6be6590b05 Mon Sep 17 00:00:00 2001
-From: Mark Andrews <marka@isc.org>
-Date: Wed, 12 Oct 2016 19:52:59 +0900
-Subject: [PATCH]
-4406.   [security]      getrrsetbyname with a non absolute name could
-                        trigger an infinite recursion bug in lwresd
-                        and named with lwres configured if when combined
-                        with a search list entry the resulting name is
-                        too long. (CVE-2016-2775) [RT #42694]
-
-Backport commit 38cc2d14e218e536e0102fa70deef99461354232 from the
-v9.11.0_patch branch.
-
-CVE: CVE-2016-2775
-Upstream-Status: Backport
-
-Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com>
-
----
- CHANGES                          |  6 ++++++
- bin/named/lwdgrbn.c              | 16 ++++++++++------
- bin/tests/system/lwresd/lwtest.c |  9 ++++++++-
- 3 files changed, 24 insertions(+), 7 deletions(-)
-
-diff --git a/CHANGES b/CHANGES
-index d2e3360..d0a9d12 100644
---- a/CHANGES
-+++ b/CHANGES
-@@ -1,3 +1,9 @@
-+4406.   [security]      getrrsetbyname with a non absolute name could
-+                        trigger an infinite recursion bug in lwresd
-+                        and named with lwres configured if when combined
-+                        with a search list entry the resulting name is
-+                        too long. (CVE-2016-2775) [RT #42694]
-+
- 4322.  [security]      Duplicate EDNS COOKIE options in a response could
-                        trigger an assertion failure. (CVE-2016-2088)
-                        [RT #41809]
-diff --git a/bin/named/lwdgrbn.c b/bin/named/lwdgrbn.c
-index 3e7b15b..e1e9adc 100644
---- a/bin/named/lwdgrbn.c
-+++ b/bin/named/lwdgrbn.c
-@@ -403,14 +403,18 @@ start_lookup(ns_lwdclient_t *client) {
- 	INSIST(client->lookup == NULL);
- 
- 	dns_fixedname_init(&absname);
--	result = ns_lwsearchctx_current(&client->searchctx,
--					dns_fixedname_name(&absname));
-+
- 	/*
--	 * This will return failure if relative name + suffix is too long.
--	 * In this case, just go on to the next entry in the search path.
-+         * Perform search across all search domains until success
-+         * is returned. Return in case of failure.
- 	 */
--	if (result != ISC_R_SUCCESS)
--		start_lookup(client);
-+        while (ns_lwsearchctx_current(&client->searchctx,
-+                        dns_fixedname_name(&absname)) != ISC_R_SUCCESS) {
-+                if (ns_lwsearchctx_next(&client->searchctx) != ISC_R_SUCCESS) {
-+                        ns_lwdclient_errorpktsend(client, LWRES_R_FAILURE);
-+                        return;
-+                }
-+        }
- 
- 	result = dns_lookup_create(cm->mctx,
- 				   dns_fixedname_name(&absname),
-diff --git a/bin/tests/system/lwresd/lwtest.c b/bin/tests/system/lwresd/lwtest.c
-index ad9b551..3eb4a66 100644
---- a/bin/tests/system/lwresd/lwtest.c
-+++ b/bin/tests/system/lwresd/lwtest.c
-@@ -768,7 +768,14 @@ main(void) {
- 	test_getrrsetbyname("e.example1.", 1, 2, 1, 1, 1);
- 	test_getrrsetbyname("e.example1.", 1, 46, 2, 0, 1);
- 	test_getrrsetbyname("", 1, 1, 0, 0, 0);
--
-+        test_getrrsetbyname("123456789.123456789.123456789.123456789."
-+                            "123456789.123456789.123456789.123456789."
-+                            "123456789.123456789.123456789.123456789."
-+                            "123456789.123456789.123456789.123456789."
-+                            "123456789.123456789.123456789.123456789."
-+                            "123456789.123456789.123456789.123456789."
-+                            "123456789", 1, 1, 0, 0, 0);
-+ 
- 	if (fails == 0)
- 		printf("I:ok\n");
- 	return (fails);
--- 
-2.7.4
-