diff options
| author |   Sona Sarmadi <sona.sarmadi@enea.com> | 2015-07-30 13:48:55 +0200 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-09-01 21:27:51 +0100 |
| commit | 18a01db3f2430095a4e6966aed5afd738dbc112e (patch) | |
| tree | 64ee9c52551aa59411d161b9d598d4c4ad01cceb | |
| parent | d66a45c52200f73e67ebb3e6e447907bb3334319 (diff) | |
| download | openembedded-core-18a01db3f2430095a4e6966aed5afd738dbc112e.tar.gz | |
bind9.9.5: CVE-2015-5477
Fixed a flaw in the way BIND handled requests for TKEY
DNS resource records.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477
https://kb.isc.org/article/AA-01272
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| -rw-r--r-- | meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch | 45 | ||||
| -rw-r--r-- | meta/recipes-connectivity/bind/bind_9.9.5.bb | 1 |
2 files changed, 46 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch new file mode 100644 index 0000000000..896272a471 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch @@ -0,0 +1,45 @@ +From dbb064aa7972ef918d9a235b713108a4846cbb62 Mon Sep 17 00:00:00 2001 +From: Mark Andrews <marka@isc.org> +Date: Tue, 14 Jul 2015 14:48:42 +1000 +Subject: [PATCH] 4165. [bug] An failure to reset a value to NULL + in tkey.c could result in an assertion failure. + (CVE-2015-5477) [RT #40046] + +Upstream-Status: Backport +[CHANGES file has been edited manually to add CVE-2015-5477 and +an already applied CVE (CVE-2014-8500)]. + +Referenc: https://kb.isc.org/article/AA-01272 + +Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> + +diff -ruN a/CHANGES b/CHANGES +--- a/CHANGES 2014-01-27 19:58:24.000000000 +0100 ++++ b/CHANGES 2015-07-30 11:03:18.871670769 +0200 +@@ -1,4 +1,15 @@ + --- 9.9.5 released --- ++4165. [security] An failure to reset a value to NULL in tkey.c could ++ result in an assertion failure. (CVE-2015-5477) ++ [RT #40046] ++ ++4006. [security] A flaw in delegation handling could be exploited ++ to put named into an infinite loop. This has ++ been addressed by placing limits on the number ++ of levels of recursion named will allow (default 7), ++ and the number of iterative queries that it will ++ send (default 50) before terminating a recursive ++ query (CVE-2014-8500). + + --- 9.9.5rc2 released --- + +diff -ruN a/lib/dns/tkey.c b/lib/dns/tkey.c +--- a/lib/dns/tkey.c 2014-01-27 19:58:24.000000000 +0100 ++++ b/lib/dns/tkey.c 2015-07-30 10:58:30.647945942 +0200 +@@ -650,6 +650,7 @@ + * Try the answer section, since that's where Win2000 + * puts it. + */ ++ name = NULL; + if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname, + dns_rdatatype_tkey, 0, &name, + &tkeyset) != ISC_R_SUCCESS) { diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb index 8e04f8a040..e206cc45d8 100644 --- a/meta/recipes-connectivity/bind/bind_9.9.5.bb +++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb @@ -18,6 +18,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ file://bind9 \ file://init.d-add-support-for-read-only-rootfs.patch \ file://bind9_9_5-CVE-2014-8500.patch \ + file://bind9_9_5-CVE-2015-5477.patch \ " SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e" |