bind: CVE-2016-1285 CVE-2016-1286 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Sona Sarmadi <sona.sarmadi@enea.com>	2016-04-13 08:32:15 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-04-14 10:58:27 +0100
commit	080d1a313e4982dd05846b375ebf936c46934d80 (patch)
tree	85f2ff1326f8cc0c3568b6deafb1748eb132f8e8 /meta/classes/npm.bbclass
parent	e951a8970b456de71f6596f061211a48adce3e3a (diff)
download	openembedded-core-contrib-080d1a313e4982dd05846b375ebf936c46934d80.tar.gz

bind: CVE-2016-1285 CVE-2016-1286

Fixes following vulnerabilities: CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: =========================================================== CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=70037e040e587329cec82123e12b9f4f7c945f67 CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=a3d327bf1ceaaeabb20223d8de85166e940b9f12 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=7602be276a73a6eb5431c5acd9718e68a55e8b61 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Ross Burton <ross.burton@intel.com>

Diffstat (limited to 'meta/classes/npm.bbclass')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: