diff options
author | Roy.Li <rongqing.li@windriver.com> | 2013-06-13 13:51:51 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-06-17 16:44:35 +0100 |
commit | de1238a589ade1220d51cb4b9277cc17479f6f17 (patch) | |
tree | 397384011fef300577a28fbd545b25f5e802de09 /meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2013-2266.patch | |
parent | 3d0f9ee3d2fcce331d35467d5965ff44b825427f (diff) | |
download | openembedded-core-contrib-de1238a589ade1220d51cb4b9277cc17479f6f17.tar.gz |
bind: backport six CVE patches
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Diffstat (limited to 'meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2013-2266.patch')
-rw-r--r-- | meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2013-2266.patch | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2013-2266.patch b/meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2013-2266.patch new file mode 100644 index 0000000000..7ec6deb714 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind-9.8.1/bind-CVE-2013-2266.patch @@ -0,0 +1,41 @@ +bind: fix for CVE-2013-2266 + +Upstream-Status: Backport + +libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, +9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows +remote attackers to cause a denial of service (memory consumption) via a +crafted regular expression, as demonstrated by a memory-exhaustion attack +against a machine running a named process. + +http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2266 + +Signed-off-by Ming Liu <ming.liu@windriver.com> +--- + config.h.in | 3 --- + configure.in | 2 +- + 2 files changed, 1 insertion(+), 4 deletions(-) + +--- a/config.h.in ++++ b/config.h.in +@@ -277,9 +277,6 @@ int sigwait(const unsigned int *set, int + /* Define if your OpenSSL version supports GOST. */ + #undef HAVE_OPENSSL_GOST + +-/* Define to 1 if you have the <regex.h> header file. */ +-#undef HAVE_REGEX_H +- + /* Define to 1 if you have the `setegid' function. */ + #undef HAVE_SETEGID + +--- a/configure.in ++++ b/configure.in +@@ -279,7 +279,7 @@ esac + + AC_HEADER_STDC + +-AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,, ++AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,, + [$ac_includes_default + #ifdef HAVE_SYS_PARAM_H + # include <sys/param.h> |