diff options
| author |   Sona Sarmadi <sona.sarmadi@enea.com> | 2016-04-12 13:25:59 +0200 |
|---|---|---|
| committer |   Joshua Lock <joshua.g.lock@intel.com> | 2016-05-06 15:51:14 +0100 |
| commit | e289df4daa4b90fb95ae3602c244cba9d56a8c2f (patch) | |
| tree | 7d8c8fba97bf8930e8d4844304959cd1647774b5 /meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch | |
| parent | b0720e996dde537d04a9129e7ffdc883836c3cf8 (diff) | |
| download | openembedded-core-contrib-e289df4daa4b90fb95ae3602c244cba9d56a8c2f.tar.gz | |
bind: CVE-2016-1285 CVE-2016-1286
CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure
CVE-2016-1286 bind: malformed signature records for DNAME records can
trigger assertion failure
[YOCTO #9400]
External References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286
References to the Upstream commits and Security Advisories:
CVE-2016-1285: https://kb.isc.org/article/AA-01352
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=31e4657cf246e41d4c5c890315cb6cf89a0db25a
CVE-2016-1286_1: https://kb.isc.org/article/AA-01353
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=76c3c9fe9f3f1353b47214b8f98b3d7f53e10bc7
CVE-2016-1286_2: https://kb.isc.org/article/AA-01353
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=ce3cd91caee698cb144e1350c6c78292c6be6339
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Diffstat (limited to 'meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch')
| -rw-r--r-- | meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch b/meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch new file mode 100644 index 0000000000..5858c805df --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch @@ -0,0 +1,31 @@ +From a078c9eeae8c2db7edf2b15ff1d25a3a297c7512 Mon Sep 17 00:00:00 2001 +From: Evan Hunt <each@isc.org> +Date: Wed, 17 Feb 2016 19:13:22 -0800 +Subject: [PATCH] [v9_9] fix backport error + +This fixes typo in the: +CVE-2016-1285.patch [upstream commit 31e4657cf246e41d4c5c890315cb6cf89a0db25a] + +Upstream-Status: Backport + +Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> +--- + lib/isccc/cc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c +index ffcd584..9c7d18c 100644 +--- a/lib/isccc/cc.c ++++ b/lib/isccc/cc.c +@@ -287,7 +287,7 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, + if (!isccc_alist_alistp(_auth)) + return (ISC_R_FAILURE); + hmd5 = isccc_alist_lookup(_auth, "hmd5"); +- if (!isccc_sexpr_binaryp(hmac)) ++ if (!isccc_sexpr_binaryp(hmd5)) + return (ISC_R_FAILURE); + /* + * Compute digest. +-- +1.9.1 + |