diff options
Diffstat (limited to 'meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch')
-rw-r--r-- | meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch b/meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch new file mode 100644 index 0000000000..dea7aaef53 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch @@ -0,0 +1,60 @@ +CVE-2015-1349 bind: issue in trust anchor management can cause named to crash + +commit 2e9d79f169663c9aff5f0dcdc626a2cd2dbb5892 +Author: Evan Hunt <each@isc.org> +Date: Tue Feb 3 18:30:38 2015 -0800 + + [v9_9_6_patch] avoid crash due to managed-key rollover + + 4053. [security] Revoking a managed trust anchor and supplying + an untrusted replacement could cause named + to crash with an assertion failure. + (CVE-2015-1349) [RT #38344] + +Upstream Status: Backport from Redhat + +https://bugzilla.redhat.com/attachment.cgi?id=993045 + +Signed-off-by: Armin Kuster <akuster@mvista.com> + +Index: bind-9.9.5/CHANGES +=================================================================== +--- bind-9.9.5.orig/CHANGES ++++ bind-9.9.5/CHANGES +@@ -1,3 +1,10 @@ ++ --- 9.9.6-P2 released --- ++ ++4053. [security] Revoking a managed trust anchor and supplying ++ an untrusted replacement could cause named ++ to crash with an assertion failure. ++ (CVE-2015-1349) [RT #38344] ++ + --- 9.9.5 released --- + + --- 9.9.5rc2 released --- +Index: bind-9.9.5/lib/dns/zone.c +=================================================================== +--- bind-9.9.5.orig/lib/dns/zone.c ++++ bind-9.9.5/lib/dns/zone.c +@@ -8496,6 +8496,12 @@ keyfetch_done(isc_task_t *task, isc_even + namebuf, tag); + trustkey = ISC_TRUE; + } ++ } else { ++ /* ++ * No previously known key, and the key is not ++ * secure, so skip it. ++ */ ++ continue; + } + + /* Delete old version */ +@@ -8544,7 +8550,7 @@ keyfetch_done(isc_task_t *task, isc_even + trust_key(zone, keyname, &dnskey, mctx); + } + +- if (!deletekey) ++ if (secure && !deletekey) + set_refreshkeytimer(zone, &keydata, now); + } + |