aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch')
-rw-r--r--meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch60
1 files changed, 60 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch b/meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch
new file mode 100644
index 0000000000..dea7aaef53
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/CVE-2015-1349.patch
@@ -0,0 +1,60 @@
+CVE-2015-1349 bind: issue in trust anchor management can cause named to crash
+
+commit 2e9d79f169663c9aff5f0dcdc626a2cd2dbb5892
+Author: Evan Hunt <each@isc.org>
+Date: Tue Feb 3 18:30:38 2015 -0800
+
+ [v9_9_6_patch] avoid crash due to managed-key rollover
+
+ 4053. [security] Revoking a managed trust anchor and supplying
+ an untrusted replacement could cause named
+ to crash with an assertion failure.
+ (CVE-2015-1349) [RT #38344]
+
+Upstream Status: Backport from Redhat
+
+https://bugzilla.redhat.com/attachment.cgi?id=993045
+
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+Index: bind-9.9.5/CHANGES
+===================================================================
+--- bind-9.9.5.orig/CHANGES
++++ bind-9.9.5/CHANGES
+@@ -1,3 +1,10 @@
++ --- 9.9.6-P2 released ---
++
++4053. [security] Revoking a managed trust anchor and supplying
++ an untrusted replacement could cause named
++ to crash with an assertion failure.
++ (CVE-2015-1349) [RT #38344]
++
+ --- 9.9.5 released ---
+
+ --- 9.9.5rc2 released ---
+Index: bind-9.9.5/lib/dns/zone.c
+===================================================================
+--- bind-9.9.5.orig/lib/dns/zone.c
++++ bind-9.9.5/lib/dns/zone.c
+@@ -8496,6 +8496,12 @@ keyfetch_done(isc_task_t *task, isc_even
+ namebuf, tag);
+ trustkey = ISC_TRUE;
+ }
++ } else {
++ /*
++ * No previously known key, and the key is not
++ * secure, so skip it.
++ */
++ continue;
+ }
+
+ /* Delete old version */
+@@ -8544,7 +8550,7 @@ keyfetch_done(isc_task_t *task, isc_even
+ trust_key(zone, keyname, &dnskey, mctx);
+ }
+
+- if (!deletekey)
++ if (secure && !deletekey)
+ set_refreshkeytimer(zone, &keydata, now);
+ }
+