aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind
AgeCommit message (Collapse)Author
2016-05-06bind: CVE-2016-1285 CVE-2016-1286Sona Sarmadi
CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=31e4657cf246e41d4c5c890315cb6cf89a0db25a CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=76c3c9fe9f3f1353b47214b8f98b3d7f53e10bc7 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=ce3cd91caee698cb144e1350c6c78292c6be6339 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
2016-02-29bind: Security fix CVE-2015-8461Armin Kuster
CVE-2015-8461 bind: race condition when handling socket errors can lead to an assertion failure in resolver.c\ (From OE-Core master rev: 1656eaa722952861ec73362776bd0c4826aec3da) Hand applied Changelog changes. Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
2016-02-07bind: Security fix CVE-2015-8704Armin Kuster
CVE-2015-8704 bind: specific APL data could trigger an INSIST in apl_42.c Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-12-23bind: CVE-2015-8000Sona Sarmadi
Fixes a denial of service in BIND. An error in the parsing of incoming responses allows some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. [YOCTO #8838] References: http://www.openwall.com/lists/oss-security/2015/12/15/14 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000 https://bugzilla.redhat.com/attachment.cgi?id=1105581 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
2015-09-18bind: CVE-2015-1349 CVE-2015-4620 CVE-2015-5722Armin Kuster
three security fixes. Signed-off-by: Armin Kuster <akuster@mvista.com>
2015-09-01bind: backport patch for CVE-2015-5477Joshua Lock
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
2015-06-28bind: remove 5 backport patchesRobert Yang
They are backport patches, and verified that the patches are in the source. (From OE-Core rev: 6e4a10ab030c192e2437592538e4713b1ee2032b) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-02-19bind: Fix parallel make issueRobert Yang
Fixed: unix/os.o: file not recognized: File truncated collect2: error: ld returned 1 exit status This is because os.o was built twice: * The implicity rule (depends on unix/os.o) * The "make all" in unix subdir (depends on unix/os.o) Depend on subdirs which is unix only rather than unix/os.o will fix the problem. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-02-14bind: fix and enable parallel buildRobert Yang
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2015-01-28bind: fix typo chown->chmodTing Liu
Signed-off-by: Ting Liu <ting.liu@freescale.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-01-08bind: Update libxml2 check to make it deterministic.Noor
* Firstly configure scritp was testing files from bin folder. In our case we don't copy bin folder to sysroot for target recipes. So added extra check to validate .pc file from lib folder via a patch to configure.in file. * Secondly linxml2 dependency was missing. So added PACKAGECONFIG for libxml2. Signed-off-by: Noor Ahsan <noor_ahsan@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-12-30bind: fix for CVE-2014-8500Sona Sarmadi
[From upstream commit: 603a0e2637b35a2da820bc807f69bcf09c682dce] [YOCTO #7098] External References: =================== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-12-24bind: fix conf.patch to add db.255 configuration fileChen Qi
Add in conf.patch /etc/bind/db.255 file so that we don't get the following error. zone 255.in-addr.arpa/IN: loading from master file /etc/bind/db.255 failed: file not found Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-11-04bind: fix to use correct environment file in service fileChen Qi
Use /etc/default/bind9 as the environment file in named.service. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2014-08-23bind: refer ubuntu/redhat to add bind user/groupHongxu Jia
We refer what ubuntu/redhat did, gave bind a user/group Here is the example in ubuntu 14.04: $ ps -eo user,group,cmd | grep "named" ... bind bind /usr/sbin/named -u bind ... $vim bind9_1%3a9.9.5.dfsg-3_amd64.deb/postinst ... # lets give them a bind user/group in all cases. getent group bind >/dev/null 2>&1 || addgroup --system bind getent passwd bind >/dev/null 2>&1 || adduser --system --home /var/cache/bind --no-create-home \ --disabled-password --ingroup bind bind ... Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-25Upstream-Status CleanupsSaul Wold
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-25bind: add support for read-only rootfsChen Qi
This patch adds support for read-only rootfs to the bind service. Basically it just bind mounts several directories so that the bind service could start correctly without reporting any error. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-24bind: add systemd supportChen Qi
Add systemd support for bind. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-11bind: Update to 9.9.5Saul Wold
Remove CVE patches that are in bind Updated COPYRIGHT includes date changes the NetBSD Copyright Modifies the Base BSD License to 3-Clause (removes advertising clause)w Add patch to disable running tests on host Add python-core to RDEPENDS for dnssec-checkds and dnssec-coverage and fix path to python Signed-off-by: Saul Wold <sgw@linux.intel.com>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-09-26 05:31:16 +0000