[oe-commits] Joshua Lock : bind: backport patch for CVE-2015-5477

git at git.openembedded.org git at git.openembedded.org
Tue Sep 1 20:40:46 UTC 2015 

Module: openembedded-core.git
Branch: fido
Commit: ba84c727b9c8c743e7ac87e6c84456f679118af8
URL:    http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=ba84c727b9c8c743e7ac87e6c84456f679118af8

Author: Joshua Lock <joshua.lock at collabora.co.uk>
Date:   Thu Aug 20 11:00:56 2015 +0100

bind: backport patch for CVE-2015-5477

Signed-off-by: Joshua Lock <joshua.lock at collabora.co.uk>

---

 .../bind/bind/cve-2015-5477.patch                  | 24 ++++++++++++++++++++++
 meta/recipes-connectivity/bind/bind_9.9.5.bb       |  1 +
 2 files changed, 25 insertions(+)

diff --git a/meta/recipes-connectivity/bind/bind/cve-2015-5477.patch b/meta/recipes-connectivity/bind/bind/cve-2015-5477.patch
new file mode 100644
index 0000000..5048d98
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/cve-2015-5477.patch
@@ -0,0 +1,24 @@
+From: Mark Andrews <marka at isc.org>
+Date: Tue, 14 Jul 2015 04:48:42 +0000 (+1000)
+Subject: 4165.   [bug]           An failure to reset a value to NULL in tkey.c could
+X-Git-Url: https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff_plain;h=dbb064aa7972ef918d9a235b713108a4846cbb62;hp=faa3b61828dc2c6b92b68cd6e603fe2b9a7d5fdc
+
+4165.   [bug]           An failure to reset a value to NULL in tkey.c could
+                        result in an assertion failure. (CVE-2015-5477)
+                        [RT #40046]
+
+Upstream-Status: Backport
+---
+
+Index: bind-9.9.5/lib/dns/tkey.c
+===================================================================
+--- bind-9.9.5.orig/lib/dns/tkey.c
++++ bind-9.9.5/lib/dns/tkey.c
+@@ -650,6 +650,7 @@ dns_tkey_processquery(dns_message_t *msg
+ 		 * Try the answer section, since that's where Win2000
+ 		 * puts it.
+ 		 */
++		name = NULL;
+ 		if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
+ 					 dns_rdatatype_tkey, 0, &name,
+ 					 &tkeyset) != ISC_R_SUCCESS) {
diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb
index e34cded..9f0ab2f 100644
--- a/meta/recipes-connectivity/bind/bind_9.9.5.bb
+++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb
@@ -21,6 +21,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
            file://bind-add-crosscripts-search-path-for-xml2-config.patch \
            file://bind-subdirs-run-serially.patch \
            file://bind-confgen-build-unix.o-once.patch \
+           file://cve-2015-5477.patch \
 	   "
 
 SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e"

More information about the Openembedded-commits mailing list