]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 91a001f) | patch
bind: CVE-2015-8000
authorSona Sarmadi <sona.sarmadi@enea.com>
Mon, 21 Dec 2015 11:35:20 +0000 (12:35 +0100)
committerJoshua Lock <joshua.lock@collabora.co.uk>
Wed, 23 Dec 2015 13:25:45 +0000 (13:25 +0000)
commit5e1c3942a02564904ee2b2e24004b9679d649b4e
tree6d7c877ab6d8c1e4670c20c641f17ca93ddd0146tree | snapshot
parent91a001fc74dd13ea9e5249aa624ad360ce807349commit | diff
bind: CVE-2015-8000

Fixes a denial of service in BIND.

An error in the parsing of incoming responses allows some
records with an incorrect class to be accepted by BIND
instead of being rejected as malformed. This can trigger
a REQUIRE assertion failure when those records are subsequently
cached.

[YOCTO #8838]

References:
http://www.openwall.com/lists/oss-security/2015/12/15/14
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
https://bugzilla.redhat.com/attachment.cgi?id=1105581

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch [new file with mode: 0644] blob
meta/recipes-connectivity/bind/bind_9.9.5.bb diff | blob | history
Mirror of the official openembedded-core repository