code.ossystems Code Review - openembedded-core.git/commit

author	Sona Sarmadi <sona.sarmadi@enea.com>
	Tue, 12 Apr 2016 11:25:59 +0000 (13:25 +0200)
committer	Joshua Lock <joshua.g.lock@intel.com>
	Fri, 6 May 2016 14:51:14 +0000 (15:51 +0100)
commit	e289df4daa4b90fb95ae3602c244cba9d56a8c2f
tree	7d8c8fba97bf8930e8d4844304959cd1647774b5	tree \| snapshot
parent	b0720e996dde537d04a9129e7ffdc883836c3cf8	commit \| diff

bind: CVE-2016-1285 CVE-2016-1286

CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure
CVE-2016-1286 bind: malformed signature records for DNAME records can
trigger assertion failure

[YOCTO #9400]

External References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286

References to the Upstream commits and Security Advisories:

CVE-2016-1285: https://kb.isc.org/article/AA-01352
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=31e4657cf246e41d4c5c890315cb6cf89a0db25a

CVE-2016-1286_1: https://kb.isc.org/article/AA-01353
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=76c3c9fe9f3f1353b47214b8f98b3d7f53e10bc7

CVE-2016-1286_2: https://kb.isc.org/article/AA-01353
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=ce3cd91caee698cb144e1350c6c78292c6be6339

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>

meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/bind/bind/fix-typo-in-CVE-2016-1285.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/bind/bind_9.9.5.bb		diff \| blob \| history