code.ossystems Code Review - openembedded-core.git/commit

bind: CVE-2016-1285 CVE-2016-1286

CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure
CVE-2016-1286 bind: malformed signature records for DNAME records can
trigger assertion failure

[YOCTO #9400]

External References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286

References to the Upstream commits and Security Advisories:

CVE-2016-1285: https://kb.isc.org/article/AA-01352
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=e7e15d1302b26a96fa0a5307d6f2cb0d8ad4ea63

CVE-2016-1286: https://kb.isc.org/article/AA-01353
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=456e1eadd2a3a2fb9617e60d4db90ef4ba7c6ba3

https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=499952eb459c9a41d2092f1d98899c131f9103b2

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

author	Sona Sarmadi <sona.sarmadi@enea.com>
	Mon, 25 Apr 2016 01:10:36 +0000 (18:10 -0700)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Mon, 9 May 2016 13:37:19 +0000 (14:37 +0100)
commit	e8bc043f871e507542955ad28de74f67afa9bc36
tree	1b83cc97beeaead7c84839b136211b8997c0ea0b	tree \| snapshot
parent	e49794b9fe3391073138cb6116a46b37dd5119e7	commit \| diff

meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/bind/bind_9.10.2-P4.bb		diff \| blob \| history