From: Minjae Kim <[email protected]> BIND Operational Notification: Zone journal (.jnl) file incompatibility
Upstream-Status: Backporting [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch] CVE: CVE-2020-8625 Signed-off-by: Minjae Kim <[email protected]> Signed-off-by: Steve Sakoman <[email protected]> --- .../bind/bind/CVE-2020-8625.patch | 17 +++++++++++++++++ meta/recipes-connectivity/bind/bind_9.11.22.bb | 1 + 2 files changed, 18 insertions(+) create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch diff --git a/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch b/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch new file mode 100644 index 0000000000..9078f2448e --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch @@ -0,0 +1,17 @@ +Upstream-Status: Backporting [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch] +CVE: CVE-2020-8625 +Signed-off-by: Minjae Kim <[email protected]> + +diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c +index e61d1c600f2..753dc8049fa 100644 +--- a/lib/dns/spnego.c ++++ b/lib/dns/spnego.c +@@ -848,7 +848,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) { + return (ASN1_OVERRUN); + } + +- data->components = malloc(len * sizeof(*data->components)); ++ data->components = malloc((len + 1) * sizeof(*data->components)); + if (data->components == NULL) { + return (ENOMEM); + } diff --git a/meta/recipes-connectivity/bind/bind_9.11.22.bb b/meta/recipes-connectivity/bind/bind_9.11.22.bb index 3b4a299b36..e3b9cacc15 100644 --- a/meta/recipes-connectivity/bind/bind_9.11.22.bb +++ b/meta/recipes-connectivity/bind/bind_9.11.22.bb @@ -18,6 +18,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \ file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ file://0001-avoid-start-failure-with-bind-user.patch \ + file://CVE-2020-8625.patch \ " SRC_URI[sha256sum] = "afc6d8015006f1cabf699ff19f517bb8fd9c1811e5231f26baf51c3550262ac9" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#149033): https://lists.openembedded.org/g/openembedded-core/message/149033 Mute This Topic: https://lists.openembedded.org/mt/81104008/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
