summaryrefslogtreecommitdiffstats
path: root/package/psmisc/0002-add-git-version-get.patch
diff options
context:
space:
mode:
authorPeter Korsgaard <peter@korsgaard.com>2017-06-20 22:55:34 +0200
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>2017-06-20 23:14:16 +0200
commite14d89d5e08c47e4e93074cd85cb412af9eafa5e (patch)
tree44b9b450659d390648199a17c7914f3280e0223a /package/psmisc/0002-add-git-version-get.patch
parent79c7873b64aff13a924dc61ff021eefa835d5be9 (diff)
downloadbuildroot-e14d89d5e08c47e4e93074cd85cb412af9eafa5e.tar.gz
buildroot-e14d89d5e08c47e4e93074cd85cb412af9eafa5e.zip
bind: security bump to version 9.11-P1
Fixes the following security issues: CVE-2017-3140 is a denial-of-service vulnerability affecting 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, and 9.10.5-S1 when configured with Response Policy Zones (RPZ) utilizing NSIP or NSDNAME rules. https://kb.isc.org/article/AA-01495/74/CVE-2017-3140 CVE-2017-3141 is a Windows privilege escalation vector affecting 9.2.6-P2+, 9.3.2-P1+, 9.4.x, 9.5.x, 9.6.x, 9.7.x, 9.8.x, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, and 9.10.5-S1. The BIND Windows installer failed to properly quote the service paths, possibly allowing a local user to achieve privilege escalation, if allowed by file system permissions. https://kb.isc.org/article/AA-01496/74/CVE-2017-3141 Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/psmisc/0002-add-git-version-get.patch')
0 files changed, 0 insertions, 0 deletions
OpenPOWER on IntegriCloud