From 60f9d69e016b11c468c98ea75ba0a60c44afbbc4 Mon Sep 17 00:00:00 2001
From: Patrick Williams <patrick@stwcx.xyz>
Date: Wed, 17 Aug 2016 14:31:25 -0500
Subject: yocto-poky: Move to import-layers subdir

We are going to import additional layers, so create a subdir to
hold all of the layers that we import with git-subtree.

Change-Id: I6f732153a22be8ca663035c518837e3cc5ec0799
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
---
 .../bind/bind/CVE-2016-1286_1.patch                | 79 ++++++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 import-layers/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch

(limited to 'import-layers/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch')

diff --git a/import-layers/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch b/import-layers/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
new file mode 100644
index 000000000..ae5cc48d9
--- /dev/null
+++ b/import-layers/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
@@ -0,0 +1,79 @@
+From a3d327bf1ceaaeabb20223d8de85166e940b9f12 Mon Sep 17 00:00:00 2001
+From: Mukund Sivaraman <muks@isc.org>
+Date: Mon, 22 Feb 2016 12:22:43 +0530
+Subject: [PATCH] Fix resolver assertion failure due to improper DNAME handling
+ (CVE-2016-1286) (#41753)
+
+(cherry picked from commit 5995fec51cc8bb7e53804e4936e60aa1537f3673)
+
+CVE: CVE-2016-1286
+Upstream-Status: Backport
+
+[Removed doc/arm/notes.xml changes from upstream patch.]
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+diff -ruN a/CHANGES b/CHANGES
+--- a/CHANGES	2016-04-13 07:28:44.940873629 +0200
++++ b/CHANGES	2016-04-13 07:38:38.923167851 +0200
+@@ -1,3 +1,7 @@
++4319.  [security]      Fix resolver assertion failure due to improper
++                       DNAME handling when parsing fetch reply messages.
++                       (CVE-2016-1286) [RT #41753]
++
+ 4318.	[security]	Malformed control messages can trigger assertions
+ 			in named and rndc. (CVE-2016-1285) [RT #41666]
+ 
+diff -ruN a/lib/dns/resolver.c b/lib/dns/resolver.c
+--- a/lib/dns/resolver.c	2016-04-13 07:28:43.088953790 +0200
++++ b/lib/dns/resolver.c	2016-04-13 07:38:20.411968925 +0200
+@@ -6967,21 +6967,26 @@
+ 				isc_boolean_t found_dname = ISC_FALSE;
+ 				dns_name_t *dname_name;
+ 
++				/*
++				 * Only pass DNAME or RRSIG(DNAME).
++				 */
++				if (rdataset->type != dns_rdatatype_dname &&
++				    (rdataset->type != dns_rdatatype_rrsig ||
++				     rdataset->covers != dns_rdatatype_dname))
++					continue;
++
++				/*
++				 * If we're not chaining, then the DNAME and
++				 * its signature should not be external.
++				 */
++				if (!chaining && external) {
++					log_formerr(fctx, "external DNAME");
++					return (DNS_R_FORMERR);
++				}
++
+ 				found = ISC_FALSE;
+ 				aflag = 0;
+ 				if (rdataset->type == dns_rdatatype_dname) {
+-					/*
+-					 * We're looking for something else,
+-					 * but we found a DNAME.
+-					 *
+-					 * If we're not chaining, then the
+-					 * DNAME should not be external.
+-					 */
+-					if (!chaining && external) {
+-						log_formerr(fctx,
+-							    "external DNAME");
+-						return (DNS_R_FORMERR);
+-					}
+ 					found = ISC_TRUE;
+ 					want_chaining = ISC_TRUE;
+ 					POST(want_chaining);
+@@ -7010,9 +7015,7 @@
+ 							&fctx->domain)) {
+ 						return (DNS_R_SERVFAIL);
+ 					}
+-				} else if (rdataset->type == dns_rdatatype_rrsig
+-					   && rdataset->covers ==
+-					   dns_rdatatype_dname) {
++				} else {
+ 					/*
+ 					 * We've found a signature that
+ 					 * covers the DNAME.
-- 
cgit v1.2.1