* [Buildroot] [PATCH] bind: security bump to version 9.9.8-P2
@ 2015-12-17 21:43 Gustavo Zacarias
2015-12-17 21:49 ` Thomas Petazzoni
0 siblings, 1 reply; 2+ messages in thread
From: Gustavo Zacarias @ 2015-12-17 21:43 UTC (permalink / raw)
To: buildroot
Fixes:
Named is potentially vulnerable to the OpenSSL vulnerabilty described in
CVE-2015-3193.
CVE-2015-8461 - Incorrect reference counting could result in an INSIST
failure if a socket error occurred while performing a lookup.
CVE-2015-8000 - Insufficient testing when parsing a message allowed
records with an incorrect class to be be accepted, triggering a REQUIRE
failure when those records were subsequently cached.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/bind/bind.hash | 4 ++--
package/bind/bind.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/bind/bind.hash b/package/bind/bind.hash
index 7f52c55..befc8d7 100644
--- a/package/bind/bind.hash
+++ b/package/bind/bind.hash
@@ -1,2 +1,2 @@
-# Verified from ftp://ftp.isc.org/isc/bind9/9.9.8/bind-9.9.8.tar.gz.sha256.asc
-sha256 643997cdb0dd232a4c9f7c0f1436841fbf325c6b7269e6490bf5f380eda344e3 bind-9.9.8.tar.gz
+# Verified from ftp://ftp.isc.org/isc/bind9/9.9.8-P2/bind-9.9.8-P2.tar.gz.sha256.asc
+sha256 f5841926e19637b93ec0b44b5abfbab2410e692736cf11143d461f656fbdf329 bind-9.9.8-P2.tar.gz
diff --git a/package/bind/bind.mk b/package/bind/bind.mk
index e93b356..0e9a0f4 100644
--- a/package/bind/bind.mk
+++ b/package/bind/bind.mk
@@ -4,7 +4,7 @@
#
################################################################################
-BIND_VERSION = 9.9.8
+BIND_VERSION = 9.9.8-P2
BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION)
BIND_INSTALL_STAGING = YES
BIND_CONFIG_SCRIPTS = bind9-config isc-config.sh
--
2.4.10
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [Buildroot] [PATCH] bind: security bump to version 9.9.8-P2
2015-12-17 21:43 [Buildroot] [PATCH] bind: security bump to version 9.9.8-P2 Gustavo Zacarias
@ 2015-12-17 21:49 ` Thomas Petazzoni
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni @ 2015-12-17 21:49 UTC (permalink / raw)
To: buildroot
Dear Gustavo Zacarias,
On Thu, 17 Dec 2015 18:43:55 -0300, Gustavo Zacarias wrote:
> Fixes:
>
> Named is potentially vulnerable to the OpenSSL vulnerabilty described in
> CVE-2015-3193.
>
> CVE-2015-8461 - Incorrect reference counting could result in an INSIST
> failure if a socket error occurred while performing a lookup.
>
> CVE-2015-8000 - Insufficient testing when parsing a message allowed
> records with an incorrect class to be be accepted, triggering a REQUIRE
> failure when those records were subsequently cached.
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
> package/bind/bind.hash | 4 ++--
> package/bind/bind.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-12-17 21:49 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-12-17 21:43 [Buildroot] [PATCH] bind: security bump to version 9.9.8-P2 Gustavo Zacarias
2015-12-17 21:49 ` Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox