From: akuster808 <akuster808@gmail.com>
To: Adrian Bunk <bunk@stusta.de>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH] bind: Whitelist CVE-2019-6470
Date: Sun, 17 Nov 2019 08:14:57 -0800 [thread overview]
Message-ID: <f1fd7ccf-e5c0-ca95-0390-d6fef323686d@gmail.com> (raw)
In-Reply-To: <20191115214605.GA17923@localhost>
On 11/15/19 1:46 PM, Adrian Bunk wrote:
> On Thu, Nov 14, 2019 at 07:18:28AM -0800, akuster808 wrote:
>>
>> On 11/14/19 4:51 AM, Adrian Bunk wrote:
>>> On Thu, Nov 14, 2019 at 12:04:40PM +0000, Ross Burton wrote:
>>>> On 13/11/2019 08:19, Adrian Bunk wrote:
>>>>> +# Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later
>>>>> +CVE_CHECK_WHITELIST += "CVE-2019-6470"
>>>> Can you be a bit more explicit about why this is whitelisted?
>>> Something like
>>> BIND >= 9.11.2 need dhcpd >= 4.4.1, don't report it here since
>>> dhcpd is already recent enough.
>> Actual. checking isc dhcp sources, it appears the fix is sitting in
>> master and has not been merged to any of the stable branches. I have not
>> had the time to unpack and check in an OE env ti validate that.
>>
>> Have you done that?
> At what commit are you looking?
https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=abacf8ad0d8844685e5cd76645a34ef2b8da3253
An like I said "it appears" and I alway verify with what sources get
unpacked. I finally got around to it doing that this morning and the
dhcp does have this fix.
-armin
>
> rt46719 was merged in 2017, actually before 4.4.0.
>
>> - Armin
> cu
> Adrian
>
prev parent reply other threads:[~2019-11-17 16:14 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-13 8:19 [PATCH] bind: Whitelist CVE-2019-6470 Adrian Bunk
2019-11-14 12:04 ` Ross Burton
2019-11-14 12:51 ` Adrian Bunk
2019-11-14 13:16 ` Ross Burton
2019-11-18 14:04 ` Adrian Bunk
2019-11-14 15:18 ` akuster808
2019-11-15 21:46 ` Adrian Bunk
2019-11-17 16:14 ` akuster808 [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f1fd7ccf-e5c0-ca95-0390-d6fef323686d@gmail.com \
--to=akuster808@gmail.com \
--cc=bunk@stusta.de \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox