1 files changed, 0 insertions, 29 deletions

diff --git a/meta/recipes-connectivity/bind/bind/CVE-2020-8617.patch b/meta/recipes-connectivity/bind/bind/CVE-2020-8617.patch
deleted file mode 100644
index d8769c45cc..0000000000
--- a/meta/recipes-connectivity/bind/bind/CVE-2020-8617.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-Upstream-Status: Backport [https://downloads.isc.org/isc/bind9/9.11.19/patches/CVE-2020-8617.patch]
-CVE: CVE-2020-8617
-Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
----
-diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c
-index b597a18d49..6357a3a486 100644
---- a/lib/dns/tsig.c
-+++ b/lib/dns/tsig.c
-@@ -1427,8 +1424,9 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
- 			goto cleanup_context;
- 		}
- 		msg->verified_sig = 1;
--	} else if (tsig.error != dns_tsigerror_badsig &&
--		   tsig.error != dns_tsigerror_badkey) {
-+	} else if (!response || (tsig.error != dns_tsigerror_badsig &&
-+				 tsig.error != dns_tsigerror_badkey))
-+	{
- 		tsig_log(msg->tsigkey, 2, "signature was empty");
- 		return (DNS_R_TSIGVERIFYFAILURE);
- 	}
-@@ -1484,7 +1482,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
- 		}
- 	}
- 
--	if (tsig.error != dns_rcode_noerror) {
-+	if (response && tsig.error != dns_rcode_noerror) {
- 		msg->tsigstatus = tsig.error;
- 		if (tsig.error == dns_tsigerror_badtime)
- 			ret = DNS_R_CLOCKSKEW;