diff options
Diffstat (limited to 'meta/recipes-connectivity/bind/bind/CVE-2020-8617.patch')
-rw-r--r-- | meta/recipes-connectivity/bind/bind/CVE-2020-8617.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2020-8617.patch b/meta/recipes-connectivity/bind/bind/CVE-2020-8617.patch deleted file mode 100644 index d8769c45cc..0000000000 --- a/meta/recipes-connectivity/bind/bind/CVE-2020-8617.patch +++ /dev/null @@ -1,29 +0,0 @@ -Upstream-Status: Backport [https://downloads.isc.org/isc/bind9/9.11.19/patches/CVE-2020-8617.patch] -CVE: CVE-2020-8617 -Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> ---- -diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c -index b597a18d49..6357a3a486 100644 ---- a/lib/dns/tsig.c -+++ b/lib/dns/tsig.c -@@ -1427,8 +1424,9 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, - goto cleanup_context; - } - msg->verified_sig = 1; -- } else if (tsig.error != dns_tsigerror_badsig && -- tsig.error != dns_tsigerror_badkey) { -+ } else if (!response || (tsig.error != dns_tsigerror_badsig && -+ tsig.error != dns_tsigerror_badkey)) -+ { - tsig_log(msg->tsigkey, 2, "signature was empty"); - return (DNS_R_TSIGVERIFYFAILURE); - } -@@ -1484,7 +1482,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, - } - } - -- if (tsig.error != dns_rcode_noerror) { -+ if (response && tsig.error != dns_rcode_noerror) { - msg->tsigstatus = tsig.error; - if (tsig.error == dns_tsigerror_badtime) - ret = DNS_R_CLOCKSKEW; |