bind: update to 9.10.3-P3

Addresses CVE-2015-8704 and CVE-2015-8705

CVE-2015-8704
Allows remote authenticated users to cause a denial of service via a malformed Address Prefix List record

CVE-2015-8705:
When debug loggin is enabled, allows remote attackers to cause a denial of service or have possibly unspecified impact via OPT data or ECS option

[YOCTO 8966]

References:
https://kb.isc.org/article/AA-01346/0/BIND-9.10.3-P3-Release-Notes.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705

Signed-off-by: Ross Burton <ross.burton@intel.com>

diff --git a/meta/recipes-connectivity/bind/bind_9.10.3-P2.bb b/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
similarity index 96%
rename from meta/recipes-connectivity/bind/bind_9.10.3-P2.bb
rename to meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
index 875a0c8f8080c3cdb288e2b08316089542a48741..da414c00dab02cea81f7609d6da981897989a162 100644 (file)
--- a/meta/recipes-connectivity/bind/bind_9.10.3-P2.bb
+++ b/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
@@ -23,8 +23,8 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
            file://0001-lib-dns-gen.c-fix-too-long-error.patch \
            "
 
-SRC_URI[md5sum] = "672dd3c2796b12ac8440f55bcaecfa82"
-SRC_URI[sha256sum] = "4a6c1911ac0d4b6be635b63de3429b6c168ea244043f12bbc8a4eb3368fd6ecd"
+SRC_URI[md5sum] = "bcf7e772b616f7259420a3edc5df350a"
+SRC_URI[sha256sum] = "690810d1fbb72afa629e74638d19cd44e28d2b2e5eb63f55c705ad85d1a4cb83"
 
 ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}"
 EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \