mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-04 22:39:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
4d8f22bc239dbf7f89f5ef5031fced48599f564c
poky/meta/recipes-connectivity/bind/bind/CVE-2022-38177.patch
Mathieu Dubois-Briand 4d8f22bc23 bind: Fix CVEs 2022-2795, 2022-38177, 2022-38178 
(From OE-Core rev: 9632481dc14868c0f92572472834a2a0c4f46e2e)

Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-10-05 08:39:19 +01:00

32 lines
1.0 KiB
Diff
Raw Blame History

From ef3d1a84ff807eea27b4fef601a15932c5ffbfbf Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Thu, 11 Aug 2022 15:15:34 +1000
Subject: [PATCH 2/3] Free eckey on siglen mismatch
Upstream-Status: Backport
CVE: CVE-2022-38177
Reference to upstream patch:
https://gitlab.isc.org/isc-projects/bind9/-/commit/5b2282afff760b1ed3471f6666bdfe8e1d34e590
Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com>
---
lib/dns/opensslecdsa_link.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c
index 83b5b51cd78c..7576e04ac635 100644
--- a/lib/dns/opensslecdsa_link.c
+++ b/lib/dns/opensslecdsa_link.c
@@ -224,7 +224,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
siglen = DNS_SIG_ECDSA384SIZE;
if (sig->length != siglen)
- return (DST_R_VERIFYFAILURE);
+ DST_RET(DST_R_VERIFYFAILURE);
if (!EVP_DigestFinal_ex(evp_md_ctx, digest, &dgstlen))
DST_RET (dst__openssl_toresult3(dctx->category,
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink