Hi Mariano, Thanks for the patch.
On Tue, 2016-03-08 at 10:26 +0000, mariano.lo...@linux.intel.com wrote: > From: Mariano Lopez <mariano.lo...@linux.intel.com> > > ISC DHCP allows remote attackers to cause a denial of > service (application crash) via an invalid length field > in a UDP IPv4 packet. > > Signed-off-by: Mariano Lopez <mariano.lo...@linux.intel.com> > --- > .../dhcp/dhcp/CVE-2015-8605.patch | 99 > ++++++++++++++++ > .../dhcp/dhcp/CVE-2015-8605_1.patch | 131 > +++++++++++++++++++++ > meta/recipes-connectivity/dhcp/dhcp_4.3.1.bb | 2 + > 3 files changed, 232 insertions(+) > create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2015- > 8605.patch > create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2015- > 8605_1.patch > > diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch > b/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch > new file mode 100644 > index 0000000..923d5d5 > --- /dev/null > +++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch > @@ -0,0 +1,99 @@ > +Solves CVE-2015-8605 that caused DoS when an invalid lenght field in lenght -> length > IPv4 UDP > +was recived by the server. > + > +Upstream-Status: Backport Can you include some more information about the backport, i.e. the version the patch was backported from, in the Upstream-Status: field so that it's easier to determine why this patch isn't required in jethro and master? > +CVE: CVE-2015-8605 > + > +Signed-off-by: Mariano Lopez <mariano.lo...@linux.intel.com> > + > +==================================================================== > === > +diff --git a/common/packet.c b/common/packet.c <snip> > new file mode 100644 > index 0000000..37a3d72 > --- /dev/null > +++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605_1.patch > @@ -0,0 +1,131 @@ > +This patch is needed for the CVE-2015-8605 that caused DoS when an > invalid lenght field in IPv4 UDP lenght -> length > +was recived by the server. recived -> received > + > +Upstream-Status: Backport Same again, what version was this backported from? Thanks, Joshua -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core