On 03/09/2016 03:09 PM, Joshua G Lock wrote:
Hi Mariano,
Thanks for the patch.
On Tue, 2016-03-08 at 10:26 +0000, [email protected] wrote:
From: Mariano Lopez <[email protected]>
ISC DHCP allows remote attackers to cause a denial of
service (application crash) via an invalid length field
in a UDP IPv4 packet.
Signed-off-by: Mariano Lopez <[email protected]>
---
.../dhcp/dhcp/CVE-2015-8605.patch | 99
++++++++++++++++
.../dhcp/dhcp/CVE-2015-8605_1.patch | 131
+++++++++++++++++++++
meta/recipes-connectivity/dhcp/dhcp_4.3.1.bb | 2 +
3 files changed, 232 insertions(+)
create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2015-
8605.patch
create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2015-
8605_1.patch
diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch
b/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch
new file mode 100644
index 0000000..923d5d5
--- /dev/null
+++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch
@@ -0,0 +1,99 @@
+Solves CVE-2015-8605 that caused DoS when an invalid lenght field in
lenght -> length
IPv4 UDP
+was recived by the server.
+
+Upstream-Status: Backport
Can you include some more information about the backport, i.e. the
version the patch was backported from, in the Upstream-Status: field so
that it's easier to determine why this patch isn't required in jethro
and master?
This patch is needed for master and jethro. I've already sent the patch
for them. For fido is slight different because it needed 2 patches
instead of one, nevertheless, I will add this information to the patch.
Mariano
--
_______________________________________________
Openembedded-core mailing list
[email protected]
http://lists.openembedded.org/mailman/listinfo/openembedded-core
