From 7e0d217559d6b6bde934c09692042bbad01a5c28 Mon Sep 17 00:00:00 2001 From: Ralph Siemsen Date: Thu, 31 Mar 2022 11:06:51 -0400 Subject: [PATCH] bind: update to 9.11.37 Security Fixes The rules for acceptance of records into the cache have been tightened to prevent the possibility of poisoning if forwarders send records outside the configured bailiwick. (CVE-2021-25220) License-Update: copyright years (From OE-Core rev: 58aea0c02bb101dbb378afb578b70b8730cce6fd) Signed-off-by: Ralph Siemsen Signed-off-by: Steve Sakoman Signed-off-by: Richard Purdie --- .../bind/{bind_9.11.36.bb => bind_9.11.37.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-connectivity/bind/{bind_9.11.36.bb => bind_9.11.37.bb} (97%) diff --git a/meta/recipes-connectivity/bind/bind_9.11.36.bb b/meta/recipes-connectivity/bind/bind_9.11.37.bb similarity index 97% rename from meta/recipes-connectivity/bind/bind_9.11.36.bb rename to meta/recipes-connectivity/bind/bind_9.11.37.bb index 872baf6d2f..afc8cf0b3b 100644 --- a/meta/recipes-connectivity/bind/bind_9.11.36.bb +++ b/meta/recipes-connectivity/bind/bind_9.11.37.bb @@ -4,7 +4,7 @@ DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" SECTION = "console/network" LICENSE = "ISC & BSD" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=b88e7ca5f21908e1b2720169f6807cf6" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=89a97ebbf713f7125fe5c02223d3ae95" DEPENDS = "openssl libcap zlib" @@ -21,7 +21,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ file://0001-avoid-start-failure-with-bind-user.patch \ " -SRC_URI[sha256sum] = "c953fcb6703b395aaa53e65ff8b2869b69a5303dd60507cba2201305e1811681" +SRC_URI[sha256sum] = "0d8efbe7ec166ada90e46add4267b7e7c934790cba9bd5af6b8380a4fbfb5aff" UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" # stay at 9.11 until 9.16, from 9.16 follow the ESV versions divisible by 4