upstream/oracle/userland-gate: components/bind/patches/002-RT40046.patch@20f6eb6fe1fc

summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help


This patch was obtained from ISC for 9.6-ESV-R11-P2. The patch can
only be obtained from [email protected] on an as needed
basis.

--- a/CHANGES	Thu Jul 23 10:45:58 2015
+++ b/CHANGES	Thu Jul 23 10:45:58 2015
@@ -1,3 +1,9 @@
+	--- 9.6-ESV-R11-P2 released ---
+
+4165.	[security]	A failure to reset a value to NULL in tkey.c could
+			result in an assertion failure. (CVE-2015-5477)
+			[RT #40046]
+
 	--- 9.6-ESV-R11-P1 released ---
 
 4006.	[security]	A flaw in delegation handling could be exploited
diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c
index 66210d5..34ad90b 100644
--- a/lib/dns/tkey.c
+++ b/lib/dns/tkey.c
@@ -654,6 +654,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx,
 		 * Try the answer section, since that's where Win2000
 		 * puts it.
 		 */
+		name = NULL;
 		if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
 					 dns_rdatatype_tkey, 0, &name,
 					 &tkeyset) != ISC_R_SUCCESS) {
diff --git version version
index 1be3c16..2058444 100644
--- a/version
+++ b/version
@@ -10,4 +10,4 @@ MINORVER=6
 PATCHVER=
 RELEASETYPE=-ESV
 RELEASEVER=-R11
-EXTENSIONS=-P1
+EXTENSIONS=-P2

author	Stacy Yeh <stacy.yeh@oracle.com>
	Mon, 31 Aug 2015 13:48:06 -0700
changeset 4831	20f6eb6fe1fc
parent 4707	fe1e5f43abc3
permissions	-rw-r--r--