net/krill: Update to 0.12.1

ChangeLog: https://www.nlnetlabs.nl/news/2023/Jan/17/krill.0.12.1-released/

Firstly, this release fixes
[CVE-2023-0158](https://nlnetlabs.nl/downloads/routinator/CVE-2023-0158.txt)

Secondly, locking was added in this release to ensure that updates
to the repository content are always applied sequentially. This
fixes a concurrency issue introduced in Krill 0.12.0 that could
result in rejecting an update from a publishing CA.

PR:		269050
Reported by:	jaap@NLnetLabs.nl (maintainer)
MFH:		2023Q1 (security fix)
Security:	CVE-2023-0158

(cherry picked from commit bb104a8ee1)
This commit is contained in:
Jaap Akkerhuis 2023-01-21 18:10:44 +01:00 committed by Fernando Apesteguía
parent abda034c4a
commit 53a33b8879
3 changed files with 278 additions and 277 deletions

View File

@ -1,7 +1,6 @@
PORTNAME= krill
DISTVERSIONPREFIX= v
DISTVERSION= 0.12.0
PORTREVISION= 2
DISTVERSION= 0.12.1
CATEGORIES= net
MAINTAINER= jaap@NLnetLabs.nl
@ -24,278 +23,6 @@ USE_RC_SUBR= ${PORTNAME}
USERS= ${PORTNAME}
GROUPS= ${PORTNAME}
CARGO_CRATES= addr2line-0.17.0 \
adler-1.0.2 \
adler32-1.2.0 \
aho-corasick-0.7.18 \
android_system_properties-0.1.5 \
ansi_term-0.12.1 \
ascii-1.0.0 \
ascii-canvas-3.0.0 \
atty-0.2.14 \
autocfg-1.1.0 \
backoff-0.3.0 \
backtrace-0.3.66 \
base64-0.13.0 \
basic-cookies-0.1.4 \
bcder-0.7.0 \
bit-set-0.5.2 \
bit-vec-0.6.3 \
bitflags-1.3.2 \
block-buffer-0.9.0 \
block-buffer-0.10.2 \
bumpalo-3.10.0 \
bytes-1.1.0 \
cc-1.0.73 \
cfg-if-1.0.0 \
chrono-0.4.22 \
chunked_transfer-1.4.0 \
cipher-0.2.5 \
clap-2.34.0 \
codespan-reporting-0.11.1 \
core-foundation-0.9.3 \
core-foundation-sys-0.8.3 \
cpufeatures-0.2.2 \
crc32fast-1.3.2 \
crunchy-0.2.2 \
crypto-common-0.1.6 \
crypto-mac-0.10.1 \
cryptoki-0.3.0 \
cryptoki-sys-0.1.4 \
ctrlc-3.2.2 \
cxx-1.0.79 \
cxx-build-1.0.79 \
cxxbridge-flags-1.0.79 \
cxxbridge-macro-1.0.79 \
derivative-2.2.0 \
deunicode-0.4.3 \
diff-0.1.13 \
digest-0.9.0 \
digest-0.10.3 \
dirs-next-2.0.0 \
dirs-sys-next-0.1.2 \
either-1.7.0 \
ena-0.14.0 \
encoding_rs-0.8.31 \
enum-display-derive-0.1.1 \
enum-flags-0.1.8 \
error-chain-0.11.0 \
fastrand-1.7.0 \
fern-0.5.9 \
fixedbitset-0.4.2 \
fnv-1.0.7 \
foreign-types-0.3.2 \
foreign-types-shared-0.1.1 \
form_urlencoded-1.0.1 \
fslock-0.2.1 \
futures-0.3.21 \
futures-channel-0.3.21 \
futures-core-0.3.21 \
futures-executor-0.3.21 \
futures-io-0.3.21 \
futures-macro-0.3.21 \
futures-sink-0.3.21 \
futures-task-0.3.21 \
futures-util-0.3.21 \
generic-array-0.14.5 \
getrandom-0.2.7 \
gimli-0.26.2 \
h2-0.3.13 \
hashbrown-0.12.3 \
hermit-abi-0.1.19 \
hex-0.4.3 \
hmac-0.10.1 \
http-0.2.8 \
http-body-0.4.5 \
httparse-1.7.1 \
httpdate-1.0.2 \
hyper-0.14.20 \
hyper-tls-0.5.0 \
iana-time-zone-0.1.51 \
iana-time-zone-haiku-0.1.1 \
idna-0.2.3 \
impl-trait-for-tuples-0.2.2 \
indexmap-1.9.1 \
instant-0.1.12 \
intervaltree-0.2.7 \
ipnet-2.5.0 \
itertools-0.10.3 \
itoa-1.0.2 \
jmespatch-0.3.0 \
js-sys-0.3.58 \
kmip-protocol-0.4.2 \
kmip-ttlv-0.3.3 \
lalrpop-0.19.8 \
lalrpop-util-0.19.8 \
lazy_static-1.4.0 \
libc-0.2.126 \
libflate-1.2.0 \
libflate_lz77-1.1.0 \
libloading-0.7.3 \
link-cplusplus-1.0.7 \
lock_api-0.4.7 \
log-0.4.17 \
maplit-1.0.2 \
matchers-0.0.1 \
matches-0.1.9 \
maybe-async-0.2.6 \
memchr-2.5.0 \
mime-0.3.16 \
miniz_oxide-0.5.3 \
mio-0.8.4 \
native-tls-0.2.10 \
new_debug_unreachable-1.0.4 \
nix-0.24.2 \
num-bigint-0.4.3 \
num-integer-0.1.45 \
num-traits-0.2.15 \
num_cpus-1.13.1 \
oauth2-4.2.3 \
object-0.29.0 \
once_cell-1.13.0 \
opaque-debug-0.3.0 \
openidconnect-2.3.2 \
openssl-0.10.41 \
openssl-macros-0.1.0 \
openssl-probe-0.1.5 \
openssl-sys-0.9.75 \
ordered-float-2.10.0 \
oso-0.12.4 \
parking_lot-0.12.1 \
parking_lot_core-0.9.3 \
pbkdf2-0.7.5 \
percent-encoding-2.1.0 \
petgraph-0.6.2 \
phf_shared-0.10.0 \
pico-args-0.4.2 \
pin-project-lite-0.2.9 \
pin-utils-0.1.0 \
pkg-config-0.3.25 \
polar-core-0.12.4 \
ppv-lite86-0.2.16 \
precomputed-hash-0.1.1 \
priority-queue-1.2.2 \
proc-macro2-1.0.40 \
quick-xml-0.23.0 \
quote-1.0.20 \
r2d2-0.8.10 \
rand-0.8.5 \
rand_chacha-0.3.1 \
rand_core-0.6.3 \
redox_syscall-0.2.13 \
redox_users-0.4.3 \
regex-1.6.0 \
regex-automata-0.1.10 \
regex-syntax-0.6.27 \
remove_dir_all-0.5.3 \
reqwest-0.11.11 \
ring-0.16.20 \
rle-decode-fast-1.0.3 \
routecore-0.2.0 \
rpassword-5.0.1 \
rpki-0.15.8 \
rustc-demangle-0.1.21 \
rustc_version-0.4.0 \
rustls-0.19.1 \
rustversion-1.0.8 \
ryu-1.0.10 \
salsa20-0.7.2 \
schannel-0.1.20 \
scheduled-thread-pool-0.2.6 \
scopeguard-1.1.0 \
scratch-1.0.2 \
scrypt-0.6.5 \
sct-0.6.1 \
security-framework-2.6.1 \
security-framework-sys-2.6.1 \
semver-1.0.12 \
serde-1.0.139 \
serde-value-0.7.0 \
serde_bytes-0.11.6 \
serde_derive-1.0.139 \
serde_json-1.0.82 \
serde_path_to_error-0.1.7 \
serde_urlencoded-0.7.1 \
sha2-0.9.9 \
sha2-0.10.2 \
sharded-slab-0.1.4 \
signal-hook-registry-1.4.0 \
siphasher-0.3.10 \
slab-0.4.6 \
slug-0.1.4 \
smallvec-1.9.0 \
socket2-0.4.4 \
spin-0.5.2 \
string_cache-0.8.4 \
strsim-0.8.0 \
subtle-2.4.1 \
syn-1.0.98 \
syslog-4.0.1 \
target-lexicon-0.12.4 \
tempfile-3.3.0 \
term-0.7.0 \
termcolor-1.1.3 \
textwrap-0.11.0 \
thiserror-1.0.31 \
thiserror-impl-1.0.31 \
thread_local-1.1.4 \
time-0.1.44 \
tiny-keccak-2.0.2 \
tiny_http-0.8.2 \
tinyvec-1.6.0 \
tinyvec_macros-0.1.0 \
tokio-1.20.0 \
tokio-macros-1.8.0 \
tokio-native-tls-0.3.0 \
tokio-rustls-0.22.0 \
tokio-util-0.7.3 \
toml-0.5.9 \
tower-service-0.3.2 \
tracing-0.1.35 \
tracing-attributes-0.1.22 \
tracing-core-0.1.28 \
tracing-log-0.1.3 \
tracing-serde-0.1.3 \
tracing-subscriber-0.2.25 \
trait-set-0.2.0 \
try-lock-0.2.3 \
typenum-1.15.0 \
unicode-bidi-0.3.8 \
unicode-ident-1.0.2 \
unicode-normalization-0.1.21 \
unicode-width-0.1.9 \
unicode-xid-0.2.3 \
untrusted-0.7.1 \
url-2.2.2 \
urlparse-0.7.3 \
uuid-1.1.2 \
valuable-0.1.0 \
vcpkg-0.2.15 \
vec_map-0.8.2 \
version_check-0.9.4 \
want-0.3.0 \
wasi-0.10.0+wasi-snapshot-preview1 \
wasi-0.11.0+wasi-snapshot-preview1 \
wasm-bindgen-0.2.81 \
wasm-bindgen-backend-0.2.81 \
wasm-bindgen-futures-0.4.31 \
wasm-bindgen-macro-0.2.81 \
wasm-bindgen-macro-support-0.2.81 \
wasm-bindgen-shared-0.2.81 \
web-sys-0.3.58 \
webpki-0.21.4 \
winapi-0.3.9 \
winapi-i686-pc-windows-gnu-0.4.0 \
winapi-util-0.1.5 \
winapi-x86_64-pc-windows-gnu-0.4.0 \
windows-sys-0.36.1 \
windows_aarch64_msvc-0.36.1 \
windows_i686_gnu-0.36.1 \
windows_i686_msvc-0.36.1 \
windows_x86_64_gnu-0.36.1 \
windows_x86_64_msvc-0.36.1 \
winreg-0.10.1
post-install:
${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/krill
${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/krillc

272
net/krill/Makefile.crates Normal file
View File

@ -0,0 +1,272 @@
CARGO_CRATES= addr2line-0.17.0 \
adler-1.0.2 \
adler32-1.2.0 \
aho-corasick-0.7.18 \
android_system_properties-0.1.5 \
ansi_term-0.12.1 \
ascii-1.0.0 \
ascii-canvas-3.0.0 \
atty-0.2.14 \
autocfg-1.1.0 \
backoff-0.3.0 \
backtrace-0.3.66 \
base64-0.13.0 \
basic-cookies-0.1.4 \
bcder-0.7.0 \
bit-set-0.5.2 \
bit-vec-0.6.3 \
bitflags-1.3.2 \
block-buffer-0.9.0 \
block-buffer-0.10.2 \
bumpalo-3.10.0 \
bytes-1.1.0 \
cc-1.0.73 \
cfg-if-1.0.0 \
chrono-0.4.22 \
chunked_transfer-1.4.0 \
cipher-0.2.5 \
clap-2.34.0 \
codespan-reporting-0.11.1 \
core-foundation-0.9.3 \
core-foundation-sys-0.8.3 \
cpufeatures-0.2.2 \
crc32fast-1.3.2 \
crunchy-0.2.2 \
crypto-common-0.1.6 \
crypto-mac-0.10.1 \
cryptoki-0.3.0 \
cryptoki-sys-0.1.4 \
ctrlc-3.2.2 \
cxx-1.0.79 \
cxx-build-1.0.79 \
cxxbridge-flags-1.0.79 \
cxxbridge-macro-1.0.79 \
derivative-2.2.0 \
deunicode-0.4.3 \
diff-0.1.13 \
digest-0.9.0 \
digest-0.10.3 \
dirs-next-2.0.0 \
dirs-sys-next-0.1.2 \
either-1.7.0 \
ena-0.14.0 \
encoding_rs-0.8.31 \
enum-display-derive-0.1.1 \
enum-flags-0.1.8 \
error-chain-0.11.0 \
fastrand-1.7.0 \
fern-0.5.9 \
fixedbitset-0.4.2 \
fnv-1.0.7 \
foreign-types-0.3.2 \
foreign-types-shared-0.1.1 \
form_urlencoded-1.0.1 \
fslock-0.2.1 \
futures-0.3.21 \
futures-channel-0.3.21 \
futures-core-0.3.21 \
futures-executor-0.3.21 \
futures-io-0.3.21 \
futures-macro-0.3.21 \
futures-sink-0.3.21 \
futures-task-0.3.21 \
futures-util-0.3.21 \
generic-array-0.14.5 \
getrandom-0.2.7 \
gimli-0.26.2 \
h2-0.3.13 \
hashbrown-0.12.3 \
hermit-abi-0.1.19 \
hex-0.4.3 \
hmac-0.10.1 \
http-0.2.8 \
http-body-0.4.5 \
httparse-1.7.1 \
httpdate-1.0.2 \
hyper-0.14.20 \
hyper-tls-0.5.0 \
iana-time-zone-0.1.51 \
iana-time-zone-haiku-0.1.1 \
idna-0.2.3 \
impl-trait-for-tuples-0.2.2 \
indexmap-1.9.1 \
instant-0.1.12 \
intervaltree-0.2.7 \
ipnet-2.5.0 \
itertools-0.10.3 \
itoa-1.0.2 \
jmespatch-0.3.0 \
js-sys-0.3.58 \
kmip-protocol-0.4.2 \
kmip-ttlv-0.3.3 \
lalrpop-0.19.8 \
lalrpop-util-0.19.8 \
lazy_static-1.4.0 \
libc-0.2.126 \
libflate-1.2.0 \
libflate_lz77-1.1.0 \
libloading-0.7.3 \
link-cplusplus-1.0.7 \
lock_api-0.4.7 \
log-0.4.17 \
maplit-1.0.2 \
matchers-0.0.1 \
matches-0.1.9 \
maybe-async-0.2.6 \
memchr-2.5.0 \
mime-0.3.16 \
miniz_oxide-0.5.3 \
mio-0.8.4 \
native-tls-0.2.10 \
new_debug_unreachable-1.0.4 \
nix-0.24.2 \
num-bigint-0.4.3 \
num-integer-0.1.45 \
num-traits-0.2.15 \
num_cpus-1.13.1 \
oauth2-4.2.3 \
object-0.29.0 \
once_cell-1.13.0 \
opaque-debug-0.3.0 \
openidconnect-2.3.2 \
openssl-0.10.41 \
openssl-macros-0.1.0 \
openssl-probe-0.1.5 \
openssl-src-111.22.0+1.1.1q \
openssl-sys-0.9.75 \
ordered-float-2.10.0 \
oso-0.12.4 \
parking_lot-0.12.1 \
parking_lot_core-0.9.3 \
pbkdf2-0.7.5 \
percent-encoding-2.1.0 \
petgraph-0.6.2 \
phf_shared-0.10.0 \
pico-args-0.4.2 \
pin-project-lite-0.2.9 \
pin-utils-0.1.0 \
pkg-config-0.3.25 \
polar-core-0.12.4 \
ppv-lite86-0.2.16 \
precomputed-hash-0.1.1 \
priority-queue-1.2.2 \
proc-macro2-1.0.40 \
quick-xml-0.23.0 \
quote-1.0.20 \
r2d2-0.8.10 \
rand-0.8.5 \
rand_chacha-0.3.1 \
rand_core-0.6.3 \
redox_syscall-0.2.13 \
redox_users-0.4.3 \
regex-1.6.0 \
regex-automata-0.1.10 \
regex-syntax-0.6.27 \
remove_dir_all-0.5.3 \
reqwest-0.11.11 \
ring-0.16.20 \
rle-decode-fast-1.0.3 \
routecore-0.2.0 \
rpassword-5.0.1 \
rpki-0.15.8 \
rustc-demangle-0.1.21 \
rustc_version-0.4.0 \
rustls-0.19.1 \
rustversion-1.0.8 \
ryu-1.0.10 \
salsa20-0.7.2 \
schannel-0.1.20 \
scheduled-thread-pool-0.2.6 \
scopeguard-1.1.0 \
scratch-1.0.2 \
scrypt-0.6.5 \
sct-0.6.1 \
security-framework-2.6.1 \
security-framework-sys-2.6.1 \
semver-1.0.12 \
serde-1.0.139 \
serde-value-0.7.0 \
serde_bytes-0.11.6 \
serde_derive-1.0.139 \
serde_json-1.0.82 \
serde_path_to_error-0.1.7 \
serde_urlencoded-0.7.1 \
sha2-0.9.9 \
sha2-0.10.2 \
sharded-slab-0.1.4 \
signal-hook-registry-1.4.0 \
siphasher-0.3.10 \
slab-0.4.6 \
slug-0.1.4 \
smallvec-1.9.0 \
socket2-0.4.4 \
spin-0.5.2 \
string_cache-0.8.4 \
strsim-0.8.0 \
subtle-2.4.1 \
syn-1.0.98 \
syslog-4.0.1 \
target-lexicon-0.12.4 \
tempfile-3.3.0 \
term-0.7.0 \
termcolor-1.1.3 \
textwrap-0.11.0 \
thiserror-1.0.31 \
thiserror-impl-1.0.31 \
thread_local-1.1.4 \
time-0.1.44 \
tiny-keccak-2.0.2 \
tiny_http-0.8.2 \
tinyvec-1.6.0 \
tinyvec_macros-0.1.0 \
tokio-1.20.0 \
tokio-macros-1.8.0 \
tokio-native-tls-0.3.0 \
tokio-rustls-0.22.0 \
tokio-util-0.7.3 \
toml-0.5.9 \
tower-service-0.3.2 \
tracing-0.1.35 \
tracing-attributes-0.1.22 \
tracing-core-0.1.28 \
tracing-log-0.1.3 \
tracing-serde-0.1.3 \
tracing-subscriber-0.2.25 \
trait-set-0.2.0 \
try-lock-0.2.3 \
typenum-1.15.0 \
unicode-bidi-0.3.8 \
unicode-ident-1.0.2 \
unicode-normalization-0.1.21 \
unicode-width-0.1.9 \
unicode-xid-0.2.3 \
untrusted-0.7.1 \
url-2.2.2 \
urlparse-0.7.3 \
uuid-1.1.2 \
valuable-0.1.0 \
vcpkg-0.2.15 \
vec_map-0.8.2 \
version_check-0.9.4 \
want-0.3.0 \
wasi-0.10.0+wasi-snapshot-preview1 \
wasi-0.11.0+wasi-snapshot-preview1 \
wasm-bindgen-0.2.81 \
wasm-bindgen-backend-0.2.81 \
wasm-bindgen-futures-0.4.31 \
wasm-bindgen-macro-0.2.81 \
wasm-bindgen-macro-support-0.2.81 \
wasm-bindgen-shared-0.2.81 \
web-sys-0.3.58 \
webpki-0.21.4 \
winapi-0.3.9 \
winapi-i686-pc-windows-gnu-0.4.0 \
winapi-util-0.1.5 \
winapi-x86_64-pc-windows-gnu-0.4.0 \
windows-sys-0.36.1 \
windows_aarch64_msvc-0.36.1 \
windows_i686_gnu-0.36.1 \
windows_i686_msvc-0.36.1 \
windows_x86_64_gnu-0.36.1 \
windows_x86_64_msvc-0.36.1 \
winreg-0.10.1

View File

@ -1,4 +1,4 @@
TIMESTAMP = 1668451838
TIMESTAMP = 1673983339
SHA256 (rust/crates/addr2line-0.17.0.crate) = b9ecd88a8c8378ca913a680cd98f0f13ac67383d35993f86c90a70e3f137816b
SIZE (rust/crates/addr2line-0.17.0.crate) = 32260
SHA256 (rust/crates/adler-1.0.2.crate) = f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe
@ -267,6 +267,8 @@ SHA256 (rust/crates/openssl-macros-0.1.0.crate) = b501e44f11665960c7e7fcf062c7d9
SIZE (rust/crates/openssl-macros-0.1.0.crate) = 5566
SHA256 (rust/crates/openssl-probe-0.1.5.crate) = ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf
SIZE (rust/crates/openssl-probe-0.1.5.crate) = 7227
SHA256 (rust/crates/openssl-src-111.22.0+1.1.1q.crate) = 8f31f0d509d1c1ae9cada2f9539ff8f37933831fd5098879e482aa687d659853
SIZE (rust/crates/openssl-src-111.22.0+1.1.1q.crate) = 5103224
SHA256 (rust/crates/openssl-sys-0.9.75.crate) = e5f9bd0c2710541a3cda73d6f9ac4f1b240de4ae261065d309dbe73d9dceb42f
SIZE (rust/crates/openssl-sys-0.9.75.crate) = 60028
SHA256 (rust/crates/ordered-float-2.10.0.crate) = 7940cf2ca942593318d07fcf2596cdca60a85c9e7fab408a5e21a4f9dcd40d87
@ -541,5 +543,5 @@ SHA256 (rust/crates/windows_x86_64_msvc-0.36.1.crate) = c811ca4a8c853ef420abd859
SIZE (rust/crates/windows_x86_64_msvc-0.36.1.crate) = 661999
SHA256 (rust/crates/winreg-0.10.1.crate) = 80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d
SIZE (rust/crates/winreg-0.10.1.crate) = 25725
SHA256 (NLnetLabs-krill-v0.12.0_GH0.tar.gz) = 972cebafb3548388775ba2bdd6782060fda6c4ff19ffe3ce467ef0214c8d7fdf
SIZE (NLnetLabs-krill-v0.12.0_GH0.tar.gz) = 13972218
SHA256 (NLnetLabs-krill-v0.12.1_GH0.tar.gz) = 4a4281280c386ccca8c59b9d1a99b4cfef54f0202a561eb2cf2049849791d048
SIZE (NLnetLabs-krill-v0.12.1_GH0.tar.gz) = 13974726