MFH: r565906 r565907

Update to 9.11.28 & 9.16.12 Security: CVE-2020-8625
svn path=/branches/2021Q1/; revision=565908
2021-02-18 07:06:48 +00:00 · 2021-02-18 07:06:48 +00:00 · f8289eccfa · 2021-03-31 03:12:20 +00:00
parent 04c45bc5e0
commit f8289eccfa
7 changed files with 22 additions and 22 deletions
--- a/dns/bind911/Makefile
+++ b/dns/bind911/Makefile
@ -24,7 +24,7 @@ RUN_DEPENDS=	bind-tools>0:dns/bind-tools
 USES=	cpe libedit pkgconfig

 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.11.27
+ISCVERSION=	9.11.28

 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
--- a/dns/bind911/distinfo
+++ b/dns/bind911/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1611312288
-SHA256 (bind-9.11.27.tar.gz) = 4cf9f244e2ae63fb4cf846b87c89f3f7d15e83c075d65165ef89a8ff1b376702
-SIZE (bind-9.11.27.tar.gz) = 8289413
+TIMESTAMP = 1613395465
+SHA256 (bind-9.11.28.tar.gz) = 1090cbe6caba37c404d1075887da7e5282ae9a2bc6172d722df15cd480975e74
+SIZE (bind-9.11.28.tar.gz) = 8295208
--- a/dns/bind911/files/patch-configure
+++ b/dns/bind911/files/patch-configure
@ -3,7 +3,7 @@
 - Make sure only json-c is detected.
 - Cleanup the BDB discovery code to find more recent versions.

--- configure.orig	2020-11-16 21:14:24 UTC
+--- configure.orig	2021-02-04 13:06:04 UTC
 +++ configure
@@ -15692,27 +15692,9 @@ done
 		# problems start to show up.
@ -124,7 +124,7 @@
 			have_libjson_c="yes"
 		else
 			as_fn_error $? "$use_libjson/include/json{,-c}/json.h not found." "$LINENO" 5
-@@ -24986,7 +24915,7 @@ $as_echo "" >&6; }
+@@ -24987,7 +24916,7 @@ $as_echo "" >&6; }
 			# Check other locations for includes.
 			# Order is important (sigh).
 
--- a/dns/bind916/Makefile
+++ b/dns/bind916/Makefile
@ -41,7 +41,7 @@ RUN_DEPENDS=	bind-tools>0:dns/bind-tools

 USES=		compiler:c11 cpe libedit pkgconfig ssl tar:xz
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.16.11
+ISCVERSION=	9.16.12

 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
--- a/dns/bind916/distinfo
+++ b/dns/bind916/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1611312333
-SHA256 (bind-9.16.11.tar.xz) = 0111f64dd7d8f515cfa129e181cce96ff82070d1b27f11a21f6856110d0699c1
-SIZE (bind-9.16.11.tar.xz) = 5007520
+TIMESTAMP = 1613395604
+SHA256 (bind-9.16.12.tar.xz) = 9914af9311fd349cab441097898d94fb28d0bfd9bf6ed04fe1f97f042644da7f
+SIZE (bind-9.16.12.tar.xz) = 5017756
--- a/dns/bind916/files/extrapatch-bind-min-override-ttl
+++ b/dns/bind916/files/extrapatch-bind-min-override-ttl
@ -1,8 +1,8 @@
 Add the override-cache-ttl feature.

--- bin/named/config.c.orig	2021-01-11 13:23:31 UTC
+--- bin/named/config.c.orig	2021-02-04 11:35:16 UTC
 +++ bin/named/config.c
-@@ -179,6 +179,7 @@ options {\n\
+@@ -180,6 +180,7 @@ options {\n\
 	notify-source *;\n\
 	notify-source-v6 *;\n\
 	nsec3-test-zone no;\n\
@ -10,7 +10,7 @@ Add the override-cache-ttl feature.
 	provide-ixfr true;\n\
 	qname-minimization relaxed;\n\
 	query-source address *;\n\
--- bin/named/server.c.orig	2021-01-11 13:23:31 UTC
+--- bin/named/server.c.orig	2021-02-04 11:35:16 UTC
 +++ bin/named/server.c
@@ -4347,6 +4347,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
 	}
@ -24,7 +24,7 @@ Add the override-cache-ttl feature.
 	result = named_config_get(maps, "max-cache-ttl", &obj);
 	INSIST(result == ISC_R_SUCCESS);
 	view->maxcachettl = cfg_obj_asduration(obj);
--- lib/dns/include/dns/view.h.orig	2021-01-11 13:23:31 UTC
+--- lib/dns/include/dns/view.h.orig	2021-02-04 11:35:16 UTC
 +++ lib/dns/include/dns/view.h
@@ -152,6 +152,7 @@ struct dns_view {
 	bool		      requestnsid;
@ -34,9 +34,9 @@ Add the override-cache-ttl feature.
 	dns_ttl_t	      maxncachettl;
 	dns_ttl_t	      mincachettl;
 	dns_ttl_t	      minncachettl;
--- lib/dns/resolver.c.orig	2021-01-11 13:23:31 UTC
+--- lib/dns/resolver.c.orig	2021-02-04 11:35:16 UTC
 +++ lib/dns/resolver.c
-@@ -6281,6 +6281,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
+@@ -6478,6 +6478,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
 		}
 
 		/*
@ -49,9 +49,9 @@ Add the override-cache-ttl feature.
 		 * Enforce the configure maximum cache TTL.
 		 */
 		if (rdataset->ttl > res->view->maxcachettl) {
--- lib/isccfg/namedconf.c.orig	2021-01-11 13:23:31 UTC
+--- lib/isccfg/namedconf.c.orig	2021-02-04 11:35:16 UTC
 +++ lib/isccfg/namedconf.c
-@@ -2023,6 +2023,7 @@ static cfg_clausedef_t view_clauses[] = {
+@@ -2047,6 +2047,7 @@ static cfg_clausedef_t view_clauses[] = {
 #endif /* ifdef HAVE_LMDB */
 	{ "max-acache-size", &cfg_type_sizenodefault, CFG_CLAUSEFLAG_OBSOLETE },
 	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
--- a/dns/bind916/files/patch-configure
+++ b/dns/bind916/files/patch-configure
@ -1,8 +1,8 @@
 Fixup gssapi and db detection.

--- configure.orig	2021-01-11 13:23:31 UTC
+--- configure.orig	2021-02-04 11:35:16 UTC
 +++ configure
-@@ -17708,27 +17708,9 @@ done
+@@ -17701,27 +17701,9 @@ done
 		# problems start to show up.
 		saved_libs="$LIBS"
 		for TRY_LIBS in \
@ -32,7 +32,7 @@ Fixup gssapi and db detection.
 		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
 $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
 		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -17771,47 +17753,7 @@ $as_echo "no" >&6; } ;;
+@@ -17764,47 +17746,7 @@ $as_echo "no" >&6; } ;;
 		no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
 		esac
 
@ -81,7 +81,7 @@ Fixup gssapi and db detection.
 		DNS_GSSAPI_LIBS="$LIBS"
 
 		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
-@@ -23227,7 +23169,7 @@ $as_echo "" >&6; }
+@@ -23199,7 +23141,7 @@ $as_echo "" >&6; }
 			# Check other locations for includes.
 			# Order is important (sigh).