Site Navigation

Date:      Fri, 26 Apr 2019 11:03:34 -0700
From:      Cy Schubert <Cy.Schubert@cschubert.com>
To:        Mathieu Arnold <mat@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r499959 - in head/dns/bind914: . files
Message-ID:  <B1B31D4E-DBB7-4221-B56B-D4D461342400@cschubert.com>
In-Reply-To: <201904250717.x3P7HKo8018898@repo.freebsd.org>
References:  <201904250717.x3P7HKo8018898@repo.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On April 25, 2019 12:17:20 AM PDT, Mathieu Arnold <mat@FreeBSD=2Eorg> wrote=
:
>Author: mat
>Date: Thu Apr 25 07:17:20 2019
>New Revision: 499959
>URL: https://svnweb=2Efreebsd=2Eorg/changeset/ports/499959
>
>Log:
>  Update to BIND9 9=2E14=2E1=2E
> =20
>  MFH:		2019Q2
>  Security:	CVE-2018-5743, CVE-2019-6467
>
>Modified:
>  head/dns/bind914/Makefile   (contents, props changed)
>  head/dns/bind914/distinfo   (contents, props changed)
>head/dns/bind914/files/extrapatch-bind-min-override-ttl   (contents,
>props changed)
>head/dns/bind914/files/extrapatch-bind-tools   (contents, props
>changed)
>  head/dns/bind914/files/patch-configure   (contents, props changed)
>  head/dns/bind914/pkg-plist   (contents, props changed)
>
>Modified: head/dns/bind914/Makefile
>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>--- head/dns/bind914/Makefile	Thu Apr 25 07:17:17 2019	(r499958)
>+++ head/dns/bind914/Makefile	Thu Apr 25 07:17:20 2019	(r499959)
>@@ -8,7 +8,7 @@ PORTVERSION=3D	${ISCVERSION:S/-P/P/:S/b/=2Eb/:S/a/=2Ea/:S=
/rc
> PORTREVISION=3D	0
> =2Eelse
> # dns/bind914 here
>-PORTREVISION=3D	1
>+PORTREVISION=3D	0
> =2Eendif
> CATEGORIES=3D	dns net ipv6
> MASTER_SITES=3D	ISC/bind9/${ISCVERSION}
>@@ -36,7 +36,7 @@ RUN_DEPENDS=3D	bind-tools>0:dns/bind-tools
>=20
> USES=3D	compiler:c11 cpe libedit ssl
> # ISC releases things like 9=2E8=2E0-P1, which our versioning doesn't li=
ke
>-ISCVERSION=3D	9=2E14=2E0
>+ISCVERSION=3D	9=2E14=2E1
>=20
> CPE_VENDOR=3D	isc
> CPE_VERSION=3D	${ISCVERSION:C/-=2E*//}
>
>Modified: head/dns/bind914/distinfo
>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>--- head/dns/bind914/distinfo	Thu Apr 25 07:17:17 2019	(r499958)
>+++ head/dns/bind914/distinfo	Thu Apr 25 07:17:20 2019	(r499959)
>@@ -1,3 +1,3 @@
>-TIMESTAMP =3D 1553504518
>-SHA256 (bind-9=2E14=2E0=2Etar=2Egz) =3D
>4edd459830bb97f749e25a5d42a2a4a093d7800e9962fca4300996cf7ea680af
>-SIZE (bind-9=2E14=2E0=2Etar=2Egz) =3D 6290135
>+TIMESTAMP =3D 1556117981
>+SHA256 (bind-9=2E14=2E1=2Etar=2Egz) =3D
>c3c7485d900a03271a9918a071c123e8951871a219f4c1c4383e37717f11db48
>+SIZE (bind-9=2E14=2E1=2Etar=2Egz) =3D 6235968
>
>Modified: head/dns/bind914/files/extrapatch-bind-min-override-ttl
>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>--- head/dns/bind914/files/extrapatch-bind-min-override-ttl	Thu Apr 25
>07:17:17 2019	(r499958)
>+++ head/dns/bind914/files/extrapatch-bind-min-override-ttl	Thu Apr 25
>07:17:20 2019	(r499959)
>@@ -1,4 +1,4 @@
>---- bin/named/config=2Ec=2Eorig	2019-03-13 02:03:34 UTC
>+--- bin/named/config=2Ec=2Eorig	2019-04-06 20:09:59 UTC
> +++ bin/named/config=2Ec
> @@ -179,6 +179,7 @@ options {\n\
>  	notify-source *;\n\
>@@ -8,9 +8,9 @@
>  	provide-ixfr true;\n\
>  	qname-minimization relaxed;\n\
>  	query-source address *;\n\
>---- bin/named/server=2Ec=2Eorig	2019-03-13 02:03:34 UTC
>+--- bin/named/server=2Ec=2Eorig	2019-04-06 20:09:59 UTC
> +++ bin/named/server=2Ec
>-@@ -4162,6 +4162,11 @@ configure_view(dns_view_t *view, dns_viewlist_t
>*viewl
>+@@ -4178,6 +4178,11 @@ configure_view(dns_view_t *view, dns_viewlist_t
>*viewl
>  	}
> =20
>  	obj =3D NULL;
>@@ -22,7 +22,7 @@
>  	result =3D named_config_get(maps, "max-cache-ttl", &obj);
>  	INSIST(result =3D=3D ISC_R_SUCCESS);
>  	view->maxcachettl =3D cfg_obj_asuint32(obj);
>---- lib/dns/include/dns/view=2Eh=2Eorig	2019-03-13 02:03:34 UTC
>+--- lib/dns/include/dns/view=2Eh=2Eorig	2019-04-06 20:09:59 UTC
> +++ lib/dns/include/dns/view=2Eh
> @@ -153,6 +153,7 @@ struct dns_view {
>  	bool			requestnsid;
>@@ -32,9 +32,9 @@
>  	dns_ttl_t			maxncachettl;
>  	dns_ttl_t			mincachettl;
>  	dns_ttl_t			minncachettl;
>---- lib/dns/resolver=2Ec=2Eorig	2019-03-13 02:03:34 UTC
>+--- lib/dns/resolver=2Ec=2Eorig	2019-04-06 20:09:59 UTC
> +++ lib/dns/resolver=2Ec
>-@@ -6009,6 +6009,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name,
>dns_adb
>+@@ -6013,6 +6013,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name,
>dns_adb
>  		}
> =20
>  		/*
>@@ -47,9 +47,9 @@
>  		 * Enforce the configure maximum cache TTL=2E
>  		 */
>  		if (rdataset->ttl > res->view->maxcachettl) {
>---- lib/isccfg/namedconf=2Ec=2Eorig	2019-03-13 02:03:34 UTC
>+--- lib/isccfg/namedconf=2Ec=2Eorig	2019-04-06 20:09:59 UTC
> +++ lib/isccfg/namedconf=2Ec
>-@@ -1899,6 +1899,7 @@ view_clauses[] =3D {
>+@@ -1901,6 +1901,7 @@ view_clauses[] =3D {
>  #endif
>	{ "max-acache-size", &cfg_type_sizenodefault, CFG_CLAUSEFLAG_OBSOLETE
>},
>  	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
>
>Modified: head/dns/bind914/files/extrapatch-bind-tools
>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>--- head/dns/bind914/files/extrapatch-bind-tools	Thu Apr 25 07:17:17
>2019	(r499958)
>+++ head/dns/bind914/files/extrapatch-bind-tools	Thu Apr 25 07:17:20
>2019	(r499959)
>@@ -1,6 +1,6 @@
> Only select the "tools" part of bind for building=2E
>=20
>---- Makefile=2Ein=2Eorig	2019-03-20 05:57:56 UTC
>+--- Makefile=2Ein=2Eorig	2019-04-06 20:09:59 UTC
> +++ Makefile=2Ein
> @@ -14,7 +14,7 @@ top_builddir =3D  @top_builddir@
> =20
>@@ -27,9 +27,9 @@ Only select the "tools" part of bind for building=2E
> =20
>  uninstall::
>  	rm -f ${DESTDIR}${sysconfdir}/bind=2Ekeys
>---- bin/Makefile=2Ein=2Eorig	2019-03-20 05:57:56 UTC
>+--- bin/Makefile=2Ein=2Eorig	2019-04-06 20:09:59 UTC
> +++ bin/Makefile=2Ein
>-@@ -11,7 +11,7 @@ srcdir =3D	@srcdir@
>+@@ -11,8 +11,8 @@ srcdir =3D	@srcdir@
>  VPATH =3D		@srcdir@
>  top_srcdir =3D	@top_srcdir@
> =20
>@@ -39,3 +39,4 @@ Only select the "tools" part of bind for building=2E
> +		@NZD_TOOLS@ @PYTHON_TOOLS@
>  TARGETS =3D
> =20
>+ @BIND9_MAKE_RULES@
>
>Modified: head/dns/bind914/files/patch-configure
>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>--- head/dns/bind914/files/patch-configure	Thu Apr 25 07:17:17
>2019	(r499958)
>+++ head/dns/bind914/files/patch-configure	Thu Apr 25 07:17:20
>2019	(r499959)
>@@ -1,6 +1,6 @@
>---- configure=2Eorig	2019-03-13 02:03:34 UTC
>+--- configure=2Eorig	2019-04-06 20:09:59 UTC
> +++ configure
>-@@ -16318,27 +16318,9 @@ done
>+@@ -16317,27 +16317,9 @@ done
>  		# problems start to show up=2E
>  		saved_libs=3D"$LIBS"
>  		for TRY_LIBS in \
>@@ -30,7 +30,7 @@
>		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as
>$TRY_LIBS" >&5
>  $as_echo_n "checking linking as $TRY_LIBS=2E=2E=2E " >&6; }
>  		    cat confdefs=2Eh - <<_ACEOF >conftest=2E$ac_ext
>-@@ -16381,47 +16363,7 @@ $as_echo "no" >&6; } ;;
>+@@ -16380,47 +16362,7 @@ $as_echo "no" >&6; } ;;
>		no) as_fn_error $? "could not determine proper GSSAPI linkage"
>"$LINENO" 5 ;;
>  		esac
> =20
>@@ -79,7 +79,7 @@
>  		DNS_GSSAPI_LIBS=3D"$LIBS"
> =20
>		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from
>$use_gssapi/lib and $use_gssapi/include" >&5
>-@@ -20928,7 +20870,7 @@ $as_echo "" >&6; }
>+@@ -20924,7 +20866,7 @@ $as_echo "" >&6; }
>  			# Check other locations for includes=2E
>  			# Order is important (sigh)=2E
> =20
>
>Modified: head/dns/bind914/pkg-plist
>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>--- head/dns/bind914/pkg-plist	Thu Apr 25 07:17:17 2019	(r499958)
>+++ head/dns/bind914/pkg-plist	Thu Apr 25 07:17:20 2019	(r499959)
>@@ -36,7 +36,6 @@ include/dns/dns64=2Eh
> include/dns/dnsrps=2Eh
> include/dns/dnssec=2Eh
> include/dns/dnstap=2Eh
>-%%DNSTAP%%include/dns/dnstap=2Epb-c=2Eh
> include/dns/ds=2Eh
> include/dns/dsdigest=2Eh
> include/dns/dyndb=2Eh

Should this and the other bind ports be documented in vuxml? The reason I =
ask is I was showing my manager at $JOB the vuxml site regarding these very=
 CVEs but they are not documented yet=2E

--=20
Pardon the typos and autocorrect, small keyboard in use=2E
Cheers,
Cy Schubert <Cy=2ESchubert@cschubert=2Ecom>
FreeBSD UNIX: <cy@FreeBSD=2Eorg> Web: http://www=2EFreeBSD=2Eorg

	The need of the many outweighs the greed of the few=2E

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B1B31D4E-DBB7-4221-B56B-D4D461342400>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact