Hello community,
here is the log from the commit of package bind for openSUSE:Factory checked in
at 2020-06-24 15:47:41
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/bind (Old)
and /work/SRC/openSUSE:Factory/.bind.new.2956 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bind"
Wed Jun 24 15:47:41 2020 rev:152 rq:815879 version:9.16.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/bind/bind.changes 2020-05-26
17:14:03.503291979 +0200
+++ /work/SRC/openSUSE:Factory/.bind.new.2956/bind.changes 2020-06-24
15:47:45.176131629 +0200
@@ -1,0 +2,26 @@
+Thu Jun 18 06:35:35 UTC 2020 - Josef Möllers <josef.moell...@suse.com>
+
+- Upgrade to version bind-9.16.4
+ Fixing two security problems:
+ * It was possible to trigger an INSIST when determining
+ whether a record would fit into a TCP message buffer.
+ (CVE-2020-8618)
+ * It was possible to trigger an INSIST in
+ lib/dns/rbtdb.c:new_reference() with a particular zone
+ content and query patterns. (CVE-2020-8619)
+ Also the following functional changes:
+ * Reject DS records at the zone apex when loading
+ master files. Log but otherwise ignore attempts to
+ add DS records at the zone apex via UPDATE.
+ * The default value of "max-stale-ttl" has been changed
+ from 1 week to 12 hours.
+ * Zone timers are now exported via statistics channel.
+ Thanks to Paul Frieden, Verizon Media.
+ Added support for idn2 to spec file (Thanks to Holger Bruenjes
+ <holgerbruen...@gmx.net>).
+ More internal changes see the CHANGES file in the source RPM
+ This update obsoletes Makefile.in.diff
+ [bsc#1172958, CVE-2020-8618, CVE-2020-8619, Makefile.in.diff
+ bind.spec]
+
+-------------------------------------------------------------------
Old:
----
Makefile.in.diff
bind-9.16.3.tar.xz
bind-9.16.3.tar.xz.sha512.asc
New:
----
bind-9.16.4.tar.xz
bind-9.16.4.tar.xz.sha512.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ bind.spec ++++++
--- /var/tmp/diff_new_pack.L5oJH9/_old 2020-06-24 15:47:47.060138495 +0200
+++ /var/tmp/diff_new_pack.L5oJH9/_new 2020-06-24 15:47:47.064138510 +0200
@@ -60,7 +60,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: bind
-Version: 9.16.3
+Version: 9.16.4
Release: 0
Summary: Domain Name System (DNS) Server (named)
License: MPL-2.0
@@ -79,7 +79,6 @@
Source70: bind.conf
Source71: bind-chrootenv.conf
Source72: named.conf
-Patch1: Makefile.in.diff
Patch51: pie_compile.diff
Patch52: named-bootconf.diff
Patch56: bind-ldapdump-use-valid-host.patch
@@ -95,7 +94,7 @@
BuildRequires: update-desktop-files
BuildRequires: pkgconfig(json)
BuildRequires: pkgconfig(krb5)
-BuildRequires: pkgconfig(libidn)
+BuildRequires: pkgconfig(libidn2)
BuildRequires: pkgconfig(libmaxminddb)
BuildRequires: pkgconfig(libuv)
BuildRequires: pkgconfig(libxml-2.0)
@@ -274,7 +273,6 @@
%prep
%setup -q -a1
-%patch1 -p1
%patch51 -p1
%patch52 -p1
%patch56 -p1
@@ -311,6 +309,7 @@
--with-libtool \
--with-libxml2 \
--with-libjson \
+ --with-libidn2 \
--with-dlz-mysql \
--with-dlz-ldap \
--with-randomdev=/dev/urandom \
@@ -521,7 +520,6 @@
%{_mandir}/man8/named-checkconf.8%{ext_man}
%{_mandir}/man8/named-checkzone.8%{ext_man}
%{_mandir}/man8/named.8%{ext_man}
-%{_mandir}/man8/named-compilezone.8%{ext_man}
%{_mandir}/man8/filter-aaaa.8%{ext_man}
%dir %{_datadir}/bind
%{_datadir}/bind/createNamedConfInclude
@@ -643,6 +641,7 @@
%{_mandir}/man1/mdig.1%{ext_man}
%{_mandir}/man1/nslookup.1%{ext_man}
%{_mandir}/man1/nsupdate.1%{ext_man}
+%{_mandir}/man1/dnstap-read.1%{ext_man}
%{_mandir}/man5/rndc.conf.5%{ext_man}
%{_mandir}/man8/ddns-confgen.8%{ext_man}
%{_mandir}/man8/dnssec-dsfromkey.8%{ext_man}
@@ -657,13 +656,13 @@
%{_mandir}/man8/dnssec-coverage.8%{ext_man}
%{_mandir}/man8/dnssec-keymgr.8%{ext_man}
%{_mandir}/man8/dnssec-cds.8%{ext_man}
+%{_mandir}/man8/named-nzd2nzf.8%{ext_man}
# %%{_mandir}/man8/genrandom.8%%{ext_man}
# %%{_mandir}/man8/isc-hmac-fixup.8%%{ext_man}
%{_mandir}/man8/named-journalprint.8%{ext_man}
%{_mandir}/man8/nsec3hash.8%{ext_man}
%{_mandir}/man8/rndc.8%{ext_man}
%{_mandir}/man8/rndc-confgen.8%{ext_man}
-%{_mandir}/man8/tsig-keygen.8%{ext_man}
%files -n python3-bind
%{python3_sitelib}/isc
++++++ bind-9.16.3.tar.xz -> bind-9.16.4.tar.xz ++++++
++++ 156999 lines of diff (skipped)
++++++ pie_compile.diff ++++++
--- /var/tmp/diff_new_pack.L5oJH9/_old 2020-06-24 15:47:48.936145332 +0200
+++ /var/tmp/diff_new_pack.L5oJH9/_new 2020-06-24 15:47:48.940145346 +0200
@@ -1,7 +1,7 @@
-Index: bind-9.14.7/bin/Makefile.in
+Index: bind-9.16.4/bin/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/Makefile.in
-+++ bind-9.14.7/bin/Makefile.in
+--- bind-9.16.4.orig/bin/Makefile.in
++++ bind-9.16.4/bin/Makefile.in
@@ -15,4 +15,8 @@ SUBDIRS = named rndc dig delv dnssec too
@NZD_TOOLS@ @PYTHON_TOOLS@ @PKCS11_TOOLS@ plugins tests
TARGETS =
@@ -11,13 +11,13 @@
@BIND9_MAKE_RULES@
+
+LDFLAGS += -pie
-Index: bind-9.14.7/bin/check/Makefile.in
+Index: bind-9.16.4/bin/check/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/check/Makefile.in
-+++ bind-9.14.7/bin/check/Makefile.in
-@@ -51,8 +51,12 @@ HTMLPAGES = named-checkconf.html named-c
-
- MANOBJS = ${MANPAGES} ${HTMLPAGES}
+--- bind-9.16.4.orig/bin/check/Makefile.in
++++ bind-9.16.4/bin/check/Makefile.in
+@@ -46,8 +46,12 @@ TARGETS = named-checkconf@EXEEXT@ named-
+ # Alphabetically
+ SRCS = named-checkconf.c named-checkzone.c check-tool.c
+EXT_CFLAGS = -fPIE -static
+
@@ -28,11 +28,11 @@
named-checkconf.@O@: named-checkconf.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DVERSION=\"${VERSION}\" \
-Index: bind-9.14.7/bin/confgen/Makefile.in
+Index: bind-9.16.4/bin/confgen/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/confgen/Makefile.in
-+++ bind-9.14.7/bin/confgen/Makefile.in
-@@ -61,8 +61,12 @@ MANOBJS = ${MANPAGES} ${HTMLPAGES}
+--- bind-9.16.4.orig/bin/confgen/Makefile.in
++++ bind-9.16.4/bin/confgen/Makefile.in
+@@ -55,8 +55,12 @@ TARGETS = rndc-confgen@EXEEXT@ ddns-conf
UOBJS = unix/os.@O@
@@ -45,10 +45,10 @@
rndc-confgen.@O@: rndc-confgen.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DRNDC_KEYFILE=\"${sysconfdir}/rndc.key\" \
-Index: bind-9.14.7/bin/confgen/unix/Makefile.in
+Index: bind-9.16.4/bin/confgen/unix/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/confgen/unix/Makefile.in
-+++ bind-9.14.7/bin/confgen/unix/Makefile.in
+--- bind-9.16.4.orig/bin/confgen/unix/Makefile.in
++++ bind-9.16.4/bin/confgen/unix/Makefile.in
@@ -25,4 +25,8 @@ SRCS = os.c
TARGETS = ${OBJS}
@@ -58,13 +58,13 @@
@BIND9_MAKE_RULES@
+
+LDFLAGS += -pie
-Index: bind-9.14.7/bin/dig/Makefile.in
+Index: bind-9.16.4/bin/dig/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/dig/Makefile.in
-+++ bind-9.14.7/bin/dig/Makefile.in
-@@ -62,10 +62,14 @@ HTMLPAGES = dig.html host.html nslookup.
+--- bind-9.16.4.orig/bin/dig/Makefile.in
++++ bind-9.16.4/bin/dig/Makefile.in
+@@ -57,10 +57,14 @@ UOBJS =
- MANOBJS = ${MANPAGES} ${HTMLPAGES}
+ SRCS = dig.c dighost.c host.c nslookup.c
+EXT_CFLAGS = -fPIE -static
+
@@ -77,13 +77,13 @@
dig@EXEEXT@: dig.@O@ dighost.@O@ ${UOBJS} ${DEPLIBS}
export BASEOBJS="dig.@O@ dighost.@O@ ${UOBJS}"; \
export LIBS0="${DNSLIBS} ${IRSLIBS}"; \
-Index: bind-9.14.7/bin/dnssec/Makefile.in
+Index: bind-9.16.4/bin/dnssec/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/dnssec/Makefile.in
-+++ bind-9.14.7/bin/dnssec/Makefile.in
-@@ -59,8 +59,12 @@ HTMLPAGES = dnssec-cds.html dnssec-dsfro
-
- MANOBJS = ${MANPAGES} ${HTMLPAGES}
+--- bind-9.16.4.orig/bin/dnssec/Makefile.in
++++ bind-9.16.4/bin/dnssec/Makefile.in
+@@ -50,8 +50,12 @@ SRCS = dnssec-cds.c dnssec-dsfromkey.c
+ dnssec-settime.c dnssec-signzone.c dnssec-verify.c \
+ dnssectool.c
+EXT_CFLAGS = -fPIE -static
+
@@ -94,13 +94,13 @@
dnssec-cds@EXEEXT@: dnssec-cds.@O@ ${OBJS} ${DEPLIBS}
export BASEOBJS="dnssec-cds.@O@ ${OBJS}"; \
${FINALBUILDCMD}
-Index: bind-9.14.7/bin/named/Makefile.in
+Index: bind-9.16.4/bin/named/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/named/Makefile.in
-+++ bind-9.14.7/bin/named/Makefile.in
-@@ -117,8 +117,12 @@ HTMLPAGES = named.html named.conf.html
-
- MANOBJS = ${MANPAGES} ${HTMLPAGES}
+--- bind-9.16.4.orig/bin/named/Makefile.in
++++ bind-9.16.4/bin/named/Makefile.in
+@@ -117,8 +117,12 @@ SRCS = builtin.c config.c control.c \
+ tkeyconf.c tsigconf.c zoneconf.c \
+ ${DLZDRIVER_SRCS} ${DBDRIVER_SRCS}
+EXT_CFLAGS = -fPIE -static
+
@@ -111,11 +111,11 @@
main.@O@: main.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DVERSION=\"${VERSION}\" \
-Index: bind-9.14.7/bin/named/unix/Makefile.in
+Index: bind-9.16.4/bin/named/unix/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/named/unix/Makefile.in
-+++ bind-9.14.7/bin/named/unix/Makefile.in
-@@ -26,4 +26,8 @@ SRCS = os.c dlz_dlopen_driver.c
+--- bind-9.16.4.orig/bin/named/unix/Makefile.in
++++ bind-9.16.4/bin/named/unix/Makefile.in
+@@ -27,4 +27,8 @@ SRCS = os.c dlz_dlopen_driver.c
TARGETS = ${OBJS}
@@ -124,13 +124,13 @@
@BIND9_MAKE_RULES@
+
+LDFLAGS += -pie
-Index: bind-9.14.7/bin/nsupdate/Makefile.in
+Index: bind-9.16.4/bin/nsupdate/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/nsupdate/Makefile.in
-+++ bind-9.14.7/bin/nsupdate/Makefile.in
-@@ -64,8 +64,12 @@ HTMLPAGES = nsupdate.html
+--- bind-9.16.4.orig/bin/nsupdate/Makefile.in
++++ bind-9.16.4/bin/nsupdate/Makefile.in
+@@ -59,8 +59,12 @@ UOBJS =
- MANOBJS = ${MANPAGES} ${HTMLPAGES}
+ SRCS = nsupdate.c
+EXT_CFLAGS = -fPIE -static
+
@@ -141,13 +141,13 @@
nsupdate.@O@: nsupdate.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DSESSION_KEYFILE=\"${localstatedir}/run/named/session.key\" \
-Index: bind-9.14.7/bin/rndc/Makefile.in
+Index: bind-9.16.4/bin/rndc/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/rndc/Makefile.in
-+++ bind-9.14.7/bin/rndc/Makefile.in
-@@ -51,8 +51,12 @@ HTMLPAGES = rndc.html rndc.conf.html
+--- bind-9.16.4.orig/bin/rndc/Makefile.in
++++ bind-9.16.4/bin/rndc/Makefile.in
+@@ -45,8 +45,12 @@ SRCS= rndc.c
- MANOBJS = ${MANPAGES} ${HTMLPAGES}
+ TARGETS = rndc@EXEEXT@
+EXT_CFLAGS = -fPIE -static
+
@@ -158,13 +158,13 @@
rndc.@O@: rndc.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DVERSION=\"${VERSION}\" \
-Index: bind-9.14.7/bin/tools/Makefile.in
+Index: bind-9.16.4/bin/tools/Makefile.in
===================================================================
---- bind-9.14.7.orig/bin/tools/Makefile.in
-+++ bind-9.14.7/bin/tools/Makefile.in
-@@ -61,8 +61,12 @@ HTMLPAGES = arpaname.html dnstap-read.ht
-
- MANOBJS = ${MANPAGES} ${HTMLPAGES}
+--- bind-9.16.4.orig/bin/tools/Makefile.in
++++ bind-9.16.4/bin/tools/Makefile.in
+@@ -54,8 +54,12 @@ SRCS = arpaname.c named-journalprint.c
+ nsec3hash.c mdig.c \
+ @DNSTAPSRCS@ @NZDSRCS@
+EXT_CFLAGS = -fPIE -static
+
