aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMathieu Arnold <mat@FreeBSD.org>2023-01-25 16:30:38 +0000
committerMathieu Arnold <mat@FreeBSD.org>2023-01-25 16:38:17 +0000
commit0605142aa5251025fa1f848d9e310f46056b42e0 (patch)
tree5c4db3af7f83c8de46517e8a2a89a3a8fdd7148b
parent06051415deab060e4b0c44a060d1a19a855fdae5 (diff)
downloadports-0605142aa5251025fa1f848d9e310f46056b42e0.tar.gz
ports-0605142aa5251025fa1f848d9e310f46056b42e0.zip
dns/bind918: upgrade to 9.18.11
Security: CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 Changes: https://downloads.isc.org/isc/bind9/9.18.11/doc/arm/html/notes.html#notes-for-bind-9-18-11 (cherry picked from commit 060654348bd92d7147bcbd6dd524812603b086bb)
-rw-r--r--dns/bind-tools/pkg-plist14
-rw-r--r--dns/bind918/Makefile2
-rw-r--r--dns/bind918/distinfo6
-rw-r--r--dns/bind918/files/extrapatch-bind-min-override-ttl22
-rw-r--r--dns/bind918/files/patch-bin_named_include_named_globals.h4
-rw-r--r--dns/bind918/pkg-plist14
6 files changed, 31 insertions, 31 deletions
diff --git a/dns/bind-tools/pkg-plist b/dns/bind-tools/pkg-plist
index 00a26d4c1253..aa19fe967e91 100644
--- a/dns/bind-tools/pkg-plist
+++ b/dns/bind-tools/pkg-plist
@@ -17,19 +17,19 @@ bin/nsec3hash
bin/nslookup
bin/nsupdate
lib/bind-tools/libbind9.so
-lib/bind-tools/libbind9-9.18.10.so
+lib/bind-tools/libbind9-9.18.11.so
lib/bind-tools/libdns.so
-lib/bind-tools/libdns-9.18.10.so
+lib/bind-tools/libdns-9.18.11.so
lib/bind-tools/libirs.so
-lib/bind-tools/libirs-9.18.10.so
+lib/bind-tools/libirs-9.18.11.so
lib/bind-tools/libisc.so
-lib/bind-tools/libisc-9.18.10.so
+lib/bind-tools/libisc-9.18.11.so
lib/bind-tools/libisccc.so
-lib/bind-tools/libisccc-9.18.10.so
+lib/bind-tools/libisccc-9.18.11.so
lib/bind-tools/libisccfg.so
-lib/bind-tools/libisccfg-9.18.10.so
+lib/bind-tools/libisccfg-9.18.11.so
lib/bind-tools/libns.so
-lib/bind-tools/libns-9.18.10.so
+lib/bind-tools/libns-9.18.11.so
%%MANPAGES%%man/man1/arpaname.1.gz
%%MANPAGES%%man/man1/delv.1.gz
%%MANPAGES%%man/man1/dig.1.gz
diff --git a/dns/bind918/Makefile b/dns/bind918/Makefile
index 3f4bc443785f..123abfcb3a7c 100644
--- a/dns/bind918/Makefile
+++ b/dns/bind918/Makefile
@@ -44,7 +44,7 @@ RUN_DEPENDS= bind-tools>0:dns/bind-tools
USES= autoreconf compiler:c11 cpe libedit libtool pkgconfig ssl tar:xz
# ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION= 9.18.10
+ISCVERSION= 9.18.11
CPE_VENDOR= isc
CPE_VERSION= ${ISCVERSION:C/-.*//}
diff --git a/dns/bind918/distinfo b/dns/bind918/distinfo
index 6c43e59d0d45..c7db19ce39eb 100644
--- a/dns/bind918/distinfo
+++ b/dns/bind918/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1671811414
-SHA256 (bind-9.18.10.tar.xz) = f415a92feb62568b50854a063cb231e257351f8672186d0ab031a49b3de2cac6
-SIZE (bind-9.18.10.tar.xz) = 5261572
+TIMESTAMP = 1674661848
+SHA256 (bind-9.18.11.tar.xz) = 8ff3352812230cbcbda42df87cad961f94163d3da457c5e4bef8057fd5df2158
+SIZE (bind-9.18.11.tar.xz) = 5284184
diff --git a/dns/bind918/files/extrapatch-bind-min-override-ttl b/dns/bind918/files/extrapatch-bind-min-override-ttl
index 38709a475508..fb51bea24e30 100644
--- a/dns/bind918/files/extrapatch-bind-min-override-ttl
+++ b/dns/bind918/files/extrapatch-bind-min-override-ttl
@@ -1,8 +1,8 @@
Add the override-cache-ttl feature.
---- bin/named/config.c.orig 2022-12-12 14:17:37 UTC
+--- bin/named/config.c.orig 2023-01-12 22:21:15 UTC
+++ bin/named/config.c
-@@ -183,6 +183,7 @@ options {\n\
+@@ -184,6 +184,7 @@ options {\n\
notify-source *;\n\
notify-source-v6 *;\n\
nsec3-test-zone no;\n\
@@ -10,9 +10,9 @@ Add the override-cache-ttl feature.
parental-source *;\n\
parental-source-v6 *;\n\
provide-ixfr true;\n\
---- bin/named/server.c.orig 2022-12-12 14:17:37 UTC
+--- bin/named/server.c.orig 2023-01-12 22:21:15 UTC
+++ bin/named/server.c
-@@ -4560,6 +4560,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
+@@ -4547,6 +4547,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
}
obj = NULL;
@@ -24,9 +24,9 @@ Add the override-cache-ttl feature.
result = named_config_get(maps, "max-cache-ttl", &obj);
INSIST(result == ISC_R_SUCCESS);
view->maxcachettl = cfg_obj_asduration(obj);
---- doc/arm/reference.rst.orig 2022-12-12 14:17:37 UTC
+--- doc/arm/reference.rst.orig 2023-01-12 22:21:15 UTC
+++ doc/arm/reference.rst
-@@ -4272,6 +4272,10 @@ Tuning
+@@ -4277,6 +4277,10 @@ Tuning
cannot exceed 7 days and is silently truncated to 7 days if set to a
greater value.
@@ -37,7 +37,7 @@ Add the override-cache-ttl feature.
.. namedconf:statement:: max-cache-ttl
:tags: server
:short: Specifies the maximum time (in seconds) that the server caches ordinary (positive) answers.
---- lib/dns/include/dns/view.h.orig 2022-12-12 14:17:37 UTC
+--- lib/dns/include/dns/view.h.orig 2023-01-12 22:21:15 UTC
+++ lib/dns/include/dns/view.h
@@ -157,6 +157,7 @@ struct dns_view {
bool requestnsid;
@@ -47,9 +47,9 @@ Add the override-cache-ttl feature.
dns_ttl_t maxncachettl;
dns_ttl_t mincachettl;
dns_ttl_t minncachettl;
---- lib/dns/resolver.c.orig 2022-12-12 14:17:37 UTC
+--- lib/dns/resolver.c.orig 2023-01-12 22:21:15 UTC
+++ lib/dns/resolver.c
-@@ -6276,6 +6276,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
+@@ -6253,6 +6253,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
}
/*
@@ -62,9 +62,9 @@ Add the override-cache-ttl feature.
* Enforce the configure maximum cache TTL.
*/
if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig 2022-12-12 14:17:37 UTC
+--- lib/isccfg/namedconf.c.orig 2023-01-12 22:21:15 UTC
+++ lib/isccfg/namedconf.c
-@@ -2094,6 +2094,7 @@ static cfg_clausedef_t view_clauses[] = {
+@@ -2096,6 +2096,7 @@ static cfg_clausedef_t view_clauses[] = {
#endif /* ifdef HAVE_LMDB */
{ "max-acache-size", NULL, CFG_CLAUSEFLAG_ANCIENT },
{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
diff --git a/dns/bind918/files/patch-bin_named_include_named_globals.h b/dns/bind918/files/patch-bin_named_include_named_globals.h
index 6b9d61afe30c..fdf67eea6f38 100644
--- a/dns/bind918/files/patch-bin_named_include_named_globals.h
+++ b/dns/bind918/files/patch-bin_named_include_named_globals.h
@@ -1,8 +1,8 @@
We reference the pid file as being run/named/pid everywere else.
---- bin/named/include/named/globals.h.orig 2021-09-17 07:10:48 UTC
+--- bin/named/include/named/globals.h.orig 2023-01-12 22:21:15 UTC
+++ bin/named/include/named/globals.h
-@@ -133,7 +133,7 @@ EXTERN bool named_g_forcelock INIT(false);
+@@ -132,7 +132,7 @@ EXTERN bool named_g_forcelock INIT(false);
#if NAMED_RUN_PID_DIR
EXTERN const char *named_g_defaultpidfile INIT(NAMED_LOCALSTATEDIR "/run/named/"
diff --git a/dns/bind918/pkg-plist b/dns/bind918/pkg-plist
index 11d3a4d7f837..6d2976e9de80 100644
--- a/dns/bind918/pkg-plist
+++ b/dns/bind918/pkg-plist
@@ -243,19 +243,19 @@ include/ns/xfrout.h
lib/bind/filter-a.so
lib/bind/filter-aaaa.so
lib/libbind9.so
-lib/libbind9-9.18.10.so
+lib/libbind9-9.18.11.so
lib/libdns.so
-lib/libdns-9.18.10.so
+lib/libdns-9.18.11.so
lib/libirs.so
-lib/libirs-9.18.10.so
+lib/libirs-9.18.11.so
lib/libisc.so
-lib/libisc-9.18.10.so
+lib/libisc-9.18.11.so
lib/libisccc.so
-lib/libisccc-9.18.10.so
+lib/libisccc-9.18.11.so
lib/libisccfg.so
-lib/libisccfg-9.18.10.so
+lib/libisccfg-9.18.11.so
lib/libns.so
-lib/libns-9.18.10.so
+lib/libns-9.18.11.so
@comment man/man1/arpaname.1.gz
@comment man/man1/delv.1.gz
@comment man/man1/dig.1.gz