bind: security bump to version 9.6-ESV-R9-P1

Fixes CVE-2013-3919 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-07-19 16:41:20 -03:00 · 2013-07-19 16:41:20 -03:00 · 98463e6f87
commit 98463e6f87
parent 717ac05750
5 changed files with 32 additions and 20 deletions
--- a/package/bind/bind.sysvinit
+++ b/package/bind/bind.sysvinit
@ -50,7 +50,7 @@ case "$1" in
 		;;
 	*)
 		echo "Usage: $0 {start|stop|restart|reload|force-reload}"
-		exit 1 
+		exit 1
 esac

 exit 0
--- a/package/bind/bind-01-disable-tests.patch
+++ b/package/bind/bind-01-disable-tests.patch
@ -0,0 +1,16 @@
+Disable tests to avoid cross-compilation issues (tries to run genrandom).
+
+Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+
+diff -Nura bind-9.6-ESV-R9-P1.orig/bin/Makefile.in bind-9.6-ESV-R9-P1/bin/Makefile.in
+--- bind-9.6-ESV-R9-P1.orig/bin/Makefile.in	2013-06-04 15:30:48.000000000 -0300
+++ bind-9.6-ESV-R9-P1/bin/Makefile.in	2013-07-19 15:32:19.018287733 -0300
+@@ -19,7 +19,7 @@
+ VPATH =		@srcdir@
+ top_srcdir =	@top_srcdir@
+
+-SUBDIRS =	named rndc dig dnssec tests nsupdate check
+SUBDIRS =	named rndc dig dnssec nsupdate check
+ TARGETS =
+
+ @BIND9_MAKE_RULES@
--- a/package/bind/bind-02-cross.patch
+++ b/package/bind/bind-02-cross.patch
@ -1,14 +1,18 @@
+Use host compiler to build 'gen' since it's run when building.
+
+Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+
 diff -Nura bind-9.5.1-P1/lib/dns/Makefile.in bind-9.5.1-P1.gencross/lib/dns/Makefile.in
 --- bind-9.5.1-P1/lib/dns/Makefile.in	2007-09-11 22:09:08.000000000 -0300
 +++ bind-9.5.1-P1.gencross/lib/dns/Makefile.in	2009-03-04 16:35:23.000000000 -0200
@@ -160,8 +160,8 @@
 	./gen -s ${srcdir} > code.h
- 
+
 gen: gen.c
 -	${BUILD_CC} ${BUILD_CFLAGS} -I${top_srcdir}/lib/isc/include \
 -	${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} -o $@ ${srcdir}/gen.c ${BUILD_LIBS}
 +	${HOSTCC} ${HOST_CFLAGS} -I${top_srcdir}/lib/isc/include \
 +	${HOST_LDFLAGS} -o $@ ${srcdir}/gen.c
- 
+
 rbtdb64.@O@: rbtdb.c
- 
+
--- a/package/bind/bind-susv3-legacy.patch
+++ b/package/bind/bind-susv3-legacy.patch
@ -1,12 +0,0 @@
-diff -Nura bind-9.5.2-P1/lib/isc/unix/ifiter_ioctl.c bind-9.5.2-P1.nosusv3/lib/isc/unix/ifiter_ioctl.c
--- bind-9.5.2-P1/lib/isc/unix/ifiter_ioctl.c	2009-02-15 22:53:58.000000000 -0200
-+++ bind-9.5.2-P1.nosusv3/lib/isc/unix/ifiter_ioctl.c	2009-12-03 13:12:56.000000000 -0300
-@@ -17,6 +17,8 @@
- 
- /* $Id: ifiter_ioctl.c,v 1.58.90.3 2009/02/16 00:53:58 marka Exp $ */
- 
-+#include <string.h>
-+
- /*! \file
-  * \brief
-  * Obtain the list of network interfaces using the SIOCGLIFCONF ioctl.
--- a/package/bind/bind.mk
+++ b/package/bind/bind.mk
@ -1,10 +1,10 @@
-################################################################################
+###############################################################################
 #
 # bind
 #
 ################################################################################

-BIND_VERSION = 9.6-ESV-R8
+BIND_VERSION = 9.6-ESV-R9-P1
 BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 BIND_MAKE = $(MAKE1)
 BIND_LICENSE = ISC
@ -35,9 +35,13 @@ else
 	BIND_CONF_OPT += --with-openssl=no
 endif

+define BIND_INSTALL_INIT_SYSV
+	$(INSTALL) -m 0755 -D package/bind/S81named \
+		$(TARGET_DIR)/etc/init.d/S81named
+endef
+
 define BIND_TARGET_INSTALL_FIXES
 	rm -f $(TARGET_DIR)/usr/bin/isc-config.sh
-	$(INSTALL) -m 0755 -D package/bind/bind.sysvinit $(TARGET_DIR)/etc/init.d/S81named
 endef

 BIND_POST_INSTALL_TARGET_HOOKS += BIND_TARGET_INSTALL_FIXES
@ -61,8 +65,8 @@ endif
 define BIND_UNINSTALL_TARGET_CMDS
 	$(BIND_TARGET_REMOVE_SERVER)
 	$(BIND_TARGET_REMOVE_TOOLS)
-	rm -rf $(addprefix $(TARGET_DIR)/usr/lib/, $(BIND_TARGET_LIBS))
 	rm -f $(TARGET_DIR)/etc/init.d/S81named
+	rm -rf $(addprefix $(TARGET_DIR)/usr/lib/, $(BIND_TARGET_LIBS))
 endef

 $(eval $(autotools-package))