diff --git a/.cvsignore b/.cvsignore index 1fadf72..6eefbaf 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,4 +1,4 @@ config-4.tar.bz2 libbind-man.tar.gz bind-chroot.tar.bz2 -bind-9.5.1b3.tar.gz +bind-9.5.1-P1.tar.gz diff --git a/bind-95-sdlz-include.patch b/bind-95-sdlz-include.patch deleted file mode 100644 index 304b018..0000000 --- a/bind-95-sdlz-include.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff -up bind-9.5.1b2/lib/dns/include/dns/Makefile.in.includes bind-9.5.1b2/lib/dns/include/dns/Makefile.in ---- bind-9.5.1b2/lib/dns/include/dns/Makefile.in.includes 2007-09-12 03:09:08.000000000 +0200 -+++ bind-9.5.1b2/lib/dns/include/dns/Makefile.in 2008-10-30 13:00:33.000000000 +0100 -@@ -23,14 +23,14 @@ top_srcdir = @top_srcdir@ - - HEADERS = acl.h adb.h byaddr.h cache.h callbacks.h \ - cert.h compress.h \ -- db.h dbiterator.h dbtable.h diff.h dispatch.h \ -+ db.h dbiterator.h dbtable.h diff.h dispatch.h dlz.h \ - dnssec.h ds.h events.h fixedname.h iptable.h journal.h keyflags.h \ - keytable.h keyvalues.h lib.h log.h master.h masterdump.h \ - message.h name.h ncache.h \ - nsec.h peer.h portlist.h rbt.h rcode.h \ - rdata.h rdataclass.h rdatalist.h rdataset.h rdatasetiter.h \ - rdataslab.h rdatatype.h request.h resolver.h result.h \ -- rootns.h sdb.h secalg.h secproto.h soa.h ssu.h \ -+ rootns.h sdb.h secalg.h secproto.h sdlz.h soa.h ssu.h \ - tcpmsg.h time.h tkey.h \ - tsig.h ttl.h types.h validator.h version.h view.h xfrin.h \ - zone.h zonekey.h zt.h -diff -up bind-9.5.1b2/lib/isc/include/isc/Makefile.in.includes bind-9.5.1b2/lib/isc/include/isc/Makefile.in ---- bind-9.5.1b2/lib/isc/include/isc/Makefile.in.includes 2008-10-30 12:59:46.000000000 +0100 -+++ bind-9.5.1b2/lib/isc/include/isc/Makefile.in 2008-10-30 13:00:03.000000000 +0100 -@@ -35,7 +35,7 @@ HEADERS = app.h assertions.h base64.h bi - lfsr.h lib.h list.h log.h \ - magic.h md5.h mem.h msgcat.h msgs.h \ - mutexblock.h netaddr.h ondestroy.h os.h parseint.h \ -- print.h quota.h random.h ratelimiter.h \ -+ print.h quota.h radix.h random.h ratelimiter.h \ - refcount.h region.h resource.h \ - result.h resultclass.h rwlock.h serial.h sha1.h sha2.h \ - sockaddr.h socket.h stdio.h stdlib.h string.h \ diff --git a/bind-96-rh475120.patch b/bind-96-rh475120.patch deleted file mode 100644 index 9359647..0000000 --- a/bind-96-rh475120.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -up bind-9.6.0rc1/lib/dns/dispatch.c.rh475120 bind-9.6.0rc1/lib/dns/dispatch.c ---- bind-9.6.0rc1/lib/dns/dispatch.c.rh475120 2008-11-13 00:10:57.000000000 +0100 -+++ bind-9.6.0rc1/lib/dns/dispatch.c 2008-12-09 15:06:18.000000000 +0100 -@@ -2702,6 +2702,15 @@ get_udpsocket(dns_dispatchmgr_t *mgr, dn - * If this fails 1024 times, we then ask the kernel for - * choosing one. - */ -+ } else { -+ /* Allow to reuse address for non-random ports */ -+ result = open_socket(sockmgr, localaddr, -+ ISC_SOCKET_REUSEADDRESS, &sock); -+ -+ if (result == ISC_R_SUCCESS) -+ *sockp = sock; -+ -+ return (result); - } - - memset(held, 0, sizeof(held)); diff --git a/bind.spec b/bind.spec index f30edec..43fa44e 100644 --- a/bind.spec +++ b/bind.spec @@ -2,8 +2,10 @@ # Red Hat BIND package .spec file # -%define PREVER b3 -%define VERSION %{version}%{PREVER} +#%define PREVER b3 +#%define VERSION %{version}%{PREVER} +%define PATCHVER P1 +%define VERSION %{version}-%{PATCHVER} %{?!SDB: %define SDB 1} %{?!LIBBIND: %define LIBBIND 1} @@ -19,7 +21,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.5.1 -Release: 0.9.3.%{PREVER}%{?dist} +Release: 1.%{PATCHVER}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -56,10 +58,8 @@ Patch16: bind-9.3.2-redhat_doc.patch Patch71: bind-9.5-overflow.patch Patch72: bind-9.5-dlz-64bit.patch Patch87: bind-9.5-parallel-build.patch -Patch95: bind-95-sdlz-include.patch Patch96: bind-95-rh469440.patch Patch97: bind-95-rh452060.patch -Patch98: bind-96-rh475120.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -239,7 +239,6 @@ cp -fp contrib/dbus/{dbus_mgr.h,dbus_service.h} bin/named/include/named %patch85 -p1 -b .libidn3 %patch87 -p1 -b .parallel %patch94 -p1 -b .rh461409 -%patch95 -p1 -b .includes %patch96 -p1 -b .rh469440 %patch97 -p1 -b .rh452060 @@ -250,7 +249,6 @@ for i in bin/named{,-sdb}/{,unix}/Makefile.in; do done %endif -%patch98 -p1 -b .rh475120 :; %build @@ -640,6 +638,12 @@ rm -rf ${RPM_BUILD_ROOT} %{_sbindir}/bind-chroot-admin %changelog +* Thu Jan 08 2009 Adam Tkac 32:9.5.1-1.P1 +- 9.5.1-P1 release (CVE-2009-0025) +- patches merged + - bind-95-sdlz-include.patch + - bind-96-rh475120.patch + * Tue Dec 09 2008 Adam Tkac 32:9.5.1-0.9.3.b3 - allow to reuse address for non-random query-source ports (#475120) diff --git a/sources b/sources index 5499ea0..d7f363e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ de68e10e91e05ab100be879b5bcaa6cb config-4.tar.bz2 13fef79f99fcefebb51d84b08805de51 libbind-man.tar.gz 4faa4395b955e5f8a3d50f308b9fabc8 bind-chroot.tar.bz2 -6618149cd0dc702ce98085b415955a6e bind-9.5.1b3.tar.gz +8afc7f95f4fad1eaaba09596617b8089 bind-9.5.1-P1.tar.gz