diff --git a/bind-9.8.0P4.tar.gz b/bind-9.8.0P4.tar.gz deleted file mode 100644 index 40db63d..0000000 --- a/bind-9.8.0P4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:abd5761319c54b6bada99830b733067b71ebef7a3203c1af17ab5d28121003ca -size 7710343 diff --git a/bind-9.8.1.tar.gz b/bind-9.8.1.tar.gz new file mode 100644 index 0000000..cb17c46 --- /dev/null +++ b/bind-9.8.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:02285dc429cb2a6687a1b2446e9ee22c1df27f2577225b05be5092395ee7c92c +size 8450567 diff --git a/bind.changes b/bind.changes index 484cf9e..45cb1ab 100644 --- a/bind.changes +++ b/bind.changes @@ -1,3 +1,42 @@ +------------------------------------------------------------------- +Mon Sep 5 10:19:34 CEST 2011 - ug@suse.de + +* Added a new include file with function typedefs for the DLZ + "dlopen" driver. [RT #23629] +* Added a tool able to generate malformed packets to allow testing of + how named handles them. [RT #24096] +* The root key is now provided in the file bind.keys allowing DNSSEC + validation to be switched on at start up by adding + "dnssec-validation auto;" to named.conf. If the root key provided + has expired, named will log the expiration and validation will not + work. More information and the most current copy of bind.keys can + be found at http://www.isc.org/bind-keys. *Please note this feature + was actually added in 9.8.0 but was not included in the 9.8.0 + release notes. [RT #21727] +* If named is configured with a response policy zone (RPZ) and a + query of type RRSIG is received for a name configured for RRset + replacement in that RPZ, it will trigger an INSIST and crash the + server. RRSIG. [RT #24280] +* named, set up to be a caching resolver, is vulnerable to a user + querying a domain with very large resource record sets (RRSets) + when trying to negatively cache the response. Due to an off-by-one + error, caching the response could cause named to crash. [RT #24650] + [CVE-2011-1910] +* Using Response Policy Zone (RPZ) to query a wildcard CNAME label + with QUERY type SIG/RRSIG, it can cause named to crash. Fix is + query type independant. [RT #24715] +* Using Response Policy Zone (RPZ) with DNAME records and querying + the subdomain of that label can cause named to crash. Now logs that + DNAME is not supported. [RT #24766] +* Change #2912 populated the message section in replies to UPDATE + requests, which some Windows clients wanted. This exposed a latent + bug that allowed the response message to crash named. With this + fix, change 2912 has been reduced to copy only the zone section to + the reply. A more complete fix for the latent bug will be released + later. [RT #24777] +* many bugfixes (see CHANGELOG) +* 9.8.1 + ------------------------------------------------------------------- Wed Aug 31 09:36:54 UTC 2011 - rhafer@suse.de diff --git a/bind.spec b/bind.spec index a2eede8..f12b45b 100644 --- a/bind.spec +++ b/bind.spec @@ -20,14 +20,14 @@ Name: bind %define pkg_name bind -%define pkg_vers 9.8.0P4 +%define pkg_vers 9.8.1 BuildRequires: openldap2-devel BuildRequires: libcap libcap-devel libmysqlclient-devel libxml2-devel openssl openssl-devel BuildRequires: update-desktop-files BuildRequires: krb5-devel Summary: Domain Name System (DNS) Server (named) -Version: 9.8.0P4 -Release: 4 +Version: 9.8.1 +Release: 1 License: BSD3c(or similar) ; MIT License (or similar) Group: Productivity/Networking/DNS/Servers Provides: dns_daemon bind8 bind9 @@ -50,6 +50,7 @@ Patch6: ldapdump-allow-uri.diff Patch51: pie_compile.diff Patch52: named-bootconf.diff Patch54: named-direct-proc-mount.diff +Patch70: dlz_compile.diff Patch100: configure.in.diff2 Source60: dlz-schema.txt %if %ul_version >= 1 @@ -237,6 +238,7 @@ Authors: %if 0%{?suse_version} <= 1010 %patch100 -p1 %endif +%patch70 -p0 # modify settings of some files regarding to OS version and vendor function replaceStrings() { @@ -294,8 +296,7 @@ CONFIGURE_OPTIONS="\ --with-libtool \ --enable-runidn \ --with-libxml2 \ - --with-dlz-mysql --with-dlz-ldap \ - --with-gssapi + --with-dlz-mysql --with-dlz-ldap " ./configure ${CONFIGURE_OPTIONS} %{__make} %{?_smp_mflags} diff --git a/dlz_compile.diff b/dlz_compile.diff new file mode 100644 index 0000000..c24884b --- /dev/null +++ b/dlz_compile.diff @@ -0,0 +1,11 @@ +--- contrib/dlz/drivers/sdlz_helper.c ++++ contrib/dlz/drivers/sdlz_helper.c 2011/09/05 08:09:41 +@@ -50,7 +50,7 @@ + * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +-#ifdef DLZ ++#ifdef CONTRIB_DLZ + + #include +