Accepting request 1005207 from network

OBS-URL: https://build.opensuse.org/request/show/1005207 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bind?expand=0&rev=185
2022-09-22 12:49:36 +00:00 · 2022-09-22 12:49:36 +00:00 · bcd1cc3c16
commit bcd1cc3c16
parent e3dadf92ab 7a18d2cf86
7 changed files with 69 additions and 43 deletions
--- a/bind-9.18.6.tar.xz
+++ b/bind-9.18.6.tar.xz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:d43a0fed03c774d1685d203598218c0b7774a88fcc390a0170710d5feb7fbff1
 size 5171132
--- a/bind-9.18.6.tar.xz.sha512.asc
+++ b/bind-9.18.6.tar.xz.sha512.asc
@ -1,16 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCgAdFiEE4l6wzxzoBJ1H8dmmM+EOShg6jkYFAmL0AkwACgkQM+EOShg6
 jkaylw/9Evr/sUupCkvNFVt+FtqlnfBDt8WCSlwPaSr5TVU+JCX+0SnNkIrST5Ho
 wOACBRks6ATzvtL4pAnr+DRJFen+G0WL57YJsR6geKKm78W7WzV49zG3FSad6RTq
 FyXoRNClteBttitPd0ubCHhHAqPcrmbVAlS+79l/8Q//r+llV99gY4h8ZVQC2f2I
 rnrJzprT3ZwwCqTyV03zigBcRINS9+/Ij/MlRoG5VGldSaDJB0dLMlJMzeIWeiLG
 aeHRTDB5q64HXS6zpzcYZcs6cG80lMFpYqMFP8+FZml1mz8PEhvhTb5cM94Ar1b1
 Iy/QMLzORneSCHq62o4Tc2jgFTv6y7LqRHnCujt+I0UpOt26tV5O/kr/CbMrgx9R
 mU/PScStLU5m38vwGrIfLegx9fauHPvQckM5Mbvv5E/ntFaza7r7aedjj5cMY92N
 uEHUKknYFP+nIRPEpaN/oIkkbVcRq99LviI2tlVUrkHR/siNy2Y/eHXm1nLs9s3y
 4mdns0dx0/d+sewaL4jpS9+EynDoy3IiAXpo2CMR8no/AIm2nqwrCtcR/slmsdUr
 P5lwlJZoyz4tsjFHTRyeEk4ciMEwDoIFQ+hwQovAL7Vq/2lIgXcvvQn0IX96n2SS
 cmFovsMMN7Y6LE/Tfx8CuHyP2bGs+V3wyepk3p2lJWrIWjJ7a/s=
 =2oT4
 -----END PGP SIGNATURE-----
--- a/bind-9.18.7.tar.xz
+++ b/bind-9.18.7.tar.xz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:9e2acf1698f49d70ad12ffbad39ec6716a7da524e9ebd98429c7c70ba1262981
 size 5626820
--- a/bind-9.18.7.tar.xz.sha512.asc
+++ b/bind-9.18.7.tar.xz.sha512.asc
@ -0,0 +1,16 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCgAdFiEE4l6wzxzoBJ1H8dmmM+EOShg6jkYFAmMfNs4ACgkQM+EOShg6
 jkY1aRAAySGOpDT4MFnuTI5w7RdWjMNclOGJoFK6ihbkF6lQDrRqRuYlmAq9UwW2
 KR+rAAAqAHk/EmDzsmq15OcsJdJOMrJTp88YEI4EdAcInOK4xbjDl73P0oOnlRjJ
 /8Aw2awrDPjMPoEoF9YBLPfU1Q2Vlunybzlq9sZ7eUWpp1qSa6x3EoWS/bB/f66G
 FhWpbEqdkBOCW8osm3svSOTCkYhlimX6Y2bTyhjSUdfS8q5rwYoiDEsbzjgoMS5l
 eNQb0bexCEBmaTjzARGXo2JzGcNMu9aeee3noeusTV/x3r5zgOjl/TDkx7Y4CAaN
 qtWeoYVp4p4ulisaFqP1bHuksUVgez+2SzrqJ0NpvhLZzbi5dRnsHT93iDcoR+X/
 yjyVQFiunZq3kU46Cf8gT29fxfyi3C/3BVxMkdZz2kI4LwRWvAng7mk9tfKH/2/d
 d44hvv0R4Mdv38/zd8m2pddh8A7rY7l7CbPrKe0V6UTsnErFi/B14fLu58vQHlZL
 8SBBLT2YSiJFQRMfcbCwVTW9r54pqb+MJxkBCgGMDAULOqdBSXfydQdEkbkC1R9i
 u522mH5/VafntJabrxWa4blz/2pClTWswCYCT9LIb8wTFgU+n99+1ozIW7arLFMe
 /ncipDqQffaC+DY88PlF5AOhG4I7hqbJR6yVrPaIL7On+2vIn+A=
 =/BQv
 -----END PGP SIGNATURE-----
--- a/bind-fix-mysql-bindings.patch
+++ b/bind-fix-mysql-bindings.patch
@ -1,22 +0,0 @@
 --- a/contrib/dlz/modules/mysql/Makefile
 +++ b/contrib/dlz/modules/mysql/Makefile
@@ -27,7 +27,7 @@ prefix = /usr
 libdir = $(prefix)/lib/bind9
 CFLAGS=-fPIC -g -I../include $(shell mysql_config --cflags)
 -LDAP_LIBS=$(shell mysql_config --libs)
 +MYSQL_LIBS=$(shell mysql_config --libs)
 all: dlz_mysql_dynamic.so
 --- a/contrib/dlz/modules/mysqldyn/Makefile
 +++ b/contrib/dlz/modules/mysqldyn/Makefile
@@ -27,7 +27,7 @@ prefix = /usr
 libdir = $(prefix)/lib/bind9
 CFLAGS=-fPIC -g -I../include $(shell mysql_config --cflags)
 -LDAP_LIBS=$(shell mysql_config --libs)
 +MYSQL_LIBS=$(shell mysql_config --libs)
 all: dlz_mysqldyn_mod.so
--- a/bind.changes
+++ b/bind.changes
@ -1,3 +1,52 @@
 -------------------------------------------------------------------
 Wed Sep 21 11:49:07 UTC 2022 - Jorik Cronenberg <jorik.cronenberg@suse.com>
 - Update to bind release 9.18.7
  Security Fixes:
  * Previously, there was no limit to the number of database lookups
    performed while processing large delegations, which could be
    abused to severely impact the performance of named running as a
    recursive resolver. This has been fixed. (CVE-2022-2795)
  * When an HTTP connection was reused to request statistics from the
    stats channel, the content length of successive responses could
    grow in size past the end of the allocated buffer.
    This has been fixed. (CVE-2022-2881)
  * Memory leaks in code handling Diffie-Hellman (DH) keys were fixed
    that could be externally triggered, when using TKEY records in DH
    mode with OpenSSL 3.0.0 and later versions. (CVE-2022-2906)
  * named running as a resolver with the stale-answer-client-timeout
    option set to 0 could crash with an assertion failure, when there
    was a stale CNAME in the cache for the incoming query.
    This has been fixed. (CVE-2022-3080)
  * Memory leaks were fixed that could be externally triggered in the
    DNSSEC verification code for the EdDSA algorithm. (CVE-2022-38178)
  Feature Changes:
  * Response Rate Limiting (RRL) code now treats all QNAMEs that are
    subject to wildcard processing within a given zone as the same
    name, to prevent circumventing the limits enforced by RRL.
  * Zones using dnssec-policy now require dynamic DNS or
    inline-signing to be configured explicitly.
  * When reconfiguring dnssec-policy from using NSEC with an NSEC-only
    DNSKEY algorithm (e.g. RSASHA1) to a policy that uses NSEC3,
    BIND 9 no longer fails to sign the zone; instead, it keeps using
    NSEC until the offending DNSKEY records have been removed from the
    zone, then switches to using NSEC3.
  * A backward-compatible approach was implemented for encoding
    internationalized domain names (IDN) in dig and converting the
    domain to IDNA2008 form; if that fails, BIND tries an IDNA2003
    conversion.
  Bug Fixes:
  * A serve-stale bug was fixed, where BIND would try to return stale
    data from cache for lookups that received duplicate queries or
    queries that would be dropped. This bug resulted in premature
    SERVFAIL responses, and has now been resolved.
  This obsoletes the following patch:
  * bind-fix-mysql-bindings.patch
  [bsc#1203614, bsc#1203615, bsc#1203616, bsc#1203618, bsc#1203620]
 -------------------------------------------------------------------
 Thu Aug 18 14:57:33 UTC 2022 - Jorik Cronenberg <jorik.cronenberg@suse.com>
--- a/bind.spec
+++ b/bind.spec
@ -56,7 +56,7 @@
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           bind
-Version:        9.18.6
+Version:        9.18.7
 Release:        0
 Summary:        Domain Name System (DNS) Server (named)
 License:        MPL-2.0
@ -75,7 +75,6 @@ Source70:       bind.conf
 # configuation file for systemd-sysusers
 Source72:       named.conf
 Patch56:        bind-ldapdump-use-valid-host.patch
 Patch57:        bind-fix-mysql-bindings.patch
 BuildRequires:  libcap-devel
 BuildRequires:  libopenssl-devel
 BuildRequires:  libtool