- Updated to 9.9.2-P2 (bnc#811876)
Fix for: https://kb.isc.org/article/AA-00871 CVE-2013-2266 * Security Fixes Removed the check for regex.h in configure in order to disable regex syntax checking, as it exposes BIND to a critical flaw in libregex on some platforms. [RT #32688] - added gpg key source verification OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=111
This commit is contained in:
parent
4d43181a2f
commit
eec4a4f40d
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:4bce7c020402623333b655be5167ae8c52f30a6bfe9750caa3ab70da7d90219c
|
||||
size 7277498
|
3
bind-9.9.2-P2.tar.gz
Normal file
3
bind-9.9.2-P2.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:ff822734e3550969251411e20f6f7397d14a912613a42af423752e93fdb565d2
|
||||
size 7277958
|
12
bind-9.9.2-P2.tar.gz.asc
Normal file
12
bind-9.9.2-P2.tar.gz.asc
Normal file
@ -0,0 +1,12 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
|
||||
Comment: GPGTools - http://gpgtools.org
|
||||
|
||||
iQEcBAABAgAGBQJRTKtMAAoJEEWseFcYnNvF8/MH/iumeUL6oxa6oVk/RaBj+J0T
|
||||
/ETUPoUoMGsz92bK7PgpvR/R9i0PVrA+79j3VLgsoXFEVPtZfBQeVXW08tWkeWdD
|
||||
S2asvEdEHxPla6pIQ9jOrevXwt7vdTjWgXpqXcSXsJ2SXOYYYUMIjTW7IFa5vyaL
|
||||
VUVirJpxTwxaw7rdYTGMGdD86DYpWi+hlFUdXuc+tbcUpEJrEiJhRoV9dwMsHOuS
|
||||
7APlB06WAnfluWzmjUk5Q0vl9XiXDRqagDUl3Ovas3ceHgEucqh0kMOtwLHBjQ0U
|
||||
n8C2+EpdLCnDThpwJ2IZdKomM6QoFLBbsTmBWUxONjqGwMpICZIbrxHoNfGEv0E=
|
||||
=vmRC
|
||||
-----END PGP SIGNATURE-----
|
13
bind.changes
13
bind.changes
@ -1,3 +1,16 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 27 12:33:34 UTC 2013 - meissner@suse.com
|
||||
|
||||
- Updated to 9.9.2-P2 (bnc#811876)
|
||||
Fix for: https://kb.isc.org/article/AA-00871 CVE-2013-2266
|
||||
|
||||
* Security Fixes
|
||||
Removed the check for regex.h in configure in order to disable regex
|
||||
syntax checking, as it exposes BIND to a critical flaw in libregex
|
||||
on some platforms. [RT #32688]
|
||||
|
||||
- added gpg key source verification
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 6 08:00:31 UTC 2012 - meissner@suse.com
|
||||
|
||||
|
31
bind.keyring
Normal file
31
bind.keyring
Normal file
@ -0,0 +1,31 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.12 (NetBSD)
|
||||
|
||||
mQENBFEKeFYBCADaN83gsb0VDjlGZkYra0PPlHz/eczKBU+/6I/VBq/FcsFEc27/
|
||||
O8IE05rIID10rXLjZ0k8y4ydvhI40eVZfxwaFvQEX/StVtU1ie3F7TS02ZuJ1yal
|
||||
YRtU29hhnZ5icDdiJ98gcZSH2WKhIWLRpmc60Lja/sTsO0lkLPJe9x2MDuzkQu9M
|
||||
Z7hlMgqZxZ1I/mQ/KsjT3oUt8euwyntg8/w/cpY8H0EVjyBnZWV2yejsLnbCo947
|
||||
hbjvUMSluGs7AZP0d+yqpGNsgRQ9iHy0NiL3ELdBqD22cqGRGTkX76KcLoXvqLVY
|
||||
450bBtXsI2uUXy5iL/eUkUP2JgWQybjju/M3ABEBAAG0SEludGVybmV0IFN5c3Rl
|
||||
bXMgQ29uc29ydGl1bSwgSW5jLiAoU2lnbmluZyBrZXksIDIwMTMpIDxjb2Rlc2ln
|
||||
bkBpc2Mub3JnPokBPgQTAQIAKAUCUQp4VgIbAwUJA8JnAAYLCQgHAwIGFQgCCQoL
|
||||
BBYCAwECHgECF4AACgkQRax4Vxic28XzIQf6AwLblJ98KI6l8gWqKVHMErYgl9+Q
|
||||
RiIxrqJtyn4OjeZHX9diVjv2HlsRjnTpNl5MiSB9tXvq+GX696w6dtpoqYjZEQoP
|
||||
ZCwE2USR6XO71eYO3rxLBnc0ymRvQm4zB2YKqworQDym0+wE8xiGBO8LyyVDfS5G
|
||||
aGWXl0YJkfNYXzhEp6toIiLwRE0uP0TarHcHCo2CboVBgODvDZqwSBfT+i6dT+Gy
|
||||
6nVEh3j7XnqgjCQ25cGev9sHR3hobT/fxG0F2YZ7sMwpWj9q0Y/dOlY7SV/ZGSs+
|
||||
ubKQ55BWsTjJRrNqyDX8QLb8oVic5q/yQkV+RTs1sP5s6JSs0KqQdyR3ZbkBDQRR
|
||||
CnhWAQgApxtu688JKcr6NXWOneWXn1Pti2jRhdVKNlNkGgLJ76vQTVdMmmTDwEty
|
||||
YQM6C9qjIXj8cEwz+LGRUXoCXOX9Yokf5oOjNpQutn4KVS+IRvWMYaK0qsTaa/c0
|
||||
FaIiFWvswyGucXAX/q9H5IoK8uYKXv5ww7+x3l1etg9/QdDQ/CANyMQbjBn38Wfn
|
||||
Fy/zoUl+mMZLfqs+3NwT5C+m/4M99SoyC7XQLaZt3PBO4rVjUnMkCgiXsNdDIZnv
|
||||
0XgUKyzSgrdPZcqKEG3yj8v5aTOC2k60Ffw1/ytA3hyfxLmdxxsyGyNQ4ZY8ZxmB
|
||||
Z6AyUWVK95bL4oQqUCqfzSscHpWokQARAQABiQElBBgBAgAPBQJRCnhWAhsMBQkD
|
||||
wmcAAAoJEEWseFcYnNvF4JAH/0MlU+Iwu5k6II3KufE2agMsRD2hk1VkpZcC08qi
|
||||
LfHxX/4HrCZd7jcViLpFeK+I5JaDM2G21Co9jBMoPh+EUDnalG3eglXgeNEbUfAZ
|
||||
pM7c9UejTNVmrw6crcgeUhKS2l0oBu9gRRlcSJEYY8XngfKJHBscCrsafp3RMVkO
|
||||
m4Ti4CcxOot3uQ10U8GojjtWp7bgqIaFBF8aV8vugXJLl9IHqgVEtvo9miM+0Tfi
|
||||
evOzuZMrgVY4zI2ZiLcrVM1KuIeZ2nIKbNWkJpDH2ZwUfsIx/KTxjpqld+NStzGQ
|
||||
B9v1wazIBDHQU4hq5ddOlk0lrLDAmMJzHbavlduWmFRkuv4=
|
||||
=bGLP
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
13
bind.spec
13
bind.spec
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package bind
|
||||
#
|
||||
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -18,7 +18,7 @@
|
||||
|
||||
Name: bind
|
||||
%define pkg_name bind
|
||||
%define pkg_vers 9.9.2-P1
|
||||
%define pkg_vers 9.9.2-P2
|
||||
BuildRequires: krb5-devel
|
||||
BuildRequires: libcap
|
||||
BuildRequires: libcap-devel
|
||||
@ -44,6 +44,9 @@ Requires: %{name}-utils
|
||||
PreReq: %fillup_prereq %insserv_prereq bind-utils /bin/grep /bin/sed /bin/mkdir /usr/bin/tee /bin/chmod /bin/chown /bin/mv /bin/cat /usr/bin/dirname /usr/bin/diff /usr/bin/old /usr/sbin/groupadd /usr/sbin/useradd /usr/sbin/usermod
|
||||
Url: http://isc.org/sw/bind/
|
||||
Source: ftp://ftp.isc.org/isc/bind9/%{pkg_vers}/bind-%{pkg_vers}.tar.gz
|
||||
Source3: ftp://ftp.isc.org/isc/bind9/%{pkg_vers}/bind-%{pkg_vers}.tar.gz.asc
|
||||
# from http://www.isc.org/about/openpgp/ ... changes yearly apparently.
|
||||
Source4: %name.keyring
|
||||
Source1: vendor-files.tar.bz2
|
||||
Source2: baselibs.conf
|
||||
Source9: ftp://ftp.internic.net/domain/named.root
|
||||
@ -56,6 +59,9 @@ Patch51: pie_compile.diff
|
||||
Patch52: named-bootconf.diff
|
||||
Patch100: configure.in.diff2
|
||||
Patch110: workaround-compile-problem.diff
|
||||
%if 0%{?suse_version} > 1220
|
||||
BuildRequires: gpg-offline
|
||||
%endif
|
||||
|
||||
# Rate limiting patch by Paul Vixie et.al. for reflection DoS protection
|
||||
# see http://www.redbarn.org/dns/ratelimits
|
||||
@ -185,6 +191,9 @@ test and query the Domain Name System (DNS). The Berkeley Internet
|
||||
Name Domain (BIND) DNS server is found in the package named bind.
|
||||
|
||||
%prep
|
||||
%if 0%{?suse_version} > 1220
|
||||
%gpg_verify %{S:3}
|
||||
%endif
|
||||
%setup -q -n %{pkg_name}-%{pkg_vers}
|
||||
#%setup -n %{pkg_name}-%{version} -T -D -a1 -a50
|
||||
%setup -q -n %{pkg_name}-%{pkg_vers} -T -D -a1
|
||||
|
@ -9,8 +9,8 @@
|
||||
; on server FTP.INTERNIC.NET
|
||||
; -OR- RS.INTERNIC.NET
|
||||
;
|
||||
; last update: Jun 8, 2011
|
||||
; related version of root zone: 2011060800
|
||||
; last update: Jan 3, 2013
|
||||
; related version of root zone: 2013010300
|
||||
;
|
||||
; formerly NS.INTERNIC.NET
|
||||
;
|
||||
@ -31,7 +31,7 @@ C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
|
||||
; FORMERLY TERP.UMD.EDU
|
||||
;
|
||||
. 3600000 NS D.ROOT-SERVERS.NET.
|
||||
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
|
||||
D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
|
||||
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D
|
||||
;
|
||||
; FORMERLY NS.NASA.GOV
|
||||
|
Loading…
Reference in New Issue
Block a user