1 |
commit: c5edd5a90d920ff49ad549fe840599e3dc63fc0f |
2 |
Author: Sven Wegener <swegener <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Dec 4 15:41:21 2017 +0000 |
4 |
Commit: Sven Wegener <swegener <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Dec 4 15:41:21 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c5edd5a9 |
7 |
|
8 |
net-dns/pdns-recursor: Version bump |
9 |
|
10 |
Package-Manager: Portage-2.3.14, Repoman-2.3.6 |
11 |
|
12 |
net-dns/pdns-recursor/Manifest | 2 +- |
13 |
.../pdns-recursor/files/CVE-2017-15093-4.0.6.patch | 47 ---------------------- |
14 |
.../pdns-recursor/files/CVE-2017-15094-4.0.6.patch | 28 ------------- |
15 |
....0_rc3-r1.ebuild => pdns-recursor-4.1.0.ebuild} | 4 -- |
16 |
4 files changed, 1 insertion(+), 80 deletions(-) |
17 |
|
18 |
diff --git a/net-dns/pdns-recursor/Manifest b/net-dns/pdns-recursor/Manifest |
19 |
index 587e95d0995..c9752e96db9 100644 |
20 |
--- a/net-dns/pdns-recursor/Manifest |
21 |
+++ b/net-dns/pdns-recursor/Manifest |
22 |
@@ -1,2 +1,2 @@ |
23 |
DIST pdns-recursor-4.0.7.tar.bz2 1107546 BLAKE2B 3ccda73878599e3ade69e4dc6b0787e588a8403fb7cacfbe574409513b8723cbfd29a3c73d857120def801da60a4bedbc0f0c396e6642adb0287204cde301331 SHA512 0c8873adcce5ed9b41f161bc71635da23496b4ae48dbffff7dcdf9c5181e720f9aa94e18bd64e0dff9fa03eae8410dc93585a74d13f0c16d38b0d1c0f4146bb2 |
24 |
-DIST pdns-recursor-4.1.0-rc3.tar.bz2 1191353 BLAKE2B fcbc6f08f962c9c2f459448770406734eff2caab43b615690e9d910b65327e45182aa2c9bcadadeaa6eb3984a8cb463849d5e001ffb98bb618966da5b8557a8a SHA512 141e3fcbf5e7c81ae0228fb7a15c599ef5ae41e2c2d169e2f7b4f57c6c832ac40d3e20302d219ba565c4a514b1297906684247a1a56cd740e3ea0bff4a7da51d |
25 |
+DIST pdns-recursor-4.1.0.tar.bz2 1222751 BLAKE2B b2b5a7dee227b28eb3a1451a4d07cb1804e039e6b405c332f30fbb8df39f395906607f3c074b2469b01885b702d12e86e4ffd6114811404134c16956905c744f SHA512 1e4d70f3794005c3f45b2ec0ab580c3697e7de3096f3378b9b9d1cd53f10f95e577522ca9f634eb235b166f007e8a2bfa99f312ddf19f266ad4bb0965167fd7c |
26 |
|
27 |
diff --git a/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch b/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch |
28 |
deleted file mode 100644 |
29 |
index 2695830b442..00000000000 |
30 |
--- a/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch |
31 |
+++ /dev/null |
32 |
@@ -1,47 +0,0 @@ |
33 |
-diff -ru pdns-recursor-4.0.6.orig/ws-recursor.cc pdns-recursor-4.0.6/ws-recursor.cc |
34 |
---- pdns-recursor-4.0.6.orig/ws-recursor.cc 2017-07-04 17:43:07.000000000 +0200 |
35 |
-+++ pdns-recursor-4.0.6/ws-recursor.cc 2017-11-02 18:13:55.762458134 +0100 |
36 |
-@@ -76,10 +76,11 @@ |
37 |
- throw ApiException("'value' must be an array"); |
38 |
- } |
39 |
- |
40 |
-+ NetmaskGroup nmg; |
41 |
- for (auto value : jlist.array_items()) { |
42 |
- try { |
43 |
-- Netmask(value.string_value()); |
44 |
-- } catch (NetmaskException &e) { |
45 |
-+ nmg.addMask(value.string_value()); |
46 |
-+ } catch (const NetmaskException &e) { |
47 |
- throw ApiException(e.reason); |
48 |
- } |
49 |
- } |
50 |
-@@ -91,9 +92,7 @@ |
51 |
- |
52 |
- // Clear allow-from, and provide a "parent" value |
53 |
- ss << "allow-from=" << endl; |
54 |
-- for (auto value : jlist.array_items()) { |
55 |
-- ss << "allow-from+=" << value.string_value() << endl; |
56 |
-- } |
57 |
-+ ss << "allow-from+=" << nmg.toString() << endl; |
58 |
- |
59 |
- apiWriteConfigFile("allow-from", ss.str()); |
60 |
- |
61 |
-@@ -201,10 +200,15 @@ |
62 |
- if (server == "") { |
63 |
- throw ApiException("Forwarded-to server must not be an empty string"); |
64 |
- } |
65 |
-- if (!serverlist.empty()) { |
66 |
-- serverlist += ";"; |
67 |
-+ try { |
68 |
-+ ComboAddress ca = parseIPAndPort(server, 53); |
69 |
-+ if (!serverlist.empty()) { |
70 |
-+ serverlist += ";"; |
71 |
-+ } |
72 |
-+ serverlist += ca.toStringWithPort(); |
73 |
-+ } catch (const PDNSException &e) { |
74 |
-+ throw ApiException(e.reason); |
75 |
- } |
76 |
-- serverlist += server; |
77 |
- } |
78 |
- if (serverlist == "") |
79 |
- throw ApiException("Need at least one upstream server when forwarding"); |
80 |
|
81 |
diff --git a/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch b/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch |
82 |
deleted file mode 100644 |
83 |
index ee7cf6878d9..00000000000 |
84 |
--- a/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch |
85 |
+++ /dev/null |
86 |
@@ -1,28 +0,0 @@ |
87 |
-diff -ru pdns-recursor-4.0.6.orig/opensslsigners.cc pdns-recursor-4.0.6/opensslsigners.cc |
88 |
---- pdns-recursor-4.0.6.orig/opensslsigners.cc 2017-07-04 17:43:07.000000000 +0200 |
89 |
-+++ pdns-recursor-4.0.6/opensslsigners.cc 2017-11-02 18:18:37.489408103 +0100 |
90 |
-@@ -474,7 +474,7 @@ |
91 |
- if (iqmp == NULL) { |
92 |
- RSA_free(key); |
93 |
- BN_clear_free(dmq1); |
94 |
-- BN_clear_free(iqmp); |
95 |
-+ BN_clear_free(dmp1); |
96 |
- throw runtime_error(getName()+" allocation of BIGNUM iqmp failed"); |
97 |
- } |
98 |
- RSA_set0_crt_params(key, dmp1, dmq1, iqmp); |
99 |
-@@ -562,6 +562,7 @@ |
100 |
- BIGNUM *n = BN_bin2bn((unsigned char*)modulus.c_str(), modulus.length(), NULL); |
101 |
- if (!n) { |
102 |
- RSA_free(key); |
103 |
-+ BN_clear_free(e); |
104 |
- throw runtime_error(getName()+" error loading n value of public key"); |
105 |
- } |
106 |
- |
107 |
-@@ -866,6 +867,7 @@ |
108 |
- |
109 |
- int ret = EC_POINT_oct2point(d_ecgroup, pub_key, (unsigned char*) ecdsaPoint.c_str(), ecdsaPoint.length(), d_ctx); |
110 |
- if (ret != 1) { |
111 |
-+ EC_POINT_free(pub_key); |
112 |
- throw runtime_error(getName()+" reading ECP point from binary failed"); |
113 |
- } |
114 |
- |
115 |
|
116 |
diff --git a/net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild b/net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild |
117 |
similarity index 96% |
118 |
rename from net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild |
119 |
rename to net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild |
120 |
index 224ae2f7537..346091e0ec1 100644 |
121 |
--- a/net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild |
122 |
+++ b/net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild |
123 |
@@ -33,10 +33,6 @@ DEPEND="${DEPEND} |
124 |
|
125 |
S="${WORKDIR}"/${P/_/-} |
126 |
|
127 |
-PATCHES=( |
128 |
- "${FILESDIR}"/CVE-2017-{15093,15094}-4.0.6.patch |
129 |
-) |
130 |
- |
131 |
pkg_setup() { |
132 |
filter-flags -ftree-vectorize |
133 |
} |