[gentoo-commits] repo/gentoo:master commit in: net-dns/pdns-recursor/, net-dns/pdns-recursor/files/ - gentoo-commits

From:	Sven Wegener <swegener@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-dns/pdns-recursor/, net-dns/pdns-recursor/files/
Date:	Mon, 04 Dec 2017 15:47:01
Message-Id:	`1512402081.c5edd5a90d920ff49ad549fe840599e3dc63fc0f.swegener@gentoo`

1

commit:     c5edd5a90d920ff49ad549fe840599e3dc63fc0f

2

Author:     Sven Wegener <swegener <AT> gentoo <DOT> org>

3

AuthorDate: Mon Dec  4 15:41:21 2017 +0000

4

Commit:     Sven Wegener <swegener <AT> gentoo <DOT> org>

5

CommitDate: Mon Dec  4 15:41:21 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c5edd5a9

7

8

net-dns/pdns-recursor: Version bump

9

10

Package-Manager: Portage-2.3.14, Repoman-2.3.6

11

12

 net-dns/pdns-recursor/Manifest                     |  2 +-

13

 .../pdns-recursor/files/CVE-2017-15093-4.0.6.patch | 47 ----------------------

14

 .../pdns-recursor/files/CVE-2017-15094-4.0.6.patch | 28 -------------

15

 ....0_rc3-r1.ebuild => pdns-recursor-4.1.0.ebuild} |  4 --

16

 4 files changed, 1 insertion(+), 80 deletions(-)

17

18

diff --git a/net-dns/pdns-recursor/Manifest b/net-dns/pdns-recursor/Manifest

19

index 587e95d0995..c9752e96db9 100644

20

--- a/net-dns/pdns-recursor/Manifest

21

+++ b/net-dns/pdns-recursor/Manifest

22

@@ -1,2 +1,2 @@

23

 DIST pdns-recursor-4.0.7.tar.bz2 1107546 BLAKE2B 3ccda73878599e3ade69e4dc6b0787e588a8403fb7cacfbe574409513b8723cbfd29a3c73d857120def801da60a4bedbc0f0c396e6642adb0287204cde301331 SHA512 0c8873adcce5ed9b41f161bc71635da23496b4ae48dbffff7dcdf9c5181e720f9aa94e18bd64e0dff9fa03eae8410dc93585a74d13f0c16d38b0d1c0f4146bb2

24

-DIST pdns-recursor-4.1.0-rc3.tar.bz2 1191353 BLAKE2B fcbc6f08f962c9c2f459448770406734eff2caab43b615690e9d910b65327e45182aa2c9bcadadeaa6eb3984a8cb463849d5e001ffb98bb618966da5b8557a8a SHA512 141e3fcbf5e7c81ae0228fb7a15c599ef5ae41e2c2d169e2f7b4f57c6c832ac40d3e20302d219ba565c4a514b1297906684247a1a56cd740e3ea0bff4a7da51d

25

+DIST pdns-recursor-4.1.0.tar.bz2 1222751 BLAKE2B b2b5a7dee227b28eb3a1451a4d07cb1804e039e6b405c332f30fbb8df39f395906607f3c074b2469b01885b702d12e86e4ffd6114811404134c16956905c744f SHA512 1e4d70f3794005c3f45b2ec0ab580c3697e7de3096f3378b9b9d1cd53f10f95e577522ca9f634eb235b166f007e8a2bfa99f312ddf19f266ad4bb0965167fd7c

26

27

diff --git a/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch b/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch

28

deleted file mode 100644

29

index 2695830b442..00000000000

30

--- a/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch

31

+++ /dev/null

32

@@ -1,47 +0,0 @@

33

-diff -ru pdns-recursor-4.0.6.orig/ws-recursor.cc pdns-recursor-4.0.6/ws-recursor.cc

34

---- pdns-recursor-4.0.6.orig/ws-recursor.cc	2017-07-04 17:43:07.000000000 +0200

35

-+++ pdns-recursor-4.0.6/ws-recursor.cc	2017-11-02 18:13:55.762458134 +0100

36

-@@ -76,10 +76,11 @@

37

-       throw ApiException("'value' must be an array");

38

-     }

39

-

40

-+    NetmaskGroup nmg;

41

-     for (auto value : jlist.array_items()) {

42

-       try {

43

--        Netmask(value.string_value());

44

--      } catch (NetmaskException &e) {

45

-+        nmg.addMask(value.string_value());

46

-+      } catch (const NetmaskException &e) {

47

-         throw ApiException(e.reason);

48

-       }

49

-     }

50

-@@ -91,9 +92,7 @@

51

-

52

-     // Clear allow-from, and provide a "parent" value

53

-     ss << "allow-from=" << endl;

54

--    for (auto value : jlist.array_items()) {

55

--      ss << "allow-from+=" << value.string_value() << endl;

56

--    }

57

-+    ss << "allow-from+=" << nmg.toString() << endl;

58

-

59

-     apiWriteConfigFile("allow-from", ss.str());

60

-

61

-@@ -201,10 +200,15 @@

62

-       if (server == "") {

63

-         throw ApiException("Forwarded-to server must not be an empty string");

64

-       }

65

--      if (!serverlist.empty()) {

66

--        serverlist += ";";

67

-+      try {

68

-+        ComboAddress ca = parseIPAndPort(server, 53);

69

-+        if (!serverlist.empty()) {

70

-+          serverlist += ";";

71

-+        }

72

-+        serverlist += ca.toStringWithPort();

73

-+      } catch (const PDNSException &e) {

74

-+        throw ApiException(e.reason);

75

-       }

76

--      serverlist += server;

77

-     }

78

-     if (serverlist == "")

79

-       throw ApiException("Need at least one upstream server when forwarding");

80

81

diff --git a/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch b/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch

82

deleted file mode 100644

83

index ee7cf6878d9..00000000000

84

--- a/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch

85

+++ /dev/null

86

@@ -1,28 +0,0 @@

87

-diff -ru pdns-recursor-4.0.6.orig/opensslsigners.cc pdns-recursor-4.0.6/opensslsigners.cc

88

---- pdns-recursor-4.0.6.orig/opensslsigners.cc	2017-07-04 17:43:07.000000000 +0200

89

-+++ pdns-recursor-4.0.6/opensslsigners.cc	2017-11-02 18:18:37.489408103 +0100

90

-@@ -474,7 +474,7 @@

91

-   if (iqmp == NULL) {

92

-     RSA_free(key);

93

-     BN_clear_free(dmq1);

94

--    BN_clear_free(iqmp);

95

-+    BN_clear_free(dmp1);

96

-     throw runtime_error(getName()+" allocation of BIGNUM iqmp failed");

97

-   }

98

-   RSA_set0_crt_params(key, dmp1, dmq1, iqmp);

99

-@@ -562,6 +562,7 @@

100

-   BIGNUM *n = BN_bin2bn((unsigned char*)modulus.c_str(), modulus.length(), NULL);

101

-   if (!n) {

102

-     RSA_free(key);

103

-+    BN_clear_free(e);

104

-     throw runtime_error(getName()+" error loading n value of public key");

105

-   }

106

-

107

-@@ -866,6 +867,7 @@

108

-

109

-   int ret = EC_POINT_oct2point(d_ecgroup, pub_key, (unsigned char*) ecdsaPoint.c_str(), ecdsaPoint.length(), d_ctx);

110

-   if (ret != 1) {

111

-+    EC_POINT_free(pub_key);

112

-     throw runtime_error(getName()+" reading ECP point from binary failed");

113

-   }

114

-

115

116

diff --git a/net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild b/net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild

117

similarity index 96%

118

rename from net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild

119

rename to net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild

120

index 224ae2f7537..346091e0ec1 100644

121

--- a/net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild

122

+++ b/net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild

123

@@ -33,10 +33,6 @@ DEPEND="${DEPEND}

124

125

 S="${WORKDIR}"/${P/_/-}

126

127

-PATCHES=(

128

-	"${FILESDIR}"/CVE-2017-{15093,15094}-4.0.6.patch

129

-)

130

-

131

 pkg_setup() {

132

 	filter-flags -ftree-vectorize

133

}

1	commit: c5edd5a90d920ff49ad549fe840599e3dc63fc0f
2	Author: Sven Wegener <swegener <AT> gentoo <DOT> org>
3	AuthorDate: Mon Dec 4 15:41:21 2017 +0000
4	Commit: Sven Wegener <swegener <AT> gentoo <DOT> org>
5	CommitDate: Mon Dec 4 15:41:21 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c5edd5a9
7
8	net-dns/pdns-recursor: Version bump
9
10	Package-Manager: Portage-2.3.14, Repoman-2.3.6
11
12	net-dns/pdns-recursor/Manifest \| 2 +-
13	.../pdns-recursor/files/CVE-2017-15093-4.0.6.patch \| 47 ----------------------
14	.../pdns-recursor/files/CVE-2017-15094-4.0.6.patch \| 28 -------------
15	....0_rc3-r1.ebuild => pdns-recursor-4.1.0.ebuild} \| 4 --
16	4 files changed, 1 insertion(+), 80 deletions(-)
17
18	diff --git a/net-dns/pdns-recursor/Manifest b/net-dns/pdns-recursor/Manifest
19	index 587e95d0995..c9752e96db9 100644
20	--- a/net-dns/pdns-recursor/Manifest
21	+++ b/net-dns/pdns-recursor/Manifest
22	@@ -1,2 +1,2 @@
23	DIST pdns-recursor-4.0.7.tar.bz2 1107546 BLAKE2B 3ccda73878599e3ade69e4dc6b0787e588a8403fb7cacfbe574409513b8723cbfd29a3c73d857120def801da60a4bedbc0f0c396e6642adb0287204cde301331 SHA512 0c8873adcce5ed9b41f161bc71635da23496b4ae48dbffff7dcdf9c5181e720f9aa94e18bd64e0dff9fa03eae8410dc93585a74d13f0c16d38b0d1c0f4146bb2
24	-DIST pdns-recursor-4.1.0-rc3.tar.bz2 1191353 BLAKE2B fcbc6f08f962c9c2f459448770406734eff2caab43b615690e9d910b65327e45182aa2c9bcadadeaa6eb3984a8cb463849d5e001ffb98bb618966da5b8557a8a SHA512 141e3fcbf5e7c81ae0228fb7a15c599ef5ae41e2c2d169e2f7b4f57c6c832ac40d3e20302d219ba565c4a514b1297906684247a1a56cd740e3ea0bff4a7da51d
25	+DIST pdns-recursor-4.1.0.tar.bz2 1222751 BLAKE2B b2b5a7dee227b28eb3a1451a4d07cb1804e039e6b405c332f30fbb8df39f395906607f3c074b2469b01885b702d12e86e4ffd6114811404134c16956905c744f SHA512 1e4d70f3794005c3f45b2ec0ab580c3697e7de3096f3378b9b9d1cd53f10f95e577522ca9f634eb235b166f007e8a2bfa99f312ddf19f266ad4bb0965167fd7c
26
27	diff --git a/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch b/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch
28	deleted file mode 100644
29	index 2695830b442..00000000000
30	--- a/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch
31	+++ /dev/null
32	@@ -1,47 +0,0 @@
33	-diff -ru pdns-recursor-4.0.6.orig/ws-recursor.cc pdns-recursor-4.0.6/ws-recursor.cc
34	---- pdns-recursor-4.0.6.orig/ws-recursor.cc 2017-07-04 17:43:07.000000000 +0200
35	-+++ pdns-recursor-4.0.6/ws-recursor.cc 2017-11-02 18:13:55.762458134 +0100
36	-@@ -76,10 +76,11 @@
37	- throw ApiException("'value' must be an array");
38	- }
39	-
40	-+ NetmaskGroup nmg;
41	- for (auto value : jlist.array_items()) {
42	- try {
43	-- Netmask(value.string_value());
44	-- } catch (NetmaskException &e) {
45	-+ nmg.addMask(value.string_value());
46	-+ } catch (const NetmaskException &e) {
47	- throw ApiException(e.reason);
48	- }
49	- }
50	-@@ -91,9 +92,7 @@
51	-
52	- // Clear allow-from, and provide a "parent" value
53	- ss << "allow-from=" << endl;
54	-- for (auto value : jlist.array_items()) {
55	-- ss << "allow-from+=" << value.string_value() << endl;
56	-- }
57	-+ ss << "allow-from+=" << nmg.toString() << endl;
58	-
59	- apiWriteConfigFile("allow-from", ss.str());
60	-
61	-@@ -201,10 +200,15 @@
62	- if (server == "") {
63	- throw ApiException("Forwarded-to server must not be an empty string");
64	- }
65	-- if (!serverlist.empty()) {
66	-- serverlist += ";";
67	-+ try {
68	-+ ComboAddress ca = parseIPAndPort(server, 53);
69	-+ if (!serverlist.empty()) {
70	-+ serverlist += ";";
71	-+ }
72	-+ serverlist += ca.toStringWithPort();
73	-+ } catch (const PDNSException &e) {
74	-+ throw ApiException(e.reason);
75	- }
76	-- serverlist += server;
77	- }
78	- if (serverlist == "")
79	- throw ApiException("Need at least one upstream server when forwarding");
80
81	diff --git a/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch b/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch
82	deleted file mode 100644
83	index ee7cf6878d9..00000000000
84	--- a/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch
85	+++ /dev/null
86	@@ -1,28 +0,0 @@
87	-diff -ru pdns-recursor-4.0.6.orig/opensslsigners.cc pdns-recursor-4.0.6/opensslsigners.cc
88	---- pdns-recursor-4.0.6.orig/opensslsigners.cc 2017-07-04 17:43:07.000000000 +0200
89	-+++ pdns-recursor-4.0.6/opensslsigners.cc 2017-11-02 18:18:37.489408103 +0100
90	-@@ -474,7 +474,7 @@
91	- if (iqmp == NULL) {
92	- RSA_free(key);
93	- BN_clear_free(dmq1);
94	-- BN_clear_free(iqmp);
95	-+ BN_clear_free(dmp1);
96	- throw runtime_error(getName()+" allocation of BIGNUM iqmp failed");
97	- }
98	- RSA_set0_crt_params(key, dmp1, dmq1, iqmp);
99	-@@ -562,6 +562,7 @@
100	- BIGNUM n = BN_bin2bn((unsigned char)modulus.c_str(), modulus.length(), NULL);
101	- if (!n) {
102	- RSA_free(key);
103	-+ BN_clear_free(e);
104	- throw runtime_error(getName()+" error loading n value of public key");
105	- }
106	-
107	-@@ -866,6 +867,7 @@
108	-
109	- int ret = EC_POINT_oct2point(d_ecgroup, pub_key, (unsigned char*) ecdsaPoint.c_str(), ecdsaPoint.length(), d_ctx);
110	- if (ret != 1) {
111	-+ EC_POINT_free(pub_key);
112	- throw runtime_error(getName()+" reading ECP point from binary failed");
113	- }
114	-
115
116	diff --git a/net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild b/net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild
117	similarity index 96%
118	rename from net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild
119	rename to net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild
120	index 224ae2f7537..346091e0ec1 100644
121	--- a/net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild
122	+++ b/net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild
123	@@ -33,10 +33,6 @@ DEPEND="${DEPEND}
124
125	S="${WORKDIR}"/${P/_/-}
126
127	-PATCHES=(
128	- "${FILESDIR}"/CVE-2017-{15093,15094}-4.0.6.patch
129	-)
130	-
131	pkg_setup() {
132	filter-flags -ftree-vectorize
133	}

Gentoo Archives: gentoo-commits