Hello community, here is the log from the commit of package bind for openSUSE:Factory checked in at Mon Sep 5 16:20:40 CEST 2011.
-------- --- bind/bind.changes 2011-08-31 11:47:26.000000000 +0200 +++ /mounts/work_src_done/STABLE/bind/bind.changes 2011-09-05 11:42:43.000000000 +0200 @@ -1,0 +2,44 @@ +Mon Sep 5 11:41:49 CEST 2011 - [email protected] + +* fixed SSL in chroot environment (bnc#715881) + +------------------------------------------------------------------- +Mon Sep 5 10:19:34 CEST 2011 - [email protected] + +* Added a new include file with function typedefs for the DLZ + "dlopen" driver. [RT #23629] +* Added a tool able to generate malformed packets to allow testing of + how named handles them. [RT #24096] +* The root key is now provided in the file bind.keys allowing DNSSEC + validation to be switched on at start up by adding + "dnssec-validation auto;" to named.conf. If the root key provided + has expired, named will log the expiration and validation will not + work. More information and the most current copy of bind.keys can + be found at http://www.isc.org/bind-keys. *Please note this feature + was actually added in 9.8.0 but was not included in the 9.8.0 + release notes. [RT #21727] +* If named is configured with a response policy zone (RPZ) and a + query of type RRSIG is received for a name configured for RRset + replacement in that RPZ, it will trigger an INSIST and crash the + server. RRSIG. [RT #24280] +* named, set up to be a caching resolver, is vulnerable to a user + querying a domain with very large resource record sets (RRSets) + when trying to negatively cache the response. Due to an off-by-one + error, caching the response could cause named to crash. [RT #24650] + [CVE-2011-1910] +* Using Response Policy Zone (RPZ) to query a wildcard CNAME label + with QUERY type SIG/RRSIG, it can cause named to crash. Fix is + query type independant. [RT #24715] +* Using Response Policy Zone (RPZ) with DNAME records and querying + the subdomain of that label can cause named to crash. Now logs that + DNAME is not supported. [RT #24766] +* Change #2912 populated the message section in replies to UPDATE + requests, which some Windows clients wanted. This exposed a latent + bug that allowed the response message to crash named. With this + fix, change 2912 has been reduced to copy only the zone section to + the reply. A more complete fix for the latent bug will be released + later. [RT #24777] +* many bugfixes (see CHANGELOG) +* 9.8.1 + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- bind-9.8.0P4.tar.gz New: ---- bind-9.8.1.tar.gz dlz_compile.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bind.spec ++++++ --- /var/tmp/diff_new_pack.YdFbfd/_old 2011-09-05 16:20:05.000000000 +0200 +++ /var/tmp/diff_new_pack.YdFbfd/_new 2011-09-05 16:20:05.000000000 +0200 @@ -20,14 +20,14 @@ Name: bind %define pkg_name bind -%define pkg_vers 9.8.0P4 +%define pkg_vers 9.8.1 BuildRequires: openldap2-devel BuildRequires: libcap libcap-devel libmysqlclient-devel libxml2-devel openssl openssl-devel BuildRequires: update-desktop-files BuildRequires: krb5-devel Summary: Domain Name System (DNS) Server (named) -Version: 9.8.0P4 -Release: 4 +Version: 9.8.1 +Release: 1 License: BSD3c(or similar) ; MIT License (or similar) Group: Productivity/Networking/DNS/Servers Provides: dns_daemon bind8 bind9 @@ -50,6 +50,7 @@ Patch51: pie_compile.diff Patch52: named-bootconf.diff Patch54: named-direct-proc-mount.diff +Patch70: dlz_compile.diff Patch100: configure.in.diff2 Source60: dlz-schema.txt %if %ul_version >= 1 @@ -237,6 +238,7 @@ %if 0%{?suse_version} <= 1010 %patch100 -p1 %endif +%patch70 -p0 # modify settings of some files regarding to OS version and vendor function replaceStrings() { @@ -294,8 +296,7 @@ --with-libtool \ --enable-runidn \ --with-libxml2 \ - --with-dlz-mysql --with-dlz-ldap \ - --with-gssapi + --with-dlz-mysql --with-dlz-ldap " ./configure ${CONFIGURE_OPTIONS} %{__make} %{?_smp_mflags} ++++++ bind-9.8.0P4.tar.gz -> bind-9.8.1.tar.gz ++++++ bind/bind-9.8.0P4.tar.gz /mounts/work_src_done/STABLE/bind/bind-9.8.1.tar.gz differ: char 5, line 1 ++++++ dlz_compile.diff ++++++ --- contrib/dlz/drivers/sdlz_helper.c +++ contrib/dlz/drivers/sdlz_helper.c 2011/09/05 08:09:41 @@ -50,7 +50,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#ifdef DLZ +#ifdef CONTRIB_DLZ #include <config.h> ++++++ vendor-files.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/init/named new/vendor-files/init/named --- old/vendor-files/init/named 2011-04-15 10:56:52.000000000 +0200 +++ new/vendor-files/init/named 2011-09-05 11:41:24.000000000 +0200 @@ -209,7 +209,7 @@ test -z "${CHROOT_PREFIX}${NAMED_D}" || rm -rf ${CHROOT_PREFIX}${NAMED_D} # copy new cp -a -L ${NAMED_D} ${CHROOT_PREFIX}${NAMED_D%/*} - for configfile in ${NAMED_CONF_INCLUDE_FILES} "${NAMED_CONF}" "${NAMED_CONF_META_INCLUDE_FILE}" /etc/{localtime,rndc.key}; do + for configfile in ${NAMED_CONF_INCLUDE_FILES} "${NAMED_CONF}" "${NAMED_CONF_META_INCLUDE_FILE}" /etc/{localtime,rndc.key,ssl/openssl.cnf}; do if [ ! -e ${configfile} ]; then warnMessage "File ${configfile} not found. Skipping." continue @@ -218,6 +218,13 @@ rm -f ${CHROOT_PREFIX}/${configfile} cp -a -L ${configfile} ${CHROOT_PREFIX}/${configfile%/*} done + if [ -d /lib/engines ]; then + mkdir -p ${CHROOT_PREFIX}/lib + cp -r /lib/engines ${CHROOT_PREFIX}/lib/ + elif [ -d /lib64/engines ]; then + mkdir -p ${CHROOT_PREFIX}/lib64 + cp -r /lib64/engines ${CHROOT_PREFIX}/lib64/ + fi fi export checkAndCopyConfigFilesCalled="yes" } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
