Hello community,

here is the log from the commit of package nsd for openSUSE:Factory checked in 
at 2018-08-06 11:53:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/nsd (Old)
 and      /work/SRC/openSUSE:Factory/.nsd.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "nsd"

Mon Aug  6 11:53:59 2018 rev:5 rq:627482 version:4.1.23

Changes:
--------
--- /work/SRC/openSUSE:Factory/nsd/nsd.changes  2018-07-03 23:36:03.460262266 
+0200
+++ /work/SRC/openSUSE:Factory/.nsd.new/nsd.changes     2018-08-06 
11:54:01.341217755 +0200
@@ -1,0 +2,6 @@
+Mon Jul 30 18:47:44 UTC 2018 - mich...@stroeder.com
+
+- Update to upstream release 4.1.23:
+  - Fix NSD time sensitive TSIG compare vulnerability.
+
+-------------------------------------------------------------------

Old:
----
  nsd-4.1.22.tar.gz
  nsd-4.1.22.tar.gz.asc

New:
----
  nsd-4.1.23.tar.gz
  nsd-4.1.23.tar.gz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ nsd.spec ++++++
--- /var/tmp/diff_new_pack.sxC5m3/_old  2018-08-06 11:54:01.829218602 +0200
+++ /var/tmp/diff_new_pack.sxC5m3/_new  2018-08-06 11:54:01.829218602 +0200
@@ -23,7 +23,7 @@
 %define zonesdir   %{configdir}/zones
 %define pidfile    %{_rundir}/nsd/nsd.pid
 Name:           nsd
-Version:        4.1.22
+Version:        4.1.23
 Release:        0
 #
 Summary:        An authoritative-only domain name server

++++++ nsd-4.1.22.tar.gz -> nsd-4.1.23.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/configure new/nsd-4.1.23/configure
--- old/nsd-4.1.22/configure    2018-06-11 10:27:20.000000000 +0200
+++ new/nsd-4.1.23/configure    2018-07-30 09:17:59.000000000 +0200
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for NSD 4.1.22.
+# Generated by GNU Autoconf 2.69 for NSD 4.1.23.
 #
 # Report bugs to <nsd-b...@nlnetlabs.nl>.
 #
@@ -580,8 +580,8 @@
 # Identity of this package.
 PACKAGE_NAME='NSD'
 PACKAGE_TARNAME='nsd'
-PACKAGE_VERSION='4.1.22'
-PACKAGE_STRING='NSD 4.1.22'
+PACKAGE_VERSION='4.1.23'
+PACKAGE_STRING='NSD 4.1.23'
 PACKAGE_BUGREPORT='nsd-b...@nlnetlabs.nl'
 PACKAGE_URL=''
 
@@ -1286,7 +1286,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures NSD 4.1.22 to adapt to many kinds of systems.
+\`configure' configures NSD 4.1.23 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1347,7 +1347,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of NSD 4.1.22:";;
+     short | recursive ) echo "Configuration of NSD 4.1.23:";;
    esac
   cat <<\_ACEOF
 
@@ -1496,7 +1496,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-NSD configure 4.1.22
+NSD configure 4.1.23
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2205,7 +2205,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by NSD $as_me 4.1.22, which was
+It was created by NSD $as_me 4.1.23, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -9729,7 +9729,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by NSD $as_me 4.1.22, which was
+This file was extended by NSD $as_me 4.1.23, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -9791,7 +9791,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; 
s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-NSD config.status 4.1.22
+NSD config.status 4.1.23
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/configure.ac new/nsd-4.1.23/configure.ac
--- old/nsd-4.1.22/configure.ac 2018-05-23 16:04:01.000000000 +0200
+++ new/nsd-4.1.23/configure.ac 2018-07-30 09:17:47.000000000 +0200
@@ -4,7 +4,7 @@
 
 sinclude(acx_nlnetlabs.m4)
 
-AC_INIT(NSD,4.1.22,nsd-b...@nlnetlabs.nl)
+AC_INIT(NSD,4.1.23,nsd-b...@nlnetlabs.nl)
 AC_CONFIG_HEADER([config.h])
 
 CFLAGS="$CFLAGS"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/doc/README new/nsd-4.1.23/doc/README
--- old/nsd-4.1.22/doc/README   2018-06-11 10:27:21.000000000 +0200
+++ new/nsd-4.1.23/doc/README   2018-07-30 09:17:59.000000000 +0200
@@ -19,7 +19,7 @@
 
 1.0 Introduction
 
-This is NSD Name Server Daemon (NSD) version 4.1.22.
+This is NSD Name Server Daemon (NSD) version 4.1.23.
 
 The NLnet Labs Name Server Daemon (NSD) is an authoritative RFC compliant 
 DNS nameserver. It was first conceived to allow for more genetic 
@@ -55,7 +55,7 @@
 
 1.2 Quick build and install
 
-Step 1: Unpack the source with gtar -xzvf nsd-4.1.22.tar.gz
+Step 1: Unpack the source with gtar -xzvf nsd-4.1.23.tar.gz
 
 Step 2: Create user nsd or any other unprivileged user of your
         choice. In case of later make sure to use
@@ -109,9 +109,9 @@
 Use your favorite combination of tar and gnu zip to unpack the source,
 for example
 
-$ gtar -xzvf nsd-4.1.22.tar.gz
+$ gtar -xzvf nsd-4.1.23.tar.gz
 
-will unpack the source into the ./nsd-4.1.22 directory...
+will unpack the source into the ./nsd-4.1.23 directory...
 
 
 2.2 Configuring NSD
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/doc/RELNOTES new/nsd-4.1.23/doc/RELNOTES
--- old/nsd-4.1.22/doc/RELNOTES 2018-06-11 10:26:11.000000000 +0200
+++ new/nsd-4.1.23/doc/RELNOTES 2018-07-30 09:14:53.000000000 +0200
@@ -1,5 +1,11 @@
 NSD RELEASE NOTES
 
+4.1.23
+================
+BUG FIXES:
+       - Fix NSD time sensitive TSIG compare vulnerability.
+
+
 4.1.22
 ================
 FEATURES:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/nsd-checkconf.8.in 
new/nsd-4.1.23/nsd-checkconf.8.in
--- old/nsd-4.1.22/nsd-checkconf.8.in   2018-06-11 10:27:21.000000000 +0200
+++ new/nsd-4.1.23/nsd-checkconf.8.in   2018-07-30 09:17:59.000000000 +0200
@@ -1,4 +1,4 @@
-.TH "nsd\-checkconf" "8" "Jun 11, 2018" "NLnet Labs" "nsd 4.1.22"
+.TH "nsd\-checkconf" "8" "Jul 30, 2018" "NLnet Labs" "nsd 4.1.23"
 .\" Copyright (c) 2001\-2008, NLnet Labs. All rights reserved.
 .\" See LICENSE for the license.
 .SH "NAME"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/nsd-checkzone.8.in 
new/nsd-4.1.23/nsd-checkzone.8.in
--- old/nsd-4.1.22/nsd-checkzone.8.in   2018-06-11 10:27:21.000000000 +0200
+++ new/nsd-4.1.23/nsd-checkzone.8.in   2018-07-30 09:17:59.000000000 +0200
@@ -1,4 +1,4 @@
-.TH "nsd\-checkzone" "8" "Jun 11, 2018" "NLnet Labs" "nsd 4.1.22"
+.TH "nsd\-checkzone" "8" "Jul 30, 2018" "NLnet Labs" "nsd 4.1.23"
 .\" Copyright (c) 2014, NLnet Labs. All rights reserved.
 .\" See LICENSE for the license.
 .SH "NAME"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/nsd-control.8.in 
new/nsd-4.1.23/nsd-control.8.in
--- old/nsd-4.1.22/nsd-control.8.in     2018-06-11 10:27:21.000000000 +0200
+++ new/nsd-4.1.23/nsd-control.8.in     2018-07-30 09:17:59.000000000 +0200
@@ -1,4 +1,4 @@
-.TH "nsd\-control" "8" "Jun 11, 2018" "NLnet Labs" "nsd 4.1.22"
+.TH "nsd\-control" "8" "Jul 30, 2018" "NLnet Labs" "nsd 4.1.23"
 .\" Copyright (c) 2011, NLnet Labs. All rights reserved.
 .\" See LICENSE for the license.
 .SH "NAME"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/nsd.8.in new/nsd-4.1.23/nsd.8.in
--- old/nsd-4.1.22/nsd.8.in     2018-06-11 10:27:21.000000000 +0200
+++ new/nsd-4.1.23/nsd.8.in     2018-07-30 09:17:59.000000000 +0200
@@ -1,9 +1,9 @@
-.TH "NSD" "8" "Jun 11, 2018" "NLnet Labs" "NSD 4.1.22"
+.TH "NSD" "8" "Jul 30, 2018" "NLnet Labs" "NSD 4.1.23"
 .\" Copyright (c) 2001\-2008, NLnet Labs. All rights reserved.
 .\" See LICENSE for the license.
 .SH "NAME"
 .B nsd
-\- Name Server Daemon (NSD) version 4.1.22.
+\- Name Server Daemon (NSD) version 4.1.23.
 .SH "SYNOPSIS"
 .B nsd
 .RB [ \-4 ] 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/nsd.conf.5.in new/nsd-4.1.23/nsd.conf.5.in
--- old/nsd-4.1.22/nsd.conf.5.in        2018-06-11 10:27:21.000000000 +0200
+++ new/nsd-4.1.23/nsd.conf.5.in        2018-07-30 09:17:59.000000000 +0200
@@ -1,4 +1,4 @@
-.TH "nsd.conf" "5" "Jun 11, 2018" "NLnet Labs" "nsd 4.1.22"
+.TH "nsd.conf" "5" "Jul 30, 2018" "NLnet Labs" "nsd 4.1.23"
 .\" Copyright (c) 2001\-2008, NLnet Labs. All rights reserved.
 .\" See LICENSE for the license.
 .SH "NAME"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nsd-4.1.22/tsig.c new/nsd-4.1.23/tsig.c
--- old/nsd-4.1.22/tsig.c       2017-01-19 16:32:27.000000000 +0100
+++ new/nsd-4.1.23/tsig.c       2018-07-30 09:14:53.000000000 +0200
@@ -475,7 +475,7 @@
                                    &tsig->prior_mac_size);
 
        if (tsig->mac_size != tsig->prior_mac_size
-           || memcmp(tsig->mac_data,
+           || CRYPTO_memcmp(tsig->mac_data,
                      tsig->prior_mac_data,
                      tsig->mac_size) != 0)
        {



Reply via email to