Re: CVS: cvs.openbsd.org: ports

Thu, 17 Mar 2022 02:14:46 -0700 

Thanks, fixed

--
 Sent from a phone, apologies for poor formatting.

On 17 March 2022 08:18:04 Solene Rapenne <[email protected]> wrote:


On Wed, 16 Mar 2022 18:25:20 -0600 (MDT)
Stuart Henderson <[email protected]>:


CVSROOT:        /cvs
Module name:    ports
Changes by:     [email protected]   2022/03/16 18:25:19

Modified files:
        net/isc-bind   : Tag: OPENBSD_7_0 Makefile distinfo
        net/isc-bind/files: Tag: OPENBSD_7_0 named.conf
        net/isc-bind/patches: Tag: OPENBSD_7_0 patch-bin_dig_dig_c
                              patch-bin_dig_host_c
                              patch-bin_dig_nslookup_c
                              patch-bin_named_include_named_globals_h
                              patch-configure_ac
                              patch-lib_isc_unix_net_c
                              patch-lib_isc_unix_socket_c
        net/isc-bind/pkg: Tag: OPENBSD_7_0 PLIST isc_named.rc

Log message:
update to BIND 9.16.27

CVE-2021-25220: DNS forwarders - cache poisoning vulnerability
https://kb.isc.org/docs/CVE-2021-25220

CVE-2022-0396: DoS from specifically crafted TCP packets
https://kb.isc.org/docs/cve-2022-0396

CVE-2022-0635: DNAME insist with synth-from-dnssec enabled
https://kb.isc.org/docs/cve-2022-0635

CVE-2022-0667: Assertion failure on delayed DS lookup
https://kb.isc.org/docs/cve-2022-0667



some patches fail to apply on stable

+++ Wed Mar 16 22:50:56 MDT 2022
===>  Checking files for isc-bind-9.16.27v3-geoip
`/mnt/distfiles/bind-9.16.27.tar.xz' is up to date.

(SHA256) bind-9.16.27.tar.xz: OK

===> isc-bind-9.16.27v3-geoip depends on: py3-ply-* -> py3-ply-3.11p3
===> isc-bind-9.16.27v3-geoip depends on: python->=3.8,<3.9 -> python-3.8.12
===> isc-bind-9.16.27v3-geoip depends on: metaauto-* -> metaauto-1.0p4
===> isc-bind-9.16.27v3-geoip depends on: autoconf-2.69 -> autoconf-2.69p3
===> isc-bind-9.16.27v3-geoip depends on: dwz-* -> dwz-0.14
===> isc-bind-9.16.27v3-geoip depends on: xz-* -> xz-5.2.5
===> isc-bind-9.16.27v3-geoip depends on: libiconv-* -> libiconv-1.16p0
===> isc-bind-9.16.27v3-geoip depends on: json-c-* -> json-c-0.13.1p0
===> isc-bind-9.16.27v3-geoip depends on: libidn2-* -> libidn2-2.3.0p0
===> isc-bind-9.16.27v3-geoip depends on: libuv-* -> libuv-1.40.0
===> isc-bind-9.16.27v3-geoip depends on: libxml-* -> libxml-2.9.12p0
===> isc-bind-9.16.27v3-geoip depends on: libmaxminddb-* - not found
===>  Verifying install for libmaxminddb-* in net/libmaxminddb
`/home/ports//bulk/amd64/libmaxminddb-1.6.0' is up to date.
===> libmaxminddb-1.6.0 depends on: geolite2-country-* - not found
===>  Verifying install for geolite2-country-* in net/libmaxminddb
`/home/ports//bulk/amd64/libmaxminddb-1.6.0' is up to date.
===> geolite2-country-20191224p1 depends on: gmake-* -> gmake-4.3
===> geolite2-country-20191224p1 depends on: xz-* -> xz-5.2.5
--- Wed Mar 16 22:50:59 MDT 2022
+++ Wed Mar 16 22:51:00 MDT 2022
===> Returning to build of isc-bind-9.16.27v3-geoip
===> isc-bind-9.16.27v3-geoip depends on: libmaxminddb-* -> libmaxminddb-1.6.0
===> Verifying specs: c crypto execinfo iconv idn2 json-c lzma m pthread ssl unistring uv xml2 z maxminddb ===> found c.96.1 crypto.47.0 execinfo.3.0 iconv.7.0 idn2.1.1 json-c.1.1 lzma.2.1 m.10.1 pthread.26.1 ssl.50.0 unistring.0.1 uv.3.0 xml2.17.0 z.6.0 maxminddb.0.0 
===>  Extracting for isc-bind-9.16.27v3-geoip
===>  Patching for isc-bind-9.16.27v3-geoip
===>   Applying OpenBSD patch patch-bin_dig_dig_c
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Patch to use pledge on OpenBSD.
|locale is needed for idn2.
|
|Index: bin/dig/dig.c
|--- bin/dig/dig.c.orig
|+++ bin/dig/dig.c
--------------------------
Patching file bin/dig/dig.c using Plan A...
Hunk #1 succeeded at 18.
Hunk #2 succeeded at 2642.
Hunk #3 succeeded at 2682.
done
===>   Applying OpenBSD patch patch-bin_dig_host_c
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Patch to use pledge on OpenBSD.
|locale is needed for idn2.
|
|Index: bin/dig/host.c
|--- bin/dig/host.c.orig
|+++ bin/dig/host.c
--------------------------
Patching file bin/dig/host.c using Plan A...
Hunk #1 succeeded at 18.
Hunk #2 succeeded at 904.
Hunk #3 succeeded at 926.
done
===>   Applying OpenBSD patch patch-bin_dig_nslookup_c
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Patch to use pledge on OpenBSD.
|locale is needed for idn2.
|
|Index: bin/dig/nslookup.c
|--- bin/dig/nslookup.c.orig
|+++ bin/dig/nslookup.c
--------------------------
Patching file bin/dig/nslookup.c using Plan A...
Hunk #1 succeeded at 1011.
Hunk #2 succeeded at 1030.
done
===>   Applying OpenBSD patch patch-bin_named_include_named_globals_h
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: bin/named/include/named/globals.h
|--- bin/named/include/named/globals.h.orig
|+++ bin/named/include/named/globals.h
--------------------------
Patching file bin/named/include/named/globals.h using Plan A...
Hunk #1 succeeded at 135.
done
===>   Applying OpenBSD patch patch-configure_ac
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|"struct stat" is in stat.h not fcntl.h
|https://gitlab.isc.org/isc-projects/bind9/-/issues/2905
|
|Index: configure.ac
|--- configure.ac.orig
|+++ configure.ac
--------------------------
Patching file configure.ac using Plan A...
Hunk #1 succeeded at 1856.
done
===>   Applying OpenBSD patch patch-lib_dns_dst_openssl_h
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|$OpenBSD: patch-lib_dns_dst_openssl_h,v 1.5 2020/03/19 17:07:20 sthen Exp $
|
|Index: lib/dns/dst_openssl.h
|--- lib/dns/dst_openssl.h.orig
|+++ lib/dns/dst_openssl.h
--------------------------
Patching file lib/dns/dst_openssl.h using Plan A...
Hunk #1 failed at 23.
1 out of 1 hunks failed--saving rejects to lib/dns/dst_openssl.h.rej
done
***>   patch-lib_dns_dst_openssl_h did not apply cleanly
===>   Applying OpenBSD patch patch-lib_dns_openssldh_link_c
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|$OpenBSD: patch-lib_dns_openssldh_link_c,v 1.13 2020/05/19 09:32:38 sthen Exp $ 
|
|Index: lib/dns/openssldh_link.c
|--- lib/dns/openssldh_link.c.orig
|+++ lib/dns/openssldh_link.c
--------------------------
Patching file lib/dns/openssldh_link.c using Plan A...
Hunk #1 failed at 259.
Hunk #2 succeeded at 308 (offset 3 lines).
1 out of 2 hunks failed--saving rejects to lib/dns/openssldh_link.c.rej
done
***>   patch-lib_dns_openssldh_link_c did not apply cleanly
===>   Applying OpenBSD patch patch-lib_dns_opensslrsa_link_c
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|$OpenBSD: patch-lib_dns_opensslrsa_link_c,v 1.11 2020/05/19 09:32:38 sthen Exp $ 
|
|Index: lib/dns/opensslrsa_link.c
|--- lib/dns/opensslrsa_link.c.orig
|+++ lib/dns/opensslrsa_link.c
--------------------------
Patching file lib/dns/opensslrsa_link.c using Plan A...
Hunk #1 failed at 451.
1 out of 1 hunks failed--saving rejects to lib/dns/opensslrsa_link.c.rej
done
***>   patch-lib_dns_opensslrsa_link_c did not apply cleanly
===>   Applying OpenBSD patch patch-lib_isc_aes_c
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|$OpenBSD: patch-lib_isc_aes_c,v 1.3 2020/03/19 17:07:20 sthen Exp $
|
|Index: lib/isc/aes.c
|--- lib/isc/aes.c.orig
|+++ lib/isc/aes.c
--------------------------
Patching file lib/isc/aes.c using Plan A...
Hunk #1 failed at 21.
Hunk #2 failed at 30.
Hunk #3 failed at 50.
Hunk #4 failed at 70.
4 out of 4 hunks failed--saving rejects to lib/isc/aes.c.rej
done
***>   patch-lib_isc_aes_c did not apply cleanly
===>   Applying OpenBSD patch patch-lib_isc_unix_net_c
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Patch to use pledge on OpenBSD.
|
|Index: lib/isc/unix/net.c
|--- lib/isc/unix/net.c.orig
|+++ lib/isc/unix/net.c
--------------------------
Patching file lib/isc/unix/net.c using Plan A...
Hunk #1 succeeded at 223.
Hunk #2 succeeded at 680.
done
===>   Applying OpenBSD patch patch-lib_isc_unix_socket_c
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Disable some socket options which pledge doesn't allow.
|
|Index: lib/isc/unix/socket.c
|--- lib/isc/unix/socket.c.orig
|+++ lib/isc/unix/socket.c
--------------------------
Patching file lib/isc/unix/socket.c using Plan A...
Hunk #1 succeeded at 2106.
Hunk #2 succeeded at 2388.
Hunk #3 succeeded at 2413.
Hunk #4 succeeded at 5096.
done
===>   Failed patches:
   patch-lib_dns_dst_openssl_h
   patch-lib_dns_openssldh_link_c
   patch-lib_dns_opensslrsa_link_c
   patch-lib_isc_aes_c
*** Error 1 in net/isc-bind (/home/ports//infrastructure/mk/bsd.port.mk:2831 '/build/tmp/pobj//isc-bind-9.16.27-geoip/.patch_done': @if cd /...) *** Error 2 in net/isc-bind (/home/ports//infrastructure/mk/bsd.port.mk:2134 '/home/packages/amd64/all/isc-bind-9.16.27v3-geoip.tgz': @cd /h...) *** Error 2 in net/isc-bind (/home/ports//infrastructure/mk/bsd.port.mk:2623 '_internal-package': @case X${_DEPENDS_CACHE} in X) _DEPENDS_C...) *** Error 2 in net/isc-bind (/home/ports//infrastructure/mk/bsd.port.mk:2602 'package': @lock=isc-bind-9.16.27v3-geoip; export _LOCKS_HELD=...) 
--- Wed Mar 16 22:51:02 MDT 2022

Reply via email to