diff --git a/.gitignore b/.gitignore index f7c73a1..39aba1c 100644 --- a/.gitignore +++ b/.gitignore @@ -98,3 +98,5 @@ bind-9.7.2b1.tar.gz /bind-9.11.10.tar.gz /bind-9.11.11.tar.gz /bind-9.11.12.tar.gz +/bind-9.11.13.tar.gz +/bind-9.11.13.tar.gz.asc diff --git a/bind-9.11-rh1732883.patch b/bind-9.11-rh1732883.patch index 80820b5..14bf265 100644 --- a/bind-9.11-rh1732883.patch +++ b/bind-9.11-rh1732883.patch @@ -1,4 +1,4 @@ -From 348947b3d573e2187db61fb43919d2260dcfc135 Mon Sep 17 00:00:00 2001 +From 6010876e561b4345e569ffd11eaec9ea52725817 Mon Sep 17 00:00:00 2001 From: Pavel Zhukov Date: Wed, 24 Jul 2019 17:15:55 +0200 Subject: [PATCH] Detect system time jumps @@ -17,18 +17,16 @@ go_reboot() procedure to request lease extention 6 files changed, 84 insertions(+), 5 deletions(-) diff --git a/lib/isc/include/isc/result.h b/lib/isc/include/isc/result.h -index 0fd4971..2add549 100644 +index 0389efa..149cde5 100644 --- a/lib/isc/include/isc/result.h +++ b/lib/isc/include/isc/result.h -@@ -87,9 +87,10 @@ - #define ISC_R_CRYPTOFAILURE 65 /*%< cryptography library failure */ - #define ISC_R_DISCQUOTA 66 /*%< disc quota */ +@@ -89,7 +89,8 @@ #define ISC_R_DISCFULL 67 /*%< disc full */ -+#define ISC_R_TIMESHIFTED 68 /*%< system time changed */ - - /*% Not a result code: the number of results. */ --#define ISC_R_NRESULTS 68 -+#define ISC_R_NRESULTS 69 + #define ISC_R_DEFAULT 68 /*%< default */ + #define ISC_R_IPV4PREFIX 69 /*%< IPv4 prefix */ +-#define ISC_R_NRESULTS 70 ++#define ISC_R_TIMESHIFTED 70 /*%< system time changed */ ++#define ISC_R_NRESULTS 71 ISC_LANG_BEGINDECLS @@ -47,27 +45,27 @@ index 973c348..8160dd3 100644 /*% * Alignment diff --git a/lib/isc/result.c b/lib/isc/result.c -index abb6ed2..8c95a93 100644 +index a9db132..7c04831 100644 --- a/lib/isc/result.c +++ b/lib/isc/result.c -@@ -103,6 +103,7 @@ static const char *description[ISC_R_NRESULTS] = { - "crypto failure", /*%< 65 */ - "disc quota", /*%< 66 */ +@@ -105,6 +105,7 @@ static const char *description[ISC_R_NRESULTS] = { "disc full", /*%< 67 */ -+ "time changed", /*%< 68 */ + "default", /*%< 68 */ + "IPv4 prefix", /*%< 69 */ ++ "time changed", /*%< 70 */ }; static const char *identifier[ISC_R_NRESULTS] = { -@@ -174,6 +175,7 @@ static const char *identifier[ISC_R_NRESULTS] = { - "ISC_R_CRYPTOFAILURE", - "ISC_R_DISCQUOTA", +@@ -178,6 +179,7 @@ static const char *identifier[ISC_R_NRESULTS] = { "ISC_R_DISCFULL", + "ISC_R_DEFAULT", + "ISC_R_IPV4PREFIX", + "ISC_R_TIMESHIFTED", }; #define ISC_RESULT_RESULTSET 2 diff --git a/lib/isc/unix/app.c b/lib/isc/unix/app.c -index 7e5a0ee..ceab74e 100644 +index a6e9882..52eb3e0 100644 --- a/lib/isc/unix/app.c +++ b/lib/isc/unix/app.c @@ -442,15 +442,48 @@ isc__app_ctxonrun(isc_appctx_t *ctx0, isc_mem_t *mctx, isc_task_t *task, diff --git a/bind-9.11-rt46047.patch b/bind-9.11-rt46047.patch index 4bb47e8..8f413f6 100644 --- a/bind-9.11-rt46047.patch +++ b/bind-9.11-rt46047.patch @@ -1,4 +1,4 @@ -From 4c7b644910e21e690e5f51d5596a9fe46d9c7b7a Mon Sep 17 00:00:00 2001 +From 5a465424f5249ceaf0547ab90361a16eb08f7a2b Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Thu, 28 Sep 2017 10:09:22 -0700 Subject: [PATCH] completed and corrected the crypto-random change @@ -142,10 +142,10 @@ index 31a99e7..38c83ed 100644 usekeyboard); diff --git a/bin/named/client.c b/bin/named/client.c -index 2169954..c6c59f7 100644 +index 50fa2cd..524d9a3 100644 --- a/bin/named/client.c +++ b/bin/named/client.c -@@ -1754,7 +1754,8 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, +@@ -1762,7 +1762,8 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, isc_buffer_init(&buf, cookie, sizeof(cookie)); isc_stdtime_get(&now); @@ -156,7 +156,7 @@ index 2169954..c6c59f7 100644 compute_cookie(client, now, nonce, ns_g_server->secret, &buf); diff --git a/bin/named/config.c b/bin/named/config.c -index de64ca5..833c1dc 100644 +index dbdff64..63da4b0 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -98,7 +98,9 @@ options {\n\ @@ -223,7 +223,7 @@ index d955c2f..40621f2 100644 } else eresult = ns_control_docommand(request, listener->readonly, &text); diff --git a/bin/named/include/named/server.h b/bin/named/include/named/server.h -index f5ed2b7..b2c1d05 100644 +index 7ee8f66..8982d26 100644 --- a/bin/named/include/named/server.h +++ b/bin/named/include/named/server.h @@ -20,6 +20,7 @@ @@ -243,7 +243,7 @@ index f5ed2b7..b2c1d05 100644 struct ns_altsecret { diff --git a/bin/named/interfacemgr.c b/bin/named/interfacemgr.c -index 9bd1f93..851d3c9 100644 +index 9dea7c1..272d300 100644 --- a/bin/named/interfacemgr.c +++ b/bin/named/interfacemgr.c @@ -17,6 +17,7 @@ @@ -255,7 +255,7 @@ index 9bd1f93..851d3c9 100644 #include #include diff --git a/bin/named/query.c b/bin/named/query.c -index 86417c7..55b7b7c 100644 +index c9e5469..0940714 100644 --- a/bin/named/query.c +++ b/bin/named/query.c @@ -19,6 +19,7 @@ @@ -267,10 +267,10 @@ index 86417c7..55b7b7c 100644 #include #include diff --git a/bin/named/server.c b/bin/named/server.c -index c782073..bc59cbc 100644 +index 36fc047..3c1eec0 100644 --- a/bin/named/server.c +++ b/bin/named/server.c -@@ -8204,21 +8204,32 @@ load_configuration(const char *filename, ns_server_t *server, +@@ -8208,21 +8208,32 @@ load_configuration(const char *filename, ns_server_t *server, * Open the source of entropy. */ if (first_time) { @@ -312,7 +312,7 @@ index c782073..bc59cbc 100644 #ifdef PATH_RANDOMDEV if (ns_g_fallbackentropy != NULL) { level = ISC_LOG_INFO; -@@ -8229,8 +8240,8 @@ load_configuration(const char *filename, ns_server_t *server, +@@ -8233,8 +8244,8 @@ load_configuration(const char *filename, ns_server_t *server, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, level, @@ -323,7 +323,7 @@ index c782073..bc59cbc 100644 randomdev, isc_result_totext(result)); } -@@ -8250,7 +8261,6 @@ load_configuration(const char *filename, ns_server_t *server, +@@ -8254,7 +8265,6 @@ load_configuration(const char *filename, ns_server_t *server, } isc_entropy_detach(&ns_g_fallbackentropy); } @@ -331,7 +331,7 @@ index c782073..bc59cbc 100644 #endif } -@@ -9018,6 +9028,7 @@ ns_server_create(isc_mem_t *mctx, ns_server_t **serverp) { +@@ -9022,6 +9032,7 @@ ns_server_create(isc_mem_t *mctx, ns_server_t **serverp) { server->in_roothints = NULL; server->blackholeacl = NULL; server->keepresporder = NULL; @@ -339,7 +339,7 @@ index c782073..bc59cbc 100644 /* Must be first. */ CHECKFATAL(dst_lib_init2(ns_g_mctx, ns_g_entropy, -@@ -9044,6 +9055,9 @@ ns_server_create(isc_mem_t *mctx, ns_server_t **serverp) { +@@ -9048,6 +9059,9 @@ ns_server_create(isc_mem_t *mctx, ns_server_t **serverp) { CHECKFATAL(dns_tkeyctx_create(ns_g_mctx, ns_g_entropy, &server->tkeyctx), "creating TKEY context"); @@ -349,7 +349,7 @@ index c782073..bc59cbc 100644 /* * Setup the server task, which is responsible for coordinating -@@ -9250,7 +9264,8 @@ ns_server_destroy(ns_server_t **serverp) { +@@ -9254,7 +9268,8 @@ ns_server_destroy(ns_server_t **serverp) { if (server->zonemgr != NULL) dns_zonemgr_detach(&server->zonemgr); @@ -359,7 +359,7 @@ index c782073..bc59cbc 100644 if (server->tkeyctx != NULL) dns_tkeyctx_destroy(&server->tkeyctx); -@@ -13221,10 +13236,10 @@ newzone_cfgctx_destroy(void **cfgp) { +@@ -13230,10 +13245,10 @@ newzone_cfgctx_destroy(void **cfgp) { static isc_result_t generate_salt(unsigned char *salt, size_t saltlen) { @@ -372,7 +372,7 @@ index c782073..bc59cbc 100644 } rnd; unsigned char text[512 + 1]; isc_region_t r; -@@ -13234,9 +13249,10 @@ generate_salt(unsigned char *salt, size_t saltlen) { +@@ -13243,9 +13258,10 @@ generate_salt(unsigned char *salt, size_t saltlen) { if (saltlen > 256U) return (ISC_R_RANGE); @@ -455,7 +455,7 @@ index 2146f9b..64b8e74 100644 } #endif diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml -index 9bf100f..c161e71 100644 +index 33e06e6..539973c 100644 --- a/doc/arm/Bv9ARM-book.xml +++ b/doc/arm/Bv9ARM-book.xml @@ -5076,22 +5076,45 @@ badresp:1,adberr:0,findfail:0,valfail:0] @@ -570,13 +570,13 @@ index 0000000..11c3a7c + + diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml -index 3a9cfcf..ded2000 100644 +index b16dab6..763ff7e 100644 --- a/doc/arm/notes.xml +++ b/doc/arm/notes.xml -@@ -23,6 +23,7 @@ - - - +@@ -36,6 +36,7 @@ + + + + diff --git a/bind.spec b/bind.spec index 54bbf87..db0cd1c 100644 --- a/bind.spec +++ b/bind.spec @@ -53,15 +53,15 @@ # lib*.so.X versions of selected libraries %global sover_dns 1107 -%global sover_isc 1100 +%global sover_isc 1104 %global sover_irs 161 %global sover_isccfg 163 Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Name: bind License: MPLv2.0 -Version: 9.11.12 -Release: 4%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} +Version: 9.11.13 +Release: 1%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} Epoch: 32 Url: https://www.isc.org/downloads/bind/ # @@ -157,7 +157,6 @@ Patch173:bind-9.11-rh1732883.patch # Make sure jsonccp-devel does not interfere Patch174:bind-9.11-json-c.patch Patch175:bind-9.11-fips-disable.patch -Patch176: bind-9.11-rh1768258.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -549,7 +548,6 @@ are used for building ISC DHCP. %patch173 -p1 -b .rh1732883 %patch174 -p1 -b .json-c %patch175 -p1 -b .rh1709553 -%patch176 -p1 -b .rh1768258 mkdir lib/dns/tests/testdata/dstrandom cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data @@ -1565,6 +1563,9 @@ fi; %changelog +* Tue Nov 19 2019 Petr Menšík - 32:9.11.13-1 +- Update to 9.11.13 + * Tue Nov 19 2019 Petr Menšík - 32:9.11.12-4 - Report failures on systemctl reload (#1739441) diff --git a/sources b/sources index 29d4646..d213c25 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ -SHA512 (bind-9.11.12.tar.gz) = 7e2b9ef4ed5a00c2e5310c932c177887aed330d94eefc87d732dda010f2b71477e2f9d6ea89422ccbc8f6f04ceb83419b758218bcc02f25b34751bad974174e8 +SHA512 (bind-9.11.13.tar.gz) = 6e5289ff231b8d7d2f02ae02a1cf43abff3e507e1d96d8ec002dc71097fc77dc5514762ff1ea5918159c88319b1d5eed78c6dc1a7835173db234d4ee887644bc +SHA512 (bind-9.11.13.tar.gz.asc) = 5b32adee7d45cdd2921126e898824839f6a0a5574c0ae5a441fc7df78681ebf872a276d6e434e8043cf9ec504f57c2b8fdf79fdb141e32dac5c4fa57c18d52f4