summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Ruppert <idl0r@gentoo.org>2015-09-09 21:10:38 +0200
committerChristian Ruppert <idl0r@gentoo.org>2015-09-09 22:07:43 +0200
commit611412d9bb570646c5312f0d68c3134619d5b94f (patch)
tree7bfaa9042ed7b4cf6256a4a8ebed01d1c81284f7
parentnet-dns/bind: Remove old ebuild (diff)
downloadgentoo-611412d9bb570646c5312f0d68c3134619d5b94f.tar.gz
gentoo-611412d9bb570646c5312f0d68c3134619d5b94f.tar.bz2
gentoo-611412d9bb570646c5312f0d68c3134619d5b94f.zip
net-dns/bind-tools: Security bump, bug #559462 - CVE-2015-5722, CVE-2015-5986
Package-Manager: portage-2.2.20.1
-rw-r--r--net-dns/bind-tools/Manifest1
-rw-r--r--net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild125
2 files changed, 126 insertions, 0 deletions
diff --git a/net-dns/bind-tools/Manifest b/net-dns/bind-tools/Manifest
index 15de6564f82e..9f622242da7e 100644
--- a/net-dns/bind-tools/Manifest
+++ b/net-dns/bind-tools/Manifest
@@ -1,2 +1,3 @@
DIST bind-9.10.1-P1.tar.gz 8356463 SHA256 974343108d32f253a130383d0ba51290fb7bf372092f1451f264a9e3ac09898d SHA512 5fedff46d9cb0ff2544624c6d998f4f4bcd82152730e8e936c2611847fe443018b5c5c1dfb1dc49888dde5e3e30c3814f08369525612f0770575d54a3133ed48 WHIRLPOOL 6f39ff0e15676ed68f6d48d2ec5894b00de5192edbbbff94444f62dcf83e62a1e72019d575da97b6e6cde91b8918da78721c48510dbaad88095d4f2b3af375eb
DIST bind-9.10.2-P2.tar.gz 8469608 SHA256 b1e6f0af88634aaf48fb9d06bbf82968264f49b8e2685f061dd3fd4c1ab76c5f SHA512 f59a4e7ef268cd95be9c31b8f908a77b261c76bfad0572608f503175e4e06e69c22ee88f4b6ae9578cd096aa069d9401f76084c7e07b3e98e9dbbb40d535695c WHIRLPOOL 10b035f790a43552b22eed13a98b8dcfdc0cc0614342ae221ce23ba655fb40a46e336cca8575460bf26a792303c6eba61e184ca5deb219372fdd09609b4c9798
+DIST bind-9.10.2-P4.tar.gz 8471531 SHA256 c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8 SHA512 71dd211167c46ada768389f818b114c9e101132544510df0fde7b83ccbe6ef4d7313a3a254f11efe1ccea43a35f74785de4757c9f6044320174f5a69d39cdd5c WHIRLPOOL 0e179fb597c906c05d820969b8a005511aac177c968ffb10d34c1eda132c6caf9aa6fe8348a16e6ce55317784e44645a5295ccdb2aa740ac5960d6bd85dca7db
diff --git a/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild b/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild
new file mode 100644
index 000000000000..965482f66841
--- /dev/null
+++ b/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild
@@ -0,0 +1,125 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils autotools flag-o-matic toolchain-funcs
+
+MY_PN=${PN//-tools}
+MY_PV=${PV/_p/-P}
+MY_PV=${MY_PV/_rc/rc}
+MY_P="${MY_PN}-${MY_PV}"
+
+DESCRIPTION="bind tools: dig, nslookup, host, nsupdate, dnssec-keygen"
+HOMEPAGE="http://www.isc.org/software/bind"
+SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz"
+
+LICENSE="ISC BSD BSD-2 HPND JNIC RSA openssl"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="doc gost gssapi idn ipv6 readline seccomp ssl urandom xml"
+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
+
+REQUIRED_USE="gost? ( ssl )"
+
+DEPEND="ssl? ( dev-libs/openssl:0 )
+ gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
+ xml? ( dev-libs/libxml2 )
+ idn? ( net-dns/idnkit )
+ gssapi? ( virtual/krb5 )
+ readline? ( sys-libs/readline:0= )
+ seccomp? ( sys-libs/libseccomp )"
+RDEPEND="${DEPEND}
+ !<net-dns/bind-9.10.2"
+
+S="${WORKDIR}/${MY_P}"
+
+# bug 479092, requires networking
+RESTRICT="test"
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-9.5.0_p1-lwconfig.patch #231247
+ epatch "${FILESDIR}"/${PN}-9.10.2-openssl.patch #417129
+
+ # Disable tests for now, bug 406399
+ sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
+
+ # bug #220361
+ rm aclocal.m4
+ rm -rf libtool.m4/
+ eautoreconf
+}
+
+src_configure() {
+ local myconf=
+
+ if use urandom; then
+ myconf="${myconf} --with-randomdev=/dev/urandom"
+ else
+ myconf="${myconf} --with-randomdev=/dev/random"
+ fi
+
+ # bug 344029
+ append-cflags "-DDIG_SIGCHASE"
+
+ # localstatedir for nsupdate -l, bug 395785
+ tc-export BUILD_CC
+ econf \
+ --localstatedir=/var \
+ --without-python \
+ --without-libjson \
+ --disable-openssl-version-check \
+ $(use_enable ipv6) \
+ $(use_with idn) \
+ $(usex idn --with-idnlib=-lidnkit '') \
+ $(use_enable seccomp) \
+ $(use_with ssl openssl) \
+ $(use_with xml libxml2) \
+ $(use_with gssapi) \
+ $(use_with readline) \
+ $(use_with gost) \
+ ${myconf}
+
+ # bug #151839
+ echo '#undef SO_BSDCOMPAT' >> config.h
+}
+
+src_compile() {
+ local AR=$(tc-getAR)
+
+ emake AR="${AR}" -C lib/
+ emake AR="${AR}" -C bin/delv/
+ emake AR="${AR}" -C bin/dig/
+ emake AR="${AR}" -C bin/nsupdate/
+ emake AR="${AR}" -C bin/dnssec/
+}
+
+src_install() {
+ dodoc README CHANGES FAQ
+
+ cd "${S}"/bin/delv
+ dobin delv
+ doman delv.1
+
+ cd "${S}"/bin/dig
+ dobin dig host nslookup
+ doman {dig,host,nslookup}.1
+
+ cd "${S}"/bin/nsupdate
+ dobin nsupdate
+ doman nsupdate.1
+ if use doc; then
+ dohtml nsupdate.html
+ fi
+
+ cd "${S}"/bin/dnssec
+ for tool in dsfromkey importkey keyfromlabel keygen \
+ revoke settime signzone verify; do
+ dobin dnssec-"${tool}"
+ doman dnssec-"${tool}".8
+ if use doc; then
+ dohtml dnssec-"${tool}".html
+ fi
+ done
+}