diff options
author | Christian Ruppert <idl0r@gentoo.org> | 2015-09-09 21:10:38 +0200 |
---|---|---|
committer | Christian Ruppert <idl0r@gentoo.org> | 2015-09-09 22:07:43 +0200 |
commit | 611412d9bb570646c5312f0d68c3134619d5b94f (patch) | |
tree | 7bfaa9042ed7b4cf6256a4a8ebed01d1c81284f7 | |
parent | net-dns/bind: Remove old ebuild (diff) | |
download | gentoo-611412d9bb570646c5312f0d68c3134619d5b94f.tar.gz gentoo-611412d9bb570646c5312f0d68c3134619d5b94f.tar.bz2 gentoo-611412d9bb570646c5312f0d68c3134619d5b94f.zip |
net-dns/bind-tools: Security bump, bug #559462 - CVE-2015-5722, CVE-2015-5986
Package-Manager: portage-2.2.20.1
-rw-r--r-- | net-dns/bind-tools/Manifest | 1 | ||||
-rw-r--r-- | net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild | 125 |
2 files changed, 126 insertions, 0 deletions
diff --git a/net-dns/bind-tools/Manifest b/net-dns/bind-tools/Manifest index 15de6564f82e..9f622242da7e 100644 --- a/net-dns/bind-tools/Manifest +++ b/net-dns/bind-tools/Manifest @@ -1,2 +1,3 @@ DIST bind-9.10.1-P1.tar.gz 8356463 SHA256 974343108d32f253a130383d0ba51290fb7bf372092f1451f264a9e3ac09898d SHA512 5fedff46d9cb0ff2544624c6d998f4f4bcd82152730e8e936c2611847fe443018b5c5c1dfb1dc49888dde5e3e30c3814f08369525612f0770575d54a3133ed48 WHIRLPOOL 6f39ff0e15676ed68f6d48d2ec5894b00de5192edbbbff94444f62dcf83e62a1e72019d575da97b6e6cde91b8918da78721c48510dbaad88095d4f2b3af375eb DIST bind-9.10.2-P2.tar.gz 8469608 SHA256 b1e6f0af88634aaf48fb9d06bbf82968264f49b8e2685f061dd3fd4c1ab76c5f SHA512 f59a4e7ef268cd95be9c31b8f908a77b261c76bfad0572608f503175e4e06e69c22ee88f4b6ae9578cd096aa069d9401f76084c7e07b3e98e9dbbb40d535695c WHIRLPOOL 10b035f790a43552b22eed13a98b8dcfdc0cc0614342ae221ce23ba655fb40a46e336cca8575460bf26a792303c6eba61e184ca5deb219372fdd09609b4c9798 +DIST bind-9.10.2-P4.tar.gz 8471531 SHA256 c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8 SHA512 71dd211167c46ada768389f818b114c9e101132544510df0fde7b83ccbe6ef4d7313a3a254f11efe1ccea43a35f74785de4757c9f6044320174f5a69d39cdd5c WHIRLPOOL 0e179fb597c906c05d820969b8a005511aac177c968ffb10d34c1eda132c6caf9aa6fe8348a16e6ce55317784e44645a5295ccdb2aa740ac5960d6bd85dca7db diff --git a/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild b/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild new file mode 100644 index 000000000000..965482f66841 --- /dev/null +++ b/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild @@ -0,0 +1,125 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils autotools flag-o-matic toolchain-funcs + +MY_PN=${PN//-tools} +MY_PV=${PV/_p/-P} +MY_PV=${MY_PV/_rc/rc} +MY_P="${MY_PN}-${MY_PV}" + +DESCRIPTION="bind tools: dig, nslookup, host, nsupdate, dnssec-keygen" +HOMEPAGE="http://www.isc.org/software/bind" +SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz" + +LICENSE="ISC BSD BSD-2 HPND JNIC RSA openssl" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="doc gost gssapi idn ipv6 readline seccomp ssl urandom xml" +# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687 + +REQUIRED_USE="gost? ( ssl )" + +DEPEND="ssl? ( dev-libs/openssl:0 ) + gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] ) + xml? ( dev-libs/libxml2 ) + idn? ( net-dns/idnkit ) + gssapi? ( virtual/krb5 ) + readline? ( sys-libs/readline:0= ) + seccomp? ( sys-libs/libseccomp )" +RDEPEND="${DEPEND} + !<net-dns/bind-9.10.2" + +S="${WORKDIR}/${MY_P}" + +# bug 479092, requires networking +RESTRICT="test" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-9.5.0_p1-lwconfig.patch #231247 + epatch "${FILESDIR}"/${PN}-9.10.2-openssl.patch #417129 + + # Disable tests for now, bug 406399 + sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die + + # bug #220361 + rm aclocal.m4 + rm -rf libtool.m4/ + eautoreconf +} + +src_configure() { + local myconf= + + if use urandom; then + myconf="${myconf} --with-randomdev=/dev/urandom" + else + myconf="${myconf} --with-randomdev=/dev/random" + fi + + # bug 344029 + append-cflags "-DDIG_SIGCHASE" + + # localstatedir for nsupdate -l, bug 395785 + tc-export BUILD_CC + econf \ + --localstatedir=/var \ + --without-python \ + --without-libjson \ + --disable-openssl-version-check \ + $(use_enable ipv6) \ + $(use_with idn) \ + $(usex idn --with-idnlib=-lidnkit '') \ + $(use_enable seccomp) \ + $(use_with ssl openssl) \ + $(use_with xml libxml2) \ + $(use_with gssapi) \ + $(use_with readline) \ + $(use_with gost) \ + ${myconf} + + # bug #151839 + echo '#undef SO_BSDCOMPAT' >> config.h +} + +src_compile() { + local AR=$(tc-getAR) + + emake AR="${AR}" -C lib/ + emake AR="${AR}" -C bin/delv/ + emake AR="${AR}" -C bin/dig/ + emake AR="${AR}" -C bin/nsupdate/ + emake AR="${AR}" -C bin/dnssec/ +} + +src_install() { + dodoc README CHANGES FAQ + + cd "${S}"/bin/delv + dobin delv + doman delv.1 + + cd "${S}"/bin/dig + dobin dig host nslookup + doman {dig,host,nslookup}.1 + + cd "${S}"/bin/nsupdate + dobin nsupdate + doman nsupdate.1 + if use doc; then + dohtml nsupdate.html + fi + + cd "${S}"/bin/dnssec + for tool in dsfromkey importkey keyfromlabel keygen \ + revoke settime signzone verify; do + dobin dnssec-"${tool}" + doman dnssec-"${tool}".8 + if use doc; then + dohtml dnssec-"${tool}".html + fi + done +} |