From 611412d9bb570646c5312f0d68c3134619d5b94f Mon Sep 17 00:00:00 2001 From: Christian Ruppert Date: Wed, 9 Sep 2015 21:10:38 +0200 Subject: net-dns/bind-tools: Security bump, bug #559462 - CVE-2015-5722, CVE-2015-5986 Package-Manager: portage-2.2.20.1 --- net-dns/bind-tools/Manifest | 1 + net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild | 125 +++++++++++++++++++++++++ 2 files changed, 126 insertions(+) create mode 100644 net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild diff --git a/net-dns/bind-tools/Manifest b/net-dns/bind-tools/Manifest index 15de6564f82e..9f622242da7e 100644 --- a/net-dns/bind-tools/Manifest +++ b/net-dns/bind-tools/Manifest @@ -1,2 +1,3 @@ DIST bind-9.10.1-P1.tar.gz 8356463 SHA256 974343108d32f253a130383d0ba51290fb7bf372092f1451f264a9e3ac09898d SHA512 5fedff46d9cb0ff2544624c6d998f4f4bcd82152730e8e936c2611847fe443018b5c5c1dfb1dc49888dde5e3e30c3814f08369525612f0770575d54a3133ed48 WHIRLPOOL 6f39ff0e15676ed68f6d48d2ec5894b00de5192edbbbff94444f62dcf83e62a1e72019d575da97b6e6cde91b8918da78721c48510dbaad88095d4f2b3af375eb DIST bind-9.10.2-P2.tar.gz 8469608 SHA256 b1e6f0af88634aaf48fb9d06bbf82968264f49b8e2685f061dd3fd4c1ab76c5f SHA512 f59a4e7ef268cd95be9c31b8f908a77b261c76bfad0572608f503175e4e06e69c22ee88f4b6ae9578cd096aa069d9401f76084c7e07b3e98e9dbbb40d535695c WHIRLPOOL 10b035f790a43552b22eed13a98b8dcfdc0cc0614342ae221ce23ba655fb40a46e336cca8575460bf26a792303c6eba61e184ca5deb219372fdd09609b4c9798 +DIST bind-9.10.2-P4.tar.gz 8471531 SHA256 c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8 SHA512 71dd211167c46ada768389f818b114c9e101132544510df0fde7b83ccbe6ef4d7313a3a254f11efe1ccea43a35f74785de4757c9f6044320174f5a69d39cdd5c WHIRLPOOL 0e179fb597c906c05d820969b8a005511aac177c968ffb10d34c1eda132c6caf9aa6fe8348a16e6ce55317784e44645a5295ccdb2aa740ac5960d6bd85dca7db diff --git a/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild b/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild new file mode 100644 index 000000000000..965482f66841 --- /dev/null +++ b/net-dns/bind-tools/bind-tools-9.10.2_p4.ebuild @@ -0,0 +1,125 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils autotools flag-o-matic toolchain-funcs + +MY_PN=${PN//-tools} +MY_PV=${PV/_p/-P} +MY_PV=${MY_PV/_rc/rc} +MY_P="${MY_PN}-${MY_PV}" + +DESCRIPTION="bind tools: dig, nslookup, host, nsupdate, dnssec-keygen" +HOMEPAGE="http://www.isc.org/software/bind" +SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz" + +LICENSE="ISC BSD BSD-2 HPND JNIC RSA openssl" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="doc gost gssapi idn ipv6 readline seccomp ssl urandom xml" +# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687 + +REQUIRED_USE="gost? ( ssl )" + +DEPEND="ssl? ( dev-libs/openssl:0 ) + gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] ) + xml? ( dev-libs/libxml2 ) + idn? ( net-dns/idnkit ) + gssapi? ( virtual/krb5 ) + readline? ( sys-libs/readline:0= ) + seccomp? ( sys-libs/libseccomp )" +RDEPEND="${DEPEND} + !> config.h +} + +src_compile() { + local AR=$(tc-getAR) + + emake AR="${AR}" -C lib/ + emake AR="${AR}" -C bin/delv/ + emake AR="${AR}" -C bin/dig/ + emake AR="${AR}" -C bin/nsupdate/ + emake AR="${AR}" -C bin/dnssec/ +} + +src_install() { + dodoc README CHANGES FAQ + + cd "${S}"/bin/delv + dobin delv + doman delv.1 + + cd "${S}"/bin/dig + dobin dig host nslookup + doman {dig,host,nslookup}.1 + + cd "${S}"/bin/nsupdate + dobin nsupdate + doman nsupdate.1 + if use doc; then + dohtml nsupdate.html + fi + + cd "${S}"/bin/dnssec + for tool in dsfromkey importkey keyfromlabel keygen \ + revoke settime signzone verify; do + dobin dnssec-"${tool}" + doman dnssec-"${tool}".8 + if use doc; then + dohtml dnssec-"${tool}".html + fi + done +} -- cgit v1.2.3-65-gdbad