diff options
Diffstat (limited to 'net-dns/pdns-recursor')
-rw-r--r-- | net-dns/pdns-recursor/Manifest | 6 | ||||
-rw-r--r-- | net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch | 47 | ||||
-rw-r--r-- | net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch | 28 | ||||
-rw-r--r-- | net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild (renamed from net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild) | 4 |
4 files changed, 2 insertions, 83 deletions
diff --git a/net-dns/pdns-recursor/Manifest b/net-dns/pdns-recursor/Manifest index 8f3f572b6337..8422aa5035e2 100644 --- a/net-dns/pdns-recursor/Manifest +++ b/net-dns/pdns-recursor/Manifest @@ -1,8 +1,6 @@ -AUX CVE-2017-15093-4.0.6.patch 1581 BLAKE2B b3604c997b30805bf883879a65e30a96bfeef52eb04fbe7b741c2a41884134c145059359daed0db7d419eadc76909366d19af719a1cb0a978319028c6cbb4614 SHA512 e367895d54c0fe989812195bef0e904c79e16d5bcb1239b074e9587d0e69bab2ae4d675a74c485179c5bb3d4e18fd1f8d505bae0ef1dc72b3a649db596f8c222 -AUX CVE-2017-15094-4.0.6.patch 1031 BLAKE2B 7be45cc770e92fb156b563e32855576ec79f230edd751e14d5bb6b55b859a83acfb9cad30f1e4dace94c316895241a2da2f46e9335b1f3138b4cbd535e62131f SHA512 164370b3667fbe8f19c55068a5d250651ef9873df05d4516f093f98a9bd8f1cd48e95530b2e8cca3b5c54c26bdde8718d7dcd739c922c8d25ac25d2418642393 AUX pdns-recursor-r1 1135 BLAKE2B 90f28d33c126882e5b5e29209ec12f336797720832f7750262329cc5d47fefdf8bcb5208807e47638037a704abbbebd0ee2b1380a3d1d54feab6d4900c250176 SHA512 9dce3cd454ed6b61af8d70c90a8464c60d16eb8342ffc46558f5dcc5089c77aff4581f208684ddb25c4512ce6f39c54afaf267dcade667d812511ae3fa3a1f48 DIST pdns-recursor-4.0.7.tar.bz2 1107546 BLAKE2B 3ccda73878599e3ade69e4dc6b0787e588a8403fb7cacfbe574409513b8723cbfd29a3c73d857120def801da60a4bedbc0f0c396e6642adb0287204cde301331 SHA512 0c8873adcce5ed9b41f161bc71635da23496b4ae48dbffff7dcdf9c5181e720f9aa94e18bd64e0dff9fa03eae8410dc93585a74d13f0c16d38b0d1c0f4146bb2 -DIST pdns-recursor-4.1.0-rc3.tar.bz2 1191353 BLAKE2B fcbc6f08f962c9c2f459448770406734eff2caab43b615690e9d910b65327e45182aa2c9bcadadeaa6eb3984a8cb463849d5e001ffb98bb618966da5b8557a8a SHA512 141e3fcbf5e7c81ae0228fb7a15c599ef5ae41e2c2d169e2f7b4f57c6c832ac40d3e20302d219ba565c4a514b1297906684247a1a56cd740e3ea0bff4a7da51d +DIST pdns-recursor-4.1.0.tar.bz2 1222751 BLAKE2B b2b5a7dee227b28eb3a1451a4d07cb1804e039e6b405c332f30fbb8df39f395906607f3c074b2469b01885b702d12e86e4ffd6114811404134c16956905c744f SHA512 1e4d70f3794005c3f45b2ec0ab580c3697e7de3096f3378b9b9d1cd53f10f95e577522ca9f634eb235b166f007e8a2bfa99f312ddf19f266ad4bb0965167fd7c EBUILD pdns-recursor-4.0.7.ebuild 1698 BLAKE2B bf67849d5f47c1f0d148596aea3fbc4268ad6696761f76f7fdb3b3b574708b01a464f12ae2a6c1df8979d60ec0cb877542dbf927af91bb2709e4510ce675a691 SHA512 358312b26fad4c6f2c473b7756f9c6d71c77045d6c7d0e92a10555848bc1643d9fc59454f61f8286d0891d181a1f6b20eeae055598dc7b150ba06faa0af44650 -EBUILD pdns-recursor-4.1.0_rc3-r1.ebuild 1889 BLAKE2B e8a915231e5cdaf6cfcd64d4e78a56b183cb7a37a41262c275d203d00b62de05a8975aa7574ec46ccc089aeeeeafa497b6755a344e718bf9d2db75dd5d09f635 SHA512 216143fbd3c7c869ec09f0bc0fc0785d8f5ca2335c53028d8942cf97e3b25aa0cfc08921130589f97ebea642ba505b908a126921bea60f095d377d4f44453227 +EBUILD pdns-recursor-4.1.0.ebuild 1826 BLAKE2B 07f2d1113ff90503c702e1306f0d9ef87573a04b86f4eeb94dd51be8da29158e4cab390f1a57cc2066760c621e1c87413c0be265c9cd5a94443cce100227c654 SHA512 ab9825a07f4057d8f1a33a5162d0a76f01b55383e62647a9756ea1796405d5f92ad5cc254e2ef3c0ce849cf06a5ffa83519cce8af25ad7874c5c7b510d0929b6 MISC metadata.xml 1076 BLAKE2B 4f68267d5dfcf3cff38f306f440ed2e9a7f5193c14c1029bcfcbbfca4f8f310c94969001c781e1b78a14cec2a6e313e44d82bebbd9694fe46f97759372e63711 SHA512 374be5aa98c4bab340d8d63c859ab08a392e926fbb4d55e1f5a2967d41c401d13d5e8d5997c0790c3b8f96662b56e4492343248d7c8e0a067dc7eaf3f4b56e95 diff --git a/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch b/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch deleted file mode 100644 index 2695830b4420..000000000000 --- a/net-dns/pdns-recursor/files/CVE-2017-15093-4.0.6.patch +++ /dev/null @@ -1,47 +0,0 @@ -diff -ru pdns-recursor-4.0.6.orig/ws-recursor.cc pdns-recursor-4.0.6/ws-recursor.cc ---- pdns-recursor-4.0.6.orig/ws-recursor.cc 2017-07-04 17:43:07.000000000 +0200 -+++ pdns-recursor-4.0.6/ws-recursor.cc 2017-11-02 18:13:55.762458134 +0100 -@@ -76,10 +76,11 @@ - throw ApiException("'value' must be an array"); - } - -+ NetmaskGroup nmg; - for (auto value : jlist.array_items()) { - try { -- Netmask(value.string_value()); -- } catch (NetmaskException &e) { -+ nmg.addMask(value.string_value()); -+ } catch (const NetmaskException &e) { - throw ApiException(e.reason); - } - } -@@ -91,9 +92,7 @@ - - // Clear allow-from, and provide a "parent" value - ss << "allow-from=" << endl; -- for (auto value : jlist.array_items()) { -- ss << "allow-from+=" << value.string_value() << endl; -- } -+ ss << "allow-from+=" << nmg.toString() << endl; - - apiWriteConfigFile("allow-from", ss.str()); - -@@ -201,10 +200,15 @@ - if (server == "") { - throw ApiException("Forwarded-to server must not be an empty string"); - } -- if (!serverlist.empty()) { -- serverlist += ";"; -+ try { -+ ComboAddress ca = parseIPAndPort(server, 53); -+ if (!serverlist.empty()) { -+ serverlist += ";"; -+ } -+ serverlist += ca.toStringWithPort(); -+ } catch (const PDNSException &e) { -+ throw ApiException(e.reason); - } -- serverlist += server; - } - if (serverlist == "") - throw ApiException("Need at least one upstream server when forwarding"); diff --git a/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch b/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch deleted file mode 100644 index ee7cf6878d98..000000000000 --- a/net-dns/pdns-recursor/files/CVE-2017-15094-4.0.6.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff -ru pdns-recursor-4.0.6.orig/opensslsigners.cc pdns-recursor-4.0.6/opensslsigners.cc ---- pdns-recursor-4.0.6.orig/opensslsigners.cc 2017-07-04 17:43:07.000000000 +0200 -+++ pdns-recursor-4.0.6/opensslsigners.cc 2017-11-02 18:18:37.489408103 +0100 -@@ -474,7 +474,7 @@ - if (iqmp == NULL) { - RSA_free(key); - BN_clear_free(dmq1); -- BN_clear_free(iqmp); -+ BN_clear_free(dmp1); - throw runtime_error(getName()+" allocation of BIGNUM iqmp failed"); - } - RSA_set0_crt_params(key, dmp1, dmq1, iqmp); -@@ -562,6 +562,7 @@ - BIGNUM *n = BN_bin2bn((unsigned char*)modulus.c_str(), modulus.length(), NULL); - if (!n) { - RSA_free(key); -+ BN_clear_free(e); - throw runtime_error(getName()+" error loading n value of public key"); - } - -@@ -866,6 +867,7 @@ - - int ret = EC_POINT_oct2point(d_ecgroup, pub_key, (unsigned char*) ecdsaPoint.c_str(), ecdsaPoint.length(), d_ctx); - if (ret != 1) { -+ EC_POINT_free(pub_key); - throw runtime_error(getName()+" reading ECP point from binary failed"); - } - diff --git a/net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild b/net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild index 224ae2f7537a..346091e0ec16 100644 --- a/net-dns/pdns-recursor/pdns-recursor-4.1.0_rc3-r1.ebuild +++ b/net-dns/pdns-recursor/pdns-recursor-4.1.0.ebuild @@ -33,10 +33,6 @@ DEPEND="${DEPEND} S="${WORKDIR}"/${P/_/-} -PATCHES=( - "${FILESDIR}"/CVE-2017-{15093,15094}-4.0.6.patch -) - pkg_setup() { filter-flags -ftree-vectorize } |