diff options
| author | Leo <thinkabit.ukim@gmail.com> | 2019-08-17 22:28:06 -0300 |
|---|---|---|
| committer | Kevin Daudt <kdaudt@alpinelinux.org> | 2019-08-18 10:54:28 +0000 |
| commit | 16b7234d95adf0e83952001d0348d83a134e461e (patch) | |
| tree | afd6d0b6cb154b9a1c2c5e0e10c8d20641f65a6f /main/ldns | |
| parent | ad8a9329f93ebdff74253e18d488199c27d60c19 (diff) | |
| download | aports-16b7234d95adf0e83952001d0348d83a134e461e.tar.bz2 aports-16b7234d95adf0e83952001d0348d83a134e461e.tar.xz | |
main/ldns: upgrade to 1.7.1
Closes GH-10156
Diffstat (limited to 'main/ldns')
| -rw-r--r-- | main/ldns/APKBUILD | 43 | ||||
| -rw-r--r-- | main/ldns/CVE-2017-1000231.patch | 25 | ||||
| -rw-r--r-- | main/ldns/CVE-2017-1000232.patch | 27 |
3 files changed, 19 insertions, 76 deletions
diff --git a/main/ldns/APKBUILD b/main/ldns/APKBUILD index b45853fb9b..0779d20597 100644 --- a/main/ldns/APKBUILD +++ b/main/ldns/APKBUILD @@ -1,27 +1,22 @@ # Contributor: Carlo Landmeter <clandmeter@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=ldns -pkgver=1.7.0 -pkgrel=2 +pkgver=1.7.1 +pkgrel=0 pkgdesc="Lowlevel DNS(SEC) library" url="http://nlnetlabs.nl/projects/ldns/" arch="all" license="Custom" -depends= depends_dev="openssl-dev" makedepends="$depends_dev libpcap-dev perl" -install="" subpackages="$pkgname-dev $pkgname-doc drill $pkgname-tools" -source="https://nlnetlabs.nl/downloads/ldns/ldns-$pkgver.tar.gz - CVE-2017-1000231.patch - CVE-2017-1000232.patch" +source="https://nlnetlabs.nl/downloads/ldns/ldns-$pkgver.tar.gz" # secfixes: # 1.7.0-r1: # - CVE-2017-1000231 # - CVE-2017-1000232 -builddir="$srcdir"/ldns-$pkgver build() { cd "$builddir" ./configure \ @@ -43,21 +38,23 @@ package() { cd "$builddir" make DESTDIR="$pkgdir" install + rm -f "$pkgdir"/usr/lib/*.a + mkdir -p "$pkgdir"/usr/lib/pkgconfig - cat > "$pkgdir"/usr/lib/pkgconfig/libldns.pc<<EOF -prefix=/usr -exec_prefix=\${prefix} -libdir=\${exec_prefix}/lib -includedir=\${prefix}/include + cat > "$pkgdir"/usr/lib/pkgconfig/libldns.pc<<-EOF + prefix=/usr + exec_prefix=\$prefix + libdir=\$exec_prefix/lib + includedir=\$prefix/include -Name: ldns -Description: Library for DNS programming -URL: http://www.nlnetlabs.nl/projects/ldns -Version: $pkgver -Requires.private: libcrypto -Libs: -L\${libdir} -lldns -Libs.private: -lcrypto -Cflags: -I\${includedir} + Name: ldns + Description: Library for DNS programming + URL: http://www.nlnetlabs.nl/projects/ldns + Version: $pkgver + Requires.private: libcrypto + Libs: -L\${libdir} -lldns + Libs.private: -lcrypto + Cflags: -I\$includedir EOF } @@ -73,6 +70,4 @@ tools() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -sha512sums="8a4e48bcc2a244b92447a9830b60efbb656fb7955f3559ef2eb6f8e724c4c0208776350c44ccf7dcf1ffe0b7b9d9ccc4cbddc5bc16e8888db494ab4d0bce3bd8 ldns-1.7.0.tar.gz -51c54a8bc60b18ca90111fceb86873609401c901345851ad44f6be2437f3700ccdcff502e5bfefa9da327b7f0739e644edbbfbce8afc1c19eda97663a04c02a1 CVE-2017-1000231.patch -00e547359dd2bf9498dfe7bdb236fb6327ca972356ea089e415cdf21dbae49555cd32b09f27226c1f7aea7e3e1b94cce3e3750c595080aa182fe1790a1f5a5ff CVE-2017-1000232.patch" +sha512sums="e8f72a4ff4aa544acac5e7be9a8ba38c6b8d388bb26f9a0ed04c1a921622f8582cc8539beafc76a29187a55c94069b7c1875e77522e1a7e7bb3e297dd1e4c2b7 ldns-1.7.1.tar.gz" diff --git a/main/ldns/CVE-2017-1000231.patch b/main/ldns/CVE-2017-1000231.patch deleted file mode 100644 index b6898b5816..0000000000 --- a/main/ldns/CVE-2017-1000231.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 99dfbbc328f75df60d52f8a578545017dd98c475 Mon Sep 17 00:00:00 2001 -From: Willem Toorop <willem@nlnetlabs.nl> -Date: Thu, 27 Apr 2017 00:14:58 +0200 -Subject: [PATCH] Check parse limit before t increment - -Thanks Stephan Zeisberg ---- - parse.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/parse.c b/parse.c -index e68627c2..947dbb89 100644 ---- a/parse.c -+++ b/parse.c -@@ -118,6 +118,10 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li - if (line_nr) { - *line_nr = *line_nr + 1; - } -+ if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) { -+ *t = '\0'; -+ return -1; -+ } - *t++ = ' '; - prev_c = c; - continue; diff --git a/main/ldns/CVE-2017-1000232.patch b/main/ldns/CVE-2017-1000232.patch deleted file mode 100644 index d36738ca22..0000000000 --- a/main/ldns/CVE-2017-1000232.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f5bae2bf02aa0d8a38e02e14f27e3c4dee15077d Mon Sep 17 00:00:00 2001 -From: Willem Toorop <willem@nlnetlabs.nl> -Date: Thu, 27 Apr 2017 00:25:20 +0200 -Subject: [PATCH] bugfix #1257: Free after reallocing to 0 size - -Thanks Stephan Zeisberg ---- - str2host.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/str2host.c b/str2host.c -index c396f547..c3afba1d 100644 ---- a/str2host.c -+++ b/str2host.c -@@ -1496,8 +1496,10 @@ ldns_str2rdf_long_str(ldns_rdf **rd, const char *str) - if (! str) { - return LDNS_STATUS_SYNTAX_BAD_ESCAPE; - } -- length = (size_t)(dp - data); -- -+ if (!(length = (size_t)(dp - data))) { -+ LDNS_FREE(data); -+ return LDNS_STATUS_SYNTAX_EMPTY; -+ } - /* Lose the overmeasure */ - data = LDNS_XREALLOC(dp = data, uint8_t, length); - if (! data) { |