blob: 980a5b092a00359d0d0c77bf6659609c08e217bc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
# 2.76-r6:
# - CVE-2017-15107
# 2.76-r5:
# - CVE-2017-14491
# - CVE-2017-14492
# - CVE-2017-14493
# - CVE-2017-14494
# - CVE-2017-14495
# - CVE-2017-14496
#
pkgname=dnsmasq
pkgver=2.76
pkgrel=7
pkgdesc="A lightweight DNS, DHCP, RA, TFTP and PXE server"
url="http://www.thekelleys.org.uk/dnsmasq/"
arch="all"
license="GPL2"
depends="!$pkgname-dnssec"
makedepends="linux-headers nettle-dev"
install="$pkgname.pre-install $pkgname.pre-upgrade"
subpackages="$pkgname-doc $pkgname-dnssec"
source="http://www.thekelleys.org.uk/dnsmasq/$pkgname-$pkgver.tar.gz
CVE-2017-14491.patch
CVE-2017-14492.patch
CVE-2017-14493.patch
CVE-2017-14494.patch
CVE-2017-14496.patch
CVE-2017-14495.patch
CVE-2017-14491-2.patch
$pkgname.initd
$pkgname.confd
uncomment-conf-dir.patch
CVE-2017-15107.patch
"
builddir="$srcdir/$pkgname-$pkgver"
build() {
cd "$builddir"
make CFLAGS="$CFLAGS" COPTS="-DHAVE_DNSSEC" all || return 1
mv src/dnsmasq src/dnsmasq~dnssec || return 1
make CFLAGS="$CFLAGS" clean all
}
# dnsmasq doesn't provide any test suite (shame on them!), so just check that
# the binary isn't totally broken...
check() {
cd "$builddir"
./src/dnsmasq --help >/dev/null
}
package() {
cd "$builddir"
make PREFIX=/usr DESTDIR="$pkgdir" install || return 1
install -D -m755 "$srcdir"/$pkgname.initd \
"$pkgdir"/etc/init.d/$pkgname || return 1
install -D -m644 "$srcdir"/$pkgname.confd \
"$pkgdir"/etc/conf.d/$pkgname || return 1
install -m644 dnsmasq.conf.example "$pkgdir"/etc/dnsmasq.conf || return 1
install -d -m755 "$pkgdir"/etc/dnsmasq.d
}
dnssec() {
pkgdesc="$pkgdesc with DNSSEC support"
depends="!$pkgname"
cd "$builddir"
install -D -m 755 src/dnsmasq~dnssec \
"$subpkgdir"/usr/sbin/dnsmasq || return 1
install -D -m 644 trust-anchors.conf \
"$subpkgdir"/usr/share/$pkgname/trust-anchors.conf || return 1
cp -r "$pkgdir"/etc "$subpkgdir"/etc
}
sha512sums="c22627a8d864671096d3b3428ec4f879b513e1f1e7f79be3ab89444c56234e748fbfa6b6b4f9e521984fea95d363f4aa2ca6243f0dfc12ffb74bed0648ae21c5 dnsmasq-2.76.tar.gz
aa82a4d07f22dfc4913aaefb678890b0523f89f5283b1bab97c9e8540aafaa3be436a205f4e442c51336209e81e6236325ede5f1d5ba0de671bb1cbcd8979a14 CVE-2017-14491.patch
a3fbde8c902ccab61b279f6977dddc46c7e2ae9c5cd2c9e0b297bbbe2965cd9a5d254bc4a0fcabc53db0dc3e945f77f85ffd798c2d181c8c0ad48391754f3781 CVE-2017-14492.patch
083ce54a4e1a41f60302cdd3f353f1ba9ea84a3f474d1ce0b9f2d88c14c36bb83a314775260b83788f89866575199391d2f40b773224798bdd4ad09f847e20b1 CVE-2017-14493.patch
3aed0e80eb1d0bcc1639e83668ac49fced2681d907ab70a00ded50fb987cc2ade6f264016877666075b8a9efc542df57badbe4e1aa89d60b792a13c00029041a CVE-2017-14494.patch
d63f2ed7b34796ff42891813084c56df1ce7e7da1ea2485a029b8c7b5dfda2110fdf8c217564a77571562a9b4778e777f9dec6de8c1e9ffb52f6e85fb6cc566c CVE-2017-14496.patch
d3ffcd4451a52930a9499047559853f7a3b653a26254d3abeb972dd9ed663c406db3cc415cf5b3d5eeb44e37ff21573eaa6bc92415e8e97d13ff9890c4a0683f CVE-2017-14495.patch
ae665e0545038f1660eb8b67db71b403a3bdcc1b6915438f6e0eaec5c0d7c43dc49b72bb68c2204882d3c2fd280313ee2035a699ff2308d23e8ade65ef87a323 CVE-2017-14491-2.patch
af841b23b123618c80e736776590a983f744a65b71ae90ac9aea48988e9f2f6527710540bffad2470f22f46ff75af304829332aadfd7084e87763f08575ecf29 dnsmasq.initd
9a401bfc408bf1638645c61b8ca734bea0a09ef79fb36648ec7ef21666257234254bbe6c73c82cc23aa1779ddcdda0e6baa2c041866f16dfb9c4e0ba9133eab8 dnsmasq.confd
d01077f39e1240041a6700137810f254daf683b2d58dafecb6b162e94d694992e57d45964a57993b298f97c2b589eedcf9fb1506692730a38b7f06b5f55ba8d8 uncomment-conf-dir.patch
289270b10bb85bf310adf82bb49e919afd86cb82b742dce5213bf446e047793dbb86af29cda01356426b4d1c10669e0586940c59c9f96b324bc7a45e3a2f386b CVE-2017-15107.patch"
|
