![](https://seccdn.libravatar.org/avatar/e2145bc5cf53dda95c308a3c75e8fef3.jpg?s=120&d=mm&r=g)
Hello community, here is the log from the commit of package bind for openSUSE:Factory checked in at 2013-03-28 13:09:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/bind (Old) and /work/SRC/openSUSE:Factory/.bind.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "bind", Maintainer is "max@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/bind/bind.changes 2012-12-07 14:06:49.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.bind.new/bind.changes 2013-03-28 13:10:01.000000000 +0100 @@ -1,0 +2,13 @@ +Wed Mar 27 12:33:34 UTC 2013 - meissner@suse.com + +- Updated to 9.9.2-P2 (bnc#811876) + Fix for: https://kb.isc.org/article/AA-00871 CVE-2013-2266 + + * Security Fixes + Removed the check for regex.h in configure in order to disable regex + syntax checking, as it exposes BIND to a critical flaw in libregex + on some platforms. [RT #32688] + +- added gpg key source verification + +------------------------------------------------------------------- Old: ---- bind-9.9.2-P1.tar.gz New: ---- bind-9.9.2-P2.tar.gz bind-9.9.2-P2.tar.gz.asc bind.keyring ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bind.spec ++++++ --- /var/tmp/diff_new_pack.QfIuKI/_old 2013-03-28 13:10:14.000000000 +0100 +++ /var/tmp/diff_new_pack.QfIuKI/_new 2013-03-28 13:10:14.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package bind # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ Name: bind %define pkg_name bind -%define pkg_vers 9.9.2-P1 +%define pkg_vers 9.9.2-P2 BuildRequires: krb5-devel BuildRequires: libcap BuildRequires: libcap-devel @@ -44,6 +44,9 @@ PreReq: %fillup_prereq %insserv_prereq bind-utils /bin/grep /bin/sed /bin/mkdir /usr/bin/tee /bin/chmod /bin/chown /bin/mv /bin/cat /usr/bin/dirname /usr/bin/diff /usr/bin/old /usr/sbin/groupadd /usr/sbin/useradd /usr/sbin/usermod Url: http://isc.org/sw/bind/ Source: ftp://ftp.isc.org/isc/bind9/%{pkg_vers}/bind-%{pkg_vers}.tar.gz +Source3: ftp://ftp.isc.org/isc/bind9/%{pkg_vers}/bind-%{pkg_vers}.tar.gz.asc +# from http://www.isc.org/about/openpgp/ ... changes yearly apparently. +Source4: %name.keyring Source1: vendor-files.tar.bz2 Source2: baselibs.conf Source9: ftp://ftp.internic.net/domain/named.root @@ -56,6 +59,9 @@ Patch52: named-bootconf.diff Patch100: configure.in.diff2 Patch110: workaround-compile-problem.diff +%if 0%{?suse_version} > 1220 +BuildRequires: gpg-offline +%endif # Rate limiting patch by Paul Vixie et.al. for reflection DoS protection # see http://www.redbarn.org/dns/ratelimits @@ -185,6 +191,9 @@ Name Domain (BIND) DNS server is found in the package named bind. %prep +%if 0%{?suse_version} > 1220 +%gpg_verify %{S:3} +%endif %setup -q -n %{pkg_name}-%{pkg_vers} #%setup -n %{pkg_name}-%{version} -T -D -a1 -a50 %setup -q -n %{pkg_name}-%{pkg_vers} -T -D -a1 ++++++ bind-9.9.2-P1.tar.gz -> bind-9.9.2-P2.tar.gz ++++++ /work/SRC/openSUSE:Factory/bind/bind-9.9.2-P1.tar.gz /work/SRC/openSUSE:Factory/.bind.new/bind-9.9.2-P2.tar.gz differ: char 5, line 1 ++++++ named.root ++++++ --- /var/tmp/diff_new_pack.QfIuKI/_old 2013-03-28 13:10:14.000000000 +0100 +++ /var/tmp/diff_new_pack.QfIuKI/_new 2013-03-28 13:10:14.000000000 +0100 @@ -9,8 +9,8 @@ ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; -; last update: Jun 8, 2011 -; related version of root zone: 2011060800 +; last update: Jan 3, 2013 +; related version of root zone: 2013010300 ; ; formerly NS.INTERNIC.NET ; @@ -31,7 +31,7 @@ ; FORMERLY TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. -D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D ; ; FORMERLY NS.NASA.GOV -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@hilbert.suse.de