Mailinglist Archive: opensuse-commit (1903 mails)

< Previous Next >
commit bind for openSUSE:Factory
Hello community,

here is the log from the commit of package bind for openSUSE:Factory checked in
at 2019-04-18 13:57:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/bind (Old)
and /work/SRC/openSUSE:Factory/.bind.new.5536 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "bind"

Thu Apr 18 13:57:04 2019 rev:141 rq:694780 version:9.11.2

Changes:
--------
--- /work/SRC/openSUSE:Factory/bind/bind.changes 2018-12-19
13:23:54.769345595 +0100
+++ /work/SRC/openSUSE:Factory/.bind.new.5536/bind.changes 2019-04-18
13:57:38.271979471 +0200
@@ -1,0 +2,6 @@
+Tue Apr 16 10:15:22 UTC 2019 - Navin Kukreja <navin.kukreja@xxxxxxxx>
+
+- Add FIPS patch back into bind (bsc#1128220)
+- File: bind-fix-fips.patch
+
+-------------------------------------------------------------------

New:
----
bind-fix-fips.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ bind.spec ++++++
--- /var/tmp/diff_new_pack.zCCSD0/_old 2019-04-18 13:57:41.387980510 +0200
+++ /var/tmp/diff_new_pack.zCCSD0/_new 2019-04-18 13:57:41.387980510 +0200
@@ -1,7 +1,7 @@
#
# spec file for package bind
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


@@ -83,6 +83,7 @@
Patch54: bind-CVE-2017-3145.patch
Patch55: bug-4697-Restore-workaround-for-Microsoft-Windows-T.patch
Patch56: bind-ldapdump-use-valid-host.patch
+Patch57: bind-fix-fips.patch
BuildRequires: libcap-devel
BuildRequires: libmysqlclient-devel
BuildRequires: libopenssl-devel
@@ -315,6 +316,7 @@
%patch54 -p1
%patch55 -p1
%patch56 -p1
+%patch57 -p1

# use the year from source gzip header instead of current one to make
reproducible rpms
year=$(perl -e 'sysread(STDIN, $h, 8); print
(1900+(gmtime(unpack("l",substr($h,4))))[5])' < %{SOURCE0})


++++++ bind-fix-fips.patch ++++++
Index: bind-9.11.2/lib/dns/opensslgost_link.c
===================================================================
--- bind-9.11.2.orig/lib/dns/opensslgost_link.c
+++ bind-9.11.2/lib/dns/opensslgost_link.c
@@ -578,9 +578,16 @@ dst__opensslgost_init(dst_func_t **funcp

/* check if the gost engine works properly */
e = ENGINE_by_id("gost");
- if (e == NULL)
+ if (e == NULL) {
+ /* In FIPS mode we cannot get the gost engine, even if
+ * openssl and bind was originally built with it. */
+#if 0
return (dst__openssl_toresult2("ENGINE_by_id",
DST_R_OPENSSLFAILURE));
+#endif
+ return (ISC_R_SUCCESS);
+ }
+
if (ENGINE_init(e) <= 0) {
ENGINE_free(e);
e = NULL;


< Previous Next >
This Thread
  • No further messages