Page MenuHomeSolus

Update bind-utils to 9.11.2-P1
ClosedPublic

Authored by sunnyflunk on Jul 8 2017, 12:43 PM.

Details

Summary

Full changelog available here
Resolves CVE-2017-3145, denial-of-service vector which can potentially be
exploited against ISC BIND servers, causing them to crash.

Packaging:
Add nsupdate, invalidates T3179, ref task T1901.

Signed-off-by: Pierre-Yves <pyu@riseup.net>

Test Plan
  • nslookup solus-project.com : ok
  • host solus-project.com : ok
  • dig : ok

Diff Detail

Repository
R431 bind-utils
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

kyrios123 created this revision.Jul 8 2017, 12:43 PM
curantes added a subscriber: curantes.EditedJul 9 2017, 5:47 PM

@kyrios123: Noticed no one got to my patch ealier for bind. Could you please just add my changes to your patch and I can close mine.

Please take a look at: D516

One of the important part is the license change from ISC to MPL-2.0

ATM patch review is falling behind on account of the whole 2-job thing. This'll become markedly easier at the end of the week, sorry.

In D563#8220, @ikey wrote:

ATM patch review is falling behind on account of the whole 2-job thing. This'll become markedly easier at the end of the week, sorry.

No worries, I understand just its sometime gets a bunch of dubplicates patches and its hard to keep track of all of them.

I really wish Phabricator would list the target repo for the patch in the main patches view..
Once I do go full time my first goals will be greatly reducing the backlog on the tracker with daily bugs + patches work,
so we'll get to a point where we only have a few patches floating around at any one time.

kyrios123 planned changes to this revision.Jul 9 2017, 6:10 PM
In D563#8216, @curantes wrote:

@kyrios123: Noticed no one got to my patch ealier for bind. Could you please just add my changes to your patch and I can close mine.
Please take a look at: D516
One of the important part is the license change from ISC to MPL-2.0

Sorry @curantes I saw your patch submission, but a most recent version was already in the repo so I started from there.
If you want you can update this diff with your change arc diff --update D563 or I'll update it myself later today or tomorrow.

kyrios123 updated this revision to Diff 1245.Jul 9 2017, 7:02 PM

Change license from ISC to MPL-2.0, thanks @curantes !

kyrios123 updated this revision to Diff 1575.Jul 30 2017, 10:00 AM
kyrios123 retitled this revision from Update bind-utils to 9.11.1_p3 to Update bind-utils to 9.11.2.
kyrios123 edited the summary of this revision. (Show Details)

Bump to 9.11.2

@kyrios123 please add nsupdate bin to your revision to fix T3179

package.yml
20–21

please add a line with

%make -C bin/nsupdate

This fixes T3179

23–24

please also add a line to install nsupdate at the end of install section.

this fixes T3179

%make_install -C bin/nsupdate
kyrios123 updated this revision to Diff 1834.Aug 18 2017, 9:58 AM
kyrios123 edited the summary of this revision. (Show Details)
kyrios123 added a task: T1901: SSSD.
kyrios123 added a subscriber: rigrassm.

Apply the changes of @rigrassm in T3179 as pre-requisite for T1901.

PS: @curantes in such cases, do not hesitate to update my diff or even to commandeer it. Thanks for the notification! :)

sunnyflunk commandeered this revision.Jan 17 2018, 12:41 AM
sunnyflunk added a reviewer: kyrios123.
sunnyflunk added a subscriber: sunnyflunk.

Want to get the nsupdate changes with the new update

sunnyflunk updated this revision to Diff 4643.Jan 17 2018, 1:16 AM
sunnyflunk retitled this revision from Update bind-utils to 9.11.2 to Update bind-utils to 9.11.2-P1.
sunnyflunk edited the summary of this revision. (Show Details)

Add CVE details

This revision was automatically updated to reflect the committed changes.