guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

05/05: gnu: bind: Update to 9.19.21 [security fixes].

From: guix-commits
Subject: 05/05: gnu: bind: Update to 9.19.21 [security fixes].
Date: Wed, 28 Feb 2024 15:38:15 -0500 (EST) 
podiki pushed a commit to branch master
in repository guix.

commit 23283c50e96d7812a42b1272329fa3ba05a5a6e6
Author: John Kehayias <john.kehayias@protonmail.com>
AuthorDate: Wed Feb 28 15:22:37 2024 -0500

    gnu: bind: Update to 9.19.21 [security fixes].
    
    The current release fixes CVE-2023-50387 and other security issues.  
Previous
    releases fix many other security issues.
    
    * gnu/packages/dns.scm (bind): Update to 9.19.21.
    [source]: Remove 'patches' field.
    * gnu/packages/patches/bind-re-add-attr-constructor-priority.patch: Remove.
    * gnu/local.mk (dist_patch_DATA): Remove it.
    
    Reported-by: Felix Lechner <felix.lechner@lease-up.com>
    Change-Id: I2415de88f16d9c952a1adcee5219980a3a19bb59
---
 gnu/local.mk                                       |  1 -
 gnu/packages/dns.scm                               |  8 +--
 .../bind-re-add-attr-constructor-priority.patch    | 57 ----------------------
 3 files changed, 4 insertions(+), 62 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 208d74ef3e..1e3433d96d 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -979,7 +979,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/bazaar-CVE-2017-14176.patch             \
   %D%/packages/patches/bc-fix-cross-compilation.patch          \
   %D%/packages/patches/bdb-5.3-atomics-on-gcc-9.patch          \
-  %D%/packages/patches/bind-re-add-attr-constructor-priority.patch     \
   %D%/packages/patches/brightnessctl-elogind-support.patch     \
   %D%/packages/patches/bsd-games-2.17-64bit.patch              \
   %D%/packages/patches/bsd-games-add-configure-config.patch    \
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index 90a0fdf9de..84d3293c79 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -337,23 +337,23 @@ and BOOTP/TFTP for network booting of diskless machines.")
     ;; When updating, check whether isc-dhcp's bundled copy should be as well.
     ;; The BIND release notes are available here:
     ;; https://www.isc.org/bind/
-    (version "9.16.38")
+    (version "9.19.21")
     (source
      (origin
        (method url-fetch)
        (uri (string-append "https://ftp.isc.org/isc/bind9/"; version
                            "/bind-" version ".tar.xz"))
        (sha256
-        (base32 "03y52iyc2g63lkk9x2vaizpr0jv27g1z6mcxnjw8m8l4kaflrx4d"))
-       (patches
-        (search-patches "bind-re-add-attr-constructor-priority.patch"))))
+        (base32 "133f1aq8acaz9z03cl0gcrj4pq0hqm6c3sm4hz67d37phndsjs1b"))))
     (build-system gnu-build-system)
     (outputs `("out" "utils"))
     (inputs
      ;; It would be nice to add GeoIP and gssapi once there are packages.
      (list libcap
+           liburcu
            libuv
            libxml2
+           `(,nghttp2 "lib")
            openssl
            p11-kit
            python
diff --git a/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch 
b/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch
deleted file mode 100644
index 33e4f183f6..0000000000
--- a/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From 6361de07a35f2e9dc1d7201d6b26ca31da93ee69 Mon Sep 17 00:00:00 2001
-From: Tobias Geerinckx-Rice <me@tobias.gr>
-Date: Thu, 9 Dec 2021 01:07:32 +0100
-Subject: [PATCH] Revert "Remove priority from attribute
- constructor/destructor"
-
-This reverts commit 0340df46ec5897636dd071bc8b5c4272cfa7d7be.  It works
-around an irrelevant operating system and breaks compilation on Guix:
-
-mem.c:873: fatal error: RUNTIME_CHECK(((pthread_mutex_lock(((&contextslock))) 
== 0) ? 0 : 34) == 0) failed
-/gnu/store/…-bash-minimal-5.0.16/bin/bash: line 1: 13768 Aborted               
  ./${fuzzer}
-
-Let's simply revert it for now---there are securities at stake!
----
- lib/isc/include/isc/util.h | 8 ++++----
- lib/isc/lib.c              | 4 ++--
- 2 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h
-index f0f7f85fa4..64c26587ac 100644
---- a/lib/isc/include/isc/util.h
-+++ b/lib/isc/include/isc/util.h
-@@ -49,11 +49,11 @@
- #endif /* __GNUC__ */
- 
- #if HAVE_FUNC_ATTRIBUTE_CONSTRUCTOR && HAVE_FUNC_ATTRIBUTE_DESTRUCTOR
--#define ISC_CONSTRUCTOR __attribute__((constructor))
--#define ISC_DESTRUCTOR        __attribute__((destructor))
-+#define ISC_CONSTRUCTOR(priority) __attribute__((constructor(priority)))
-+#define ISC_DESTRUCTOR(priority)  __attribute__((destructor(priority)))
- #elif WIN32
--#define ISC_CONSTRUCTOR
--#define ISC_DESTRUCTOR
-+#define ISC_CONSTRUCTOR(priority)
-+#define ISC_DESTRUCTOR(priority)
- #endif
- 
- /*%
-diff --git a/lib/isc/lib.c b/lib/isc/lib.c
-index f3576b2659..2a167fec21 100644
---- a/lib/isc/lib.c
-+++ b/lib/isc/lib.c
-@@ -35,9 +35,9 @@ isc_lib_register(void) {
- }
- 
- void
--isc__initialize(void) ISC_CONSTRUCTOR;
-+isc__initialize(void) ISC_CONSTRUCTOR(101);
- void
--isc__shutdown(void) ISC_DESTRUCTOR;
-+isc__shutdown(void) ISC_DESTRUCTOR(101);
- 
- void
- isc__initialize(void) {
--- 
-2.34.0
-
reply via email to
[Prev in Thread] Current Thread [Next in Thread]