Update to 9.14.3.

MFH: 2019Q2 (security blanket) Security: CVE-2019-6471
svn path=/head/; revision=504596
2024-10-19 19:59:43 +00:00 · 2019-06-19 22:42:50 +00:00 · 2019-06-19 22:42:50 +00:00 · 77b718fdac · 2021-03-31 03:12:20 +00:00
commit 77b718fdac
parent 7340eb9e3c
4 changed files with 9 additions and 44 deletions
--- a/dns/bind914/Makefile
+++ b/dns/bind914/Makefile
@ -8,7 +8,7 @@ PORTVERSION=	${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/}
 PORTREVISION=	0
 .else
 # dns/bind914 here
-PORTREVISION=	2
+PORTREVISION=	0
 .endif
 CATEGORIES=	dns net ipv6
 MASTER_SITES=	ISC/bind9/${ISCVERSION}
@ -36,7 +36,7 @@ RUN_DEPENDS=	bind-tools>0:dns/bind-tools

 USES=	compiler:c11 cpe libedit pkgconfig ssl
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.14.2
+ISCVERSION=	9.14.3

 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
--- a/dns/bind914/distinfo
+++ b/dns/bind914/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1557990570
-SHA256 (bind-9.14.2.tar.gz) = 0e4027573726502ec038db3973a086c02508671723a4845e21da1769a5c27f0c
-SIZE (bind-9.14.2.tar.gz) = 6263879
+TIMESTAMP = 1560947468
+SHA256 (bind-9.14.3.tar.gz) = ce878aabcf01b61ed114522c32fff9e268b02da55b3c248349860bc3d0c8bdfa
+SIZE (bind-9.14.3.tar.gz) = 6258311
--- a/dns/bind914/files/patch-configure
+++ b/dns/bind914/files/patch-configure
@ -1,6 +1,6 @@
--- configure.orig	2019-05-10 04:51:34 UTC
+--- configure.orig	2019-06-04 15:20:04 UTC
 +++ configure
-@@ -16320,27 +16320,9 @@ done
+@@ -16347,27 +16347,9 @@ done
 		# problems start to show up.
 		saved_libs="$LIBS"
 		for TRY_LIBS in \
@ -30,7 +30,7 @@
 		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
 $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
 		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -16383,47 +16365,7 @@ $as_echo "no" >&6; } ;;
+@@ -16410,47 +16392,7 @@ $as_echo "no" >&6; } ;;
 		no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
 		esac
 
@ -79,7 +79,7 @@
 		DNS_GSSAPI_LIBS="$LIBS"
 
 		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
-@@ -20927,7 +20869,7 @@ $as_echo "" >&6; }
+@@ -20960,7 +20902,7 @@ $as_echo "" >&6; }
 			# Check other locations for includes.
 			# Order is important (sigh).
 
--- a/dns/bind914/files/patch-lib_isc_unix_socket.c
+++ b/dns/bind914/files/patch-lib_isc_unix_socket.c
@ -1,35 +0,0 @@
-From e517c18d98c248e891558ce5194e3663d244f956 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Witold=20Kr=C4=99cicki?= <wpk@isc.org>
-Date: Fri, 31 May 2019 10:40:52 +0200
-Subject: [PATCH 1/2] Fix a possible race between udp dispatch and socket code
-
-There's a small possibility of race between udp dispatcher and
-socket code - socket code can still hold internal reference to a
-socket while dispatcher calls isc_socket_open, which can cause
-an assertion failure. Fix it by relaxing the assertion test, and
-instead simply locking the socket in isc_socket_open.
-
--- lib/isc/unix/socket.c.orig	2019-05-10 04:51:34 UTC
-+++ lib/isc/unix/socket.c
-@@ -2598,15 +2598,16 @@ isc_socket_open(isc_socket_t *sock0) {
- 
- 	REQUIRE(VALID_SOCKET(sock));
- 
-	REQUIRE(isc_refcount_current(&sock->references) == 1);
-	/*
-	 * We don't need to retain the lock hereafter, since no one else has
-	 * this socket.
-	 */
-+	LOCK(&sock->lock);
-+
-+	REQUIRE(isc_refcount_current(&sock->references) >= 1);
- 	REQUIRE(sock->fd == -1);
- 	REQUIRE(sock->threadid == -1);
- 
- 	result = opensocket(sock->manager, sock, NULL);
-+
-+	UNLOCK(&sock->lock);
-+
- 	if (result != ISC_R_SUCCESS) {
- 		sock->fd = -1;
- 	} else {