Update to 9.13.4.

author: Mathieu Arnold <mat@FreeBSD.org> 2018-11-22 09:54:19 +0000
committer: Mathieu Arnold <mat@FreeBSD.org> 2018-11-22 09:54:19 +0000
commit: badd888f52f3e024993822eb824b2ad59c2c2a22 (patch)
tree: b966eb5ffe89947ef4207bf6ca8a9a331ed2f304 /dns
parent: Add VuXML entry for php-imap vulnerability. (diff)
5 files changed, 23 insertions, 45 deletions
diff --git a/dns/bind913/Makefile b/dns/bind913/Makefile
index 25c402beff98..7efa863d314e 100644
--- a/dns/bind913/Makefile
+++ b/dns/bind913/Makefile
@@ -33,7 +33,7 @@ LIB_DEPENDS=	libxml2.so:textproc/libxml2
 
 USES=	compiler:c11 cpe libedit ssl
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.13.3
+ISCVERSION=	9.13.4
 
 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
diff --git a/dns/bind913/distinfo b/dns/bind913/distinfo
index 65ddc30fd985..385a59340b5d 100644
--- a/dns/bind913/distinfo
+++ b/dns/bind913/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1537447591
-SHA256 (bind-9.13.3.tar.gz) = 76674cf2a3e61766aed5c7fd1ee6ed3da133a9e331b35b24f40efdf1bbac5b44
-SIZE (bind-9.13.3.tar.gz) = 7805551
+TIMESTAMP = 1542875991
+SHA256 (bind-9.13.4.tar.gz) = ea02107ae0b22a5b3df76d4c45bd44414f1d17731fffc07813d8e5b4ce05f95b
+SIZE (bind-9.13.4.tar.gz) = 6274124
diff --git a/dns/bind913/files/extrapatch-bind-min-override-ttl b/dns/bind913/files/extrapatch-bind-min-override-ttl
index 4f1286f67591..caa3388fb896 100644
--- a/dns/bind913/files/extrapatch-bind-min-override-ttl
+++ b/dns/bind913/files/extrapatch-bind-min-override-ttl
@@ -1,13 +1,6 @@
---- bin/named/config.c.orig	2018-09-06 00:15:26 UTC
+--- bin/named/config.c.orig	2018-11-19 17:02:41 UTC
 +++ bin/named/config.c
-@@ -174,12 +174,14 @@ options {\n\
- 	max-recursion-queries 75;\n\
- 	max-stale-ttl 604800; /* 1 week */\n\
- 	message-compression yes;\n\
-+	min-cache-ttl 0; /* no minimal, zero is allowed */\n\
- #	min-roots <obsolete>;\n\
- 	minimal-any false;\n\
- 	minimal-responses no-auth-recursive;\n\
+@@ -182,6 +182,7 @@ options {\n\
  	notify-source *;\n\
  	notify-source-v6 *;\n\
  	nsec3-test-zone no;\n\
@@ -15,9 +8,9 @@
  	provide-ixfr true;\n\
  	qname-minimization relaxed;\n\
  	query-source address *;\n\
---- bin/named/server.c.orig	2018-09-06 00:15:26 UTC
+--- bin/named/server.c.orig	2018-11-19 17:02:41 UTC
 +++ bin/named/server.c
-@@ -4074,6 +4074,16 @@ configure_view(dns_view_t *view, dns_vie
+@@ -4116,6 +4116,11 @@ configure_view(dns_view_t *view, dns_vie
  	}
  
  	obj = NULL;
@@ -26,28 +19,22 @@
 +	view->overridecachettl = cfg_obj_asuint32(obj);
 +
 +	obj = NULL;
-+	result = named_config_get(maps, "min-cache-ttl", &obj);
-+	INSIST(result == ISC_R_SUCCESS);
-+	view->mincachettl = cfg_obj_asuint32(obj);
-+
-+	obj = NULL;
  	result = named_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2018-09-06 00:15:26 UTC
+--- lib/dns/include/dns/view.h.orig	2018-11-19 17:02:41 UTC
 +++ lib/dns/include/dns/view.h
-@@ -153,6 +153,8 @@ struct dns_view {
+@@ -153,6 +153,7 @@ struct dns_view {
  	bool			requestnsid;
  	bool			sendcookie;
  	dns_ttl_t			maxcachettl;
-+	dns_ttl_t			mincachettl;
 +	dns_ttl_t			overridecachettl;
  	dns_ttl_t			maxncachettl;
- 	uint32_t			nta_lifetime;
- 	uint32_t			nta_recheck;
---- lib/dns/resolver.c.orig	2018-09-06 00:15:26 UTC
+ 	dns_ttl_t			mincachettl;
+ 	dns_ttl_t			minncachettl;
+--- lib/dns/resolver.c.orig	2018-11-19 17:02:41 UTC
 +++ lib/dns/resolver.c
-@@ -5758,6 +5758,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5967,6 +5967,12 @@ cache_name(fetchctx_t *fctx, dns_name_t 
  		}
  
  		/*
@@ -57,23 +44,16 @@
 +                        rdataset->ttl = res->view->overridecachettl;
 +
 +		/*
-+		 * Enforce the configure minimum cache TTL.
-+		 */
-+                if (rdataset->ttl < res->view->mincachettl)
-+                        rdataset->ttl = res->view->mincachettl;
-+
-+		/*
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2018-09-06 00:15:26 UTC
+--- lib/isccfg/namedconf.c.orig	2018-11-19 17:02:41 UTC
 +++ lib/isccfg/namedconf.c
-@@ -1919,6 +1919,8 @@ view_clauses[] = {
+@@ -1921,6 +1921,7 @@ view_clauses[] = {
  	{ "max-acache-size", &cfg_type_sizenodefault,
  	  CFG_CLAUSEFLAG_OBSOLETE },
  	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
 +	{ "override-cache-ttl", &cfg_type_ttlval, 0 },
-+	{ "min-cache-ttl", &cfg_type_ttlval, 0 },
  	{ "max-cache-ttl", &cfg_type_ttlval, 0 },
  	{ "max-clients-per-query", &cfg_type_uint32, 0 },
  	{ "max-ncache-ttl", &cfg_type_ttlval, 0 },
diff --git a/dns/bind913/files/patch-configure b/dns/bind913/files/patch-configure
index 75fb9f5fb730..f585cc25e814 100644
--- a/dns/bind913/files/patch-configure
+++ b/dns/bind913/files/patch-configure
@@ -1,6 +1,6 @@
---- configure.orig	2018-09-06 00:15:26 UTC
+--- configure.orig	2018-11-22 00:20:34 UTC
 +++ configure
-@@ -16468,27 +16468,9 @@ done
+@@ -16386,27 +16386,9 @@ done
  		# problems start to show up.
  		saved_libs="$LIBS"
  		for TRY_LIBS in \
@@ -30,7 +30,7 @@
  		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
  $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
  		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -16531,47 +16513,7 @@ $as_echo "no" >&6; } ;;
+@@ -16449,47 +16431,7 @@ $as_echo "no" >&6; } ;;
  		no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
  		esac
  
@@ -79,7 +79,7 @@
  		DNS_GSSAPI_LIBS="$LIBS"
  
  		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
-@@ -21337,7 +21279,7 @@ $as_echo "" >&6; }
+@@ -21015,7 +20957,7 @@ $as_echo "" >&6; }
  			# Check other locations for includes.
  			# Order is important (sigh).
  
diff --git a/dns/bind913/pkg-plist b/dns/bind913/pkg-plist
index 7d1cd6af1da3..863c95b0f5b1 100644
--- a/dns/bind913/pkg-plist
+++ b/dns/bind913/pkg-plist
@@ -160,8 +160,7 @@ include/isc/fuzz.h
 include/isc/hash.h
 include/isc/heap.h
 include/isc/hex.h
-include/isc/hmacmd5.h
-include/isc/hmacsha.h
+include/isc/hmac.h
 include/isc/ht.h
 include/isc/httpd.h
 include/isc/interfaceiter.h
@@ -175,7 +174,7 @@ include/isc/likely.h
 include/isc/list.h
 include/isc/log.h
 include/isc/magic.h
-include/isc/md5.h
+include/isc/md.h
 include/isc/mem.h
 include/isc/meminfo.h
 include/isc/msgcat.h
@@ -209,12 +208,11 @@ include/isc/resultclass.h
 include/isc/rwlock.h
 include/isc/safe.h
 include/isc/serial.h
-include/isc/sha1.h
-include/isc/sha2.h
 include/isc/sockaddr.h
 include/isc/socket.h
 include/isc/stat.h
 include/isc/stats.h
+include/isc/stdatomic.h
 include/isc/stdio.h
 include/isc/stdtime.h
 include/isc/strerr.h
author	Mathieu Arnold <mat@FreeBSD.org>	2018-11-22 09:54:19 +0000
committer	Mathieu Arnold <mat@FreeBSD.org>	2018-11-22 09:54:19 +0000
commit	badd888f52f3e024993822eb824b2ad59c2c2a22 (patch)
tree	b966eb5ffe89947ef4207bf6ca8a9a331ed2f304 /dns
parent	Add VuXML entry for php-imap vulnerability. (diff)