| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
Changelog:
https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_18_8/CHANGES
(From OE-Core rev: 1d87d2652f7f6640dda85e037c580c83f99a8ba8)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE fixed :
-CVE-2022-2795
-CVE-2022-2881
-CVE-2022-2906
-CVE-2022-3080
-CVE-2022-38178
Notes for BIND 9.18.7 [https://downloads.isc.org/isc/bind9/9.18.7/doc/arm/html/notes.html#notes-for-bind-9-18-7]
(From OE-Core rev: 5b87b79c6bb155d23ad4eab3243118b98a3b5906)
Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: f7061fc14cbc4388b1fd0cf6233b1a2e743e20e5)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 0a419b730ca87daa4e07daf022a550fb4112b9b0)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Python support was dropped upstream and removed in 8a9a5885995c ("bind:
update 9.16.26 -> 9.18.1"), clean up the remaining pieces of python3 in
the recipe.
(From OE-Core rev: ee4e4eb16a3729dcafad075c42aec1695b8ea15f)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
RDEPENDS:${PN}-dev
There is a pattern that several recipes need to break the dependency of ${PN}-dev
on ${PN}, most often as ${PN} may be be empty. Add a new variable to parameterise
this and allow it to be changed more easily.
(From OE-Core rev: a5b381c0f45c590a762647a9956a8f41e2e2315e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
[func] Don't try to process DNSSEC-related and ZONEMD records
in catz. [GL #3380]
[func] Add some more dnssec-policy checks to detect weird
policies. [GL #1611]
[test] Add new set of unit test macros and move the unit
tests under single namespace in /tests/. [GL !6243]
[func] Key timing options for 'dnssec-settime' and related
utilities now accept "UNSET" times as printed by
'dnssec-settime -p'. [GL #3361]
[bug] When the fetches-per-server quota was adjusted
because of an authoritative server timing out more
or less frequently, it was incorrectly set to 1
rather than the intended value. This has been
fixed. [GL #3327]
[bug] Only write key files if the dnssec-policy keymgr has
changed the metadata. [GL #3302]
[func] Key timing options for 'dnssec-keygen' and
'dnssec-settime' now accept times as printed by
'dnssec-settime -p'. [GL !2947]
(From OE-Core rev: d5a12d549209f01324d03963db96449ee43452eb)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
[security]
Fix a crash in DNS-over-HTTPS (DoH) code caused by
premature TLS stream socket object deletion.
(CVE-2022-1183) [GL #3216]
[bug]
RPZ NSIP and NSDNAME rule processing didn't handle stub
and static-stub zones at or above the query name. This
has now been addressed. [GL #3232]
Fixed a deadlock that could occur if an rndc
connection arrived during the shutdown of network
interfaces. [GL #3272]
Refactor the fctx_done() function to set fctx to
NULL after detaching, so that reference counting
errors will be easier to avoid. [GL #2969]
udp_recv() in dispatch could trigger an INSIST when the
callback's result indicated success but the response
was canceled in the meantime. [GL #3300]
Work around a jemalloc quirk which could trigger an
out-of-memory condition in named over time. [GL #3287]
If there was a pending negative cache DS entry,
validations depending upon it could fail. [GL #3279]
dig returned a 0 exit status on UDP connection failure.
[GL #3235]
Fix an assertion failure when using dig with +nssearch
and +tcp options by starting the next query in the
send_done() callback (like in the UDP mode) instead
of doing that recursively in start_tcp(). Also
ensure that queries interrupted while connecting
are detached properly. [GL #3144]
Don't remove CDS/CDNSKEY DELETE records on zone sign
when using 'auto-dnssec maintain;'. [GL #2931]
[contrib]
Avoid name space collision in dlz modules by prefixing
functions with 'dlz_'. [GL !5778]
dlz: Add FALLTHROUGH and UNREACHABLE macros. [GL #3306]
[func]
Add new named command-line option -C to print built-in
defaults. [GL #1326]
Introduce the concept of broken catalog zones described
in the DNS catalog zones draft version 5 document.
[GL #3224]
Add DNS Extended Errors when stale answers are returned
from cache. [GL #2267]
Implement support for catalog zones change of ownership
(coo) mechanism described in the DNS catalog zones draft
version 5 document. [GL #3223]
Implement support for catalog zones options new syntax
based on catalog zones custom properties with "ext"
suffix described in the DNS catalog zones draft version
5 document. [GL #3222]
Implement reference counting for TLS contexts and
allow reloading of TLS certificates on reconfiguration
without destroying the underlying TCP listener sockets
for TLS-based DNS transports. [GL #3122]
Add support for remote TLS certificates
verification, both to BIND and dig, making it possible
to implement Strict and Mutual TLS authentication,
as described in RFC 9103, Section 9.3. [GL #3163]
[cleanup]
Remove use of exclusive mode in ns_interfacemgr in
favor of rwlocked access to localhost and localnets
members of dns_aclenv_t structure. [GL #3229]
Remove the task exclusive mode use in ns_clientmgr.
[GL #3230]
(From OE-Core rev: d2ae8b85c71be2e9e332b1ef0a2d3083b30c63e6)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 5398263c8e070110a045a5f8999712ba4be628de)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop removed python/libtool options.
isc/platform.h is no longer installed.
Rewrite reproducibility patch to fix the problem at the source.
License-Update: copyright years
(From OE-Core rev: 8a9a5885995c77774cdafeb09f7522c50750a1e9)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
See here:
https://www.isc.org/download/
https://kb.isc.org/docs/aa-00896
(From OE-Core rev: d3756fd781730847f9d9576d70424b0a7b3e1840)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
Log "quota reached" message when hard quota is reached when accepting a connection.
Add ECS support to the DLZ interface.
A failed view configuration during a named reconfiguration procedure could cause
inconsistencies in BIND internal structures, causing a crash or other unexpected errors.
rndc could crash when interrupted by a signal before receiving a response.
Correctly detect and enable UDP recvmmsg support in all versions of libuv that support it.
(From OE-Core rev: c47caa7c8ca77ff137988deaf2d2a8b381f5a3f8)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: aa52af4518604b5bf13f3c5e885113bf868d6c81)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
License-Update: copyright years
(From OE-Core rev: 4a7f6cdc7292df5d3154192e65dcb9681ec8ffcb)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
[YOCTO #14610]
(From OE-Core rev: 1b3c11b956085e144140a36e165a9c8fc880402a)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 46f8d4eb30463b0e2ae5d2e045842d19b0ed1eae)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: cf024ecc5d19876ef6bd9a93606fae64426a0e4c)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 96ac0ef5797d58d879c81b040cac77024def5b83)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The -r option has been removed from rndc-confgen since bind 9.13[1].
Fix the bind startup error:
$ /etc/init.d/bind start
Starting domain name service: namedrndc-confgen: The -r option has been deprecated.
chmod: cannot access '/etc/bind/rndc.key': No such file or directory
[1]: https://gitlab.isc.org/isc-projects/bind9/-/commit/3a4f820d625c214cfb21f5e6d18ce9160d2a193b
(From OE-Core rev: a5c5977bef44b7b014af590515ea1f93d7d51f46)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 10b4ba8f7e5ad0eb9e0b927a29a2dea5c1b23c21)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Repo-wide replacement to use newer variable to represent systemd
system unitdir directory.
(From OE-Core rev: 5ace3ada5c54500c71becc8e0c6eddeb8bc053e3)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 58bcdd72ccd21d598008cdbde4a0f27e4d3740cc)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
--- 9.16.19 released ---
5671. [bug] A race condition could occur where two threads were
competing for the same set of key file locks, leading to
a deadlock. This has been fixed. [GL #2786]
5670. [bug] create_keydata() created an invalid placeholder keydata
record upon a refresh failure, which prevented the
database of managed keys from subsequently being read
back. This has been fixed. [GL #2686]
5669. [func] KASP support was extended with the "check DS" feature.
Zones with "dnssec-policy" and "parental-agents"
configured now check for DS presence and can perform
automatic KSK rollovers. [GL #1126]
5668. [bug] Rescheduling a setnsec3param() task when a zone failed
to load on startup caused a hang on shutdown. This has
been fixed. [GL #2791]
5667. [bug] The configuration-checking code failed to account for
the inheritance rules of the "dnssec-policy" option.
This has been fixed. [GL #2780]
5666. [doc] The safe "edns-udp-size" value was tweaked to match the
probing value from BIND 9.16 for better compatibility.
[GL #2183]
5665. [bug] If nsupdate sends an SOA request and receives a REFUSED
response, it now fails over to the next available
server. [GL #2758]
5664. [func] For UDP messages larger than the path MTU, named now
sends an empty response with the TC (TrunCated) bit set.
In addition, setting the DF (Don't Fragment) flag on
outgoing UDP sockets was re-enabled. [GL #2790]
5662. [bug] Views with recursion disabled are now configured with a
default cache size of 2 MB unless "max-cache-size" is
explicitly set. This prevents cache RBT hash tables from
being needlessly preallocated for such views. [GL #2777]
5661. [bug] Change 5644 inadvertently introduced a deadlock: when
locking the key file mutex for each zone structure in a
different view, the "in-view" logic was not considered.
This has been fixed. [GL #2783]
5658. [bug] Increasing "max-cache-size" for a running named instance
(using "rndc reconfig") did not cause the hash tables
used by cache databases to be grown accordingly. This
has been fixed. [GL #2770]
5655. [bug] Signed, insecure delegation responses prepared by named
either lacked the necessary NSEC records or contained
duplicate NSEC records when both wildcard expansion and
CNAME chaining were required to prepare the response.
This has been fixed. [GL #2759]
5653. [bug] A bug that caused the NSEC3 salt to be changed on every
restart for zones using KASP has been fixed. [GL #2725]
(From OE-Core rev: 8afda7983aa6476eb5d44962e99992eb479eff1f)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: e3e4f7b9c95b7c89ab1542483f1782ae884d4ebb)
(From OE-Core rev: b3c94e9a50a64f56296500063c0c2baea6de4d16)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: ad19d41cbdb2afa2f58fa18be44343f199ab488e)
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: e938c7041a651071a995ceeb475ed4eb8fb8949a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore
so the issue doesn't affect us.
(From OE-Core rev: 30106ae676124ba3c0e496a4f19c919c8418b59b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 40624d1d3420783f24253b87465cd5ab7ecb32b4)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Adjust library packaging (see link to commit in the recipe).
(From OE-Core rev: 4711c1f4fc003da594b2a230997012ad5dcc202f)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Added HOMEPAGE and DESCRIPTION for recipes with missing decriptions or homepage
[YOCTO #13471]
(From OE-Core rev: ecf8922e6bb12a2facc59bbe794b575101fce1dc)
Signed-off-by: Dorinda Bassey <dorindabassey@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
rename directory of patches
-License-Update: Copyright year updated to 2021.
(From OE-Core rev: 316f9602c633fdf52009b4567ccf598d1c716acd)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: c678600a55a8dccf461a8d0206ffdbc57313d1c4)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
License-Update: http -> https
(From OE-Core rev: c4e96412f30758e5321537d40d357b2ba6260b37)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
remove some extra whitespaces
(From OE-Core rev: 32ce3716761165b9df12306249418645724122cc)
Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 129e1f748685368f45a5022218cd83872e22ab61)
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The named service fail to start as below:
# systemctl status named.service
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2020-09-16 06:07:49 UTC; 9s ago
Process: 134206 ExecStartPre=/usr/sbin/generate-rndc-key.sh (code=exited, status=1/FAILURE)
Sep 16 06:07:49 intel-x86-64 systemd[1]: Starting Berkeley Internet Name Domain (DNS)...
Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134206]: Generating /etc/bind/rndc.key:
Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134207]: rndc-confgen: The -r option has been deprecated.
Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134208]: chown: cannot access '/etc/bind/rndc.key': No such file or directory
Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134209]: chmod: cannot access '/etc/bind/rndc.key': No such file or directory
Sep 16 06:07:49 intel-x86-64 systemd[1]: named.service: Control process exited, code=exited, status=1/FAILURE
Sep 16 06:07:49 intel-x86-64 systemd[1]: named.service: Failed with result 'exit-code'.
Sep 16 06:07:49 intel-x86-64 systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
It is because fail to execute "/usr/sbin/generate-rndc-key.sh" as
-r is deprecated since bind 9.13.x and the random function changes
in [1], so remove -r option to fix the above issue.
DNSSEC validation is now active by default after bind upgrade to 9.16.x,
but it is not in 9.11.x. So disable DNSSEC validation explicitly to
silence below message.
Sep 18 03:21:37 intel-x86-64 named[23272]: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out
[1]: https://gitlab.isc.org/isc-projects/bind9/-/commit/3a4f820d625c214cfb21f5e6d18ce9160d2a193b
(From OE-Core rev: 884cc4196c75b5107082a188cf5f7a4dee4fc5c3)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
We are setting u-a for nslookup and it won't work unless we inherit this
class
(From OE-Core rev: 0cccb2ae6508c0b3d4a5362e61b24ee314c2fb02)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 29949cd7cf3a660fb3bcf251f5127a4cdb2804ec)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed obsolete packageconfig options
License change to MPL-2.0
https://gitlab.isc.org/isc-projects/bind9/blob/master/LICENSE
Refreshed:
bind-ensure-searching-for-json-headers-searches-sysr.patch
0001-named-lwresd-V-and-start-log-hide-build-options.patch
bind-ensure-searching-for-json-headers-searches-sysr.patch
Drop obsolete patch: 0001-configure.in-remove-useless-L-use_openssl-lib.patch
RP: Dropped the multilib scripts handling as those scripts are no longer present
in this version.
(From OE-Core rev: d7cc84de47fad1dfbae68c32bb2165c708bec66b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: isc.org
MR: 105232, 105246, 105260
Type: Security Fix
Disposition: Backport from https://www.isc.org/bind/
ChangeID: 655cfdf1e91c4107321e63a2012302e1cc184366
Description:
Bug fix only update
Three CVE fixes
CVE-2020-8622
CVE-2020-8623
CVE-2020-8624
For more information see: https://downloads.isc.org/isc/bind9/9.11.22/RELEASE-NOTES-bind-9.11.22.pdf
(From OE-Core rev: 1c85f26b1bd3475699d54f18c6b5b4924bcd8eb2)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: c6749532f94f435e6771d66d3fa225e676753478)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug fix only updates.
suitable for Stable branch updates where applicable.
Drop CVE patches included in update
LIC_FILES_CHKSUM update copyright year to 2020
Full changes found at : https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_11/CHANGES
(From OE-Core rev: a6ba66cf5e754cdcd41f01d233fbef7b94a10225)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
fix CVE-2020-8616 and CVE-2020-8617
(From OE-Core rev: d0df831830e4c5f8df2343a45ea75c2ab4f57058)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: cfaaeedcb634b68d0b20a05130fd582df660fef6)
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop backports.
Drop 0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch and
0001-lib-dns-gen.c-fix-too-long-error.patch as problem is fixed
upstream.
(From OE-Core rev: 6965ec5c491e71d5951dfb58fc060bd0b717e33d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: ad4318b6501b3d724365bf95015850022441518e)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport patches to fix CVE-2019-6471 and CVE-2018-5743 for bind.
CVE-2019-6471 is fixed by 0001-bind-fix-CVE-2019-6471.patch and the
other 6 patches are for CVE-2018-5743. And backport one more patch to
fix compile error on arm caused by these 6 commits.
(From OE-Core rev: 3c39d4158677b97253df63f23b74c3a9dd5539f6)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Nothing in the target installation actually needs it.
(From OE-Core rev: 0357b2d2cdcbcef89a346126969ec3e1856bda95)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the PACKAGECONFIG item, python3, is enabled, we get the following
QA issue when multilib is enabled.
ERROR: bind-9.11.5-P4-r0 do_package: QA Issue: bind: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/python3.7
/usr/lib/python3.7/site-packages
/usr/lib/python3.7/site-packages/isc-2.0-py3.7.egg-info
/usr/lib/python3.7/site-packages/isc
/usr/lib/python3.7/site-packages/isc/policy.py
[snip]
The thing is, when --with-python is specified with a path instead of 'yes',
the --with-python-install-dir is in fact ignored.
Fix this issue by specifying the correct arguments.
(From OE-Core rev: 2c36b3e5c7caae07ffe0cfb816d37fad52d69fc9)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
