webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
46269ee5fb7942efe88b58f6d29f442b437e2565
bpfire/lfs/bind
Matthias Fischer c7e79ba602 bind: Update to 9.11.19 
For details see:
https://downloads.isc.org/isc/bind9/9.11.19/RELEASE-NOTES-bind-9.11.19.html

"Security Fixes

    To prevent exhaustion of server resources by a maliciously
    configured domain, the number of recursive queries that can be
    triggered by a request before aborting recursion has been further
    limited. Root and top-level domain servers are no longer exempt from
    the max-recursion-queries limit. Fetches for missing name server
    address records are limited to 4 for any domain. This issue was
    disclosed in CVE-2020-8616. [GL #1388]

    Replaying a TSIG BADTIME response as a request could trigger
    an assertion failure. This was disclosed in CVE-2020-8617. [GL
    #1703]

Feature Changes

    Message IDs in inbound AXFR transfers are now checked for
    consistency. Log messages are emitted for streams with inconsistent
    message IDs. [GL #1674]

Bug Fixes

    When running on a system with support for Linux capabilities, named
    drops root privileges very soon after system startup. This was
    causing a spurious log message, "unable to set effective uid to 0:
    Operation not permitted", which has now been silenced. [GL #1042]
    [GL #1090]

    When named-checkconf -z was run, it would sometimes incorrectly set
    its exit code. It reflected the status of the last view found;
    if zone-loading errors were found in earlier configured views but
    not in the last one, the exit code indicated success. Thanks
    to Graham Clinch. [GL #1807]

    When built without LMDB support, named failed to restart after
    a zone with a double quote (") in its name was added with rndc
    addzone. Thanks to Alberto Fernández. [GL #1695]"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
2020-05-19 19:45:02 +00:00

97 lines
3.6 KiB
Plaintext
Raw Blame History

###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2020 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 9.11.19
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
export CPPFLAGS = -DDIG_SIGCHASE
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 41bc2c6509a4c324e16775b462608820
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_MD5,$(objects)) :
@$(MD5)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && STD_CDEFINES="$(CPPFLAGS)" \
./configure \
--prefix=/usr \
--enable-threads \
--with-libtool \
--without-python \
--disable-static
cd $(DIR_APP) && make -C lib/isc install
cd $(DIR_APP) && make -C lib/dns install
cd $(DIR_APP) && make -C lib/isccc install
cd $(DIR_APP) && make -C lib/isccfg install
cd $(DIR_APP) && make -C lib/bind9 install
cd $(DIR_APP) && make -C lib/lwres install
cd $(DIR_APP) && make -C bin/dig install
cd $(DIR_APP) && make -C bin/nsupdate install
install -v -m 644 $(DIR_SRC)/config/bind/trusted-key.key \
/etc/trusted-key.key
@rm -rf $(DIR_APP)
@$(POSTBUILD)
Reference in New Issue View Git Blame Copy Permalink