rpms/bind-dyndb-ldap
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Import from CS git

Browse Source
This commit is contained in:
eabdullin 2025-04-22 08:08:20 +00:00
parent d4b83b50b5
commit 80206e7b8d
2 changed files with 49 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
SOURCES/0003-bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch Normal file
View File

@ -0,0 +1,37 @@
From d2864db744849736243dd92c9cdb8a96cb4c26f1 Mon Sep 17 00:00:00 2001
From: Petr Menšík <pemensik@redhat.com>
Date: Thu, 22 Feb 2024 17:44:31 +0100
Subject: Rebuild required for BIND changes for KeyTrap change
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
; Related: CVE-2023-50387 CVE-2023-50868
Related: RHEL-25396 RHEL-25385
Signed-off-by: Petr Menšík <pemensik@redhat.com>
diff --git a/src/mldap.c b/src/mldap.c
index 92a330c..79efddb 100644
--- a/src/mldap.c
+++ b/src/mldap.c
@@ -50,18 +50,7 @@
static unsigned char uuid_rootname_ndata[]
= { 4, 'u', 'u', 'i', 'd', 4, 'l', 'd', 'a', 'p', 0 };
static unsigned char uuid_rootname_offsets[] = { 0, 5, 10 };
-static dns_name_t uuid_rootname =
-{
- DNS_NAME_MAGIC,
- uuid_rootname_ndata,
- sizeof(uuid_rootname_ndata),
- sizeof(uuid_rootname_offsets),
- DNS_NAMEATTR_READONLY | DNS_NAMEATTR_ABSOLUTE,
- uuid_rootname_offsets,
- NULL,
- { (void *)-1, (void *)-1 },
- { NULL, NULL }
-};
+static dns_name_t uuid_rootname = DNS_NAME_INITABSOLUTE(uuid_rootname_ndata, uuid_rootname_offsets);
struct mldapdb {
isc_mem_t *mctx;

19
SPECS/bind-dyndb-ldap.spec
View File

@ -1,6 +1,6 @@
%define VERSION %{version} %define VERSION %{version}
%define bind_version 32:9.11.26-1 %define bind_version 32:9.11.36-14
%if 0%{?fedora} >= 31 || 0%{?rhel} >= 9 %if 0%{?fedora} >= 31 || 0%{?rhel} >= 9
%global openssl_pkcs11_version 0.4.10-2 %global openssl_pkcs11_version 0.4.10-2
@ -11,7 +11,7 @@
Name: bind-dyndb-ldap Name: bind-dyndb-ldap
Version: 11.6 Version: 11.6
Release: 4%{?dist} Release: 6%{?dist}
Summary: LDAP back-end plug-in for BIND Summary: LDAP back-end plug-in for BIND
Group: System Environment/Libraries Group: System Environment/Libraries
@ -22,6 +22,7 @@ Source1: https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2.a
Patch0001: 0001-Modify-empty-zone-conflicts-under-exclusive-mode_rhbz#2133036.patch Patch0001: 0001-Modify-empty-zone-conflicts-under-exclusive-mode_rhbz#2133036.patch
Patch0002: 0002-add-rwlock-before-include-zt-h.patch Patch0002: 0002-add-rwlock-before-include-zt-h.patch
Patch0003: 0003-bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch
BuildRequires: bind-devel >= %{bind_version}, bind-lite-devel >= %{bind_version}, bind-pkcs11-devel >= %{bind_version} BuildRequires: bind-devel >= %{bind_version}, bind-lite-devel >= %{bind_version}, bind-pkcs11-devel >= %{bind_version}
BuildRequires: krb5-devel BuildRequires: krb5-devel
@ -43,11 +44,7 @@ off of your LDAP server.
%prep %prep
%setup -q -n %{name}-%{VERSION} %autosetup -n %{name}-%{VERSION} -p1
for p in %patches; do
%__patch -p1 -i $p
done
%build %build
autoreconf -fiv autoreconf -fiv
@ -114,6 +111,14 @@ sed -i.bak -e "$SEDSCRIPT" /etc/named.conf
%changelog %changelog
* Thu Apr 03 2025 Rafael Jeffman <rjeffman@redhat.com> - 11.6-6
- Fix rpminspect warnings
Resolves: RHEL-22497
* Tue Apr 02 2024 Rafael Jeffman <rjeffman@redhat.com> - 11.6-5
- Rebuild due to Bind ABI changes.
Resolves: RHEL-28842
* Thu Oct 13 2022 Rafael Jeffman <rjeffman@redhat.com> - 11.6-4 * Thu Oct 13 2022 Rafael Jeffman <rjeffman@redhat.com> - 11.6-4
- Modify empty zone conflicts under exclusive mode - Modify empty zone conflicts under exclusive mode
Resolves: rhbz#2126877 Resolves: rhbz#2126877