Rebuild with latest bind

use BIND macros when defining DNS names (CVE-2023-50387)
2024-05-24 12:33:51 +03:00 · 2024-04-12 16:35:12 +00:00
2 changed files with 22 additions and 19 deletions
--- a/SOURCES/0003-bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch
+++ b/SOURCES/0003-bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch
@ -1,15 +1,14 @@
-From d2864db744849736243dd92c9cdb8a96cb4c26f1 Mon Sep 17 00:00:00 2001
-From: Petr Menšík <pemensik@redhat.com>
-Date: Thu, 22 Feb 2024 17:44:31 +0100
-Subject: Rebuild required for BIND changes for KeyTrap change
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
+From dbbcc2f07ea6955c6b0b5a719f8058c54b1d750c Mon Sep 17 00:00:00 2001
+From: Alexander Bokovoy <abokovoy@redhat.com>
+Date: Feb 14 2024 12:31:22 +0000
+Subject: use BIND macros when defining DNS names

-; Related: CVE-2023-50387 CVE-2023-50868
-Related: RHEL-25396 RHEL-25385

-Signed-off-by: Petr Menšík <pemensik@redhat.com>
+Fixes: https://pagure.io/bind-dyndb-ldap/issue/228
+
+Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
+
+---

 diff --git a/src/mldap.c b/src/mldap.c
 index 92a330c..79efddb 100644
@ -34,4 +33,5 @@ index 92a330c..79efddb 100644
 +static dns_name_t uuid_rootname = DNS_NAME_INITABSOLUTE(uuid_rootname_ndata, uuid_rootname_offsets);
 
 struct mldapdb {
-	isc_mem_t	*mctx;
+ 	isc_mem_t	*mctx;
+
--- a/SPECS/bind-dyndb-ldap.spec
+++ b/SPECS/bind-dyndb-ldap.spec
@ -11,7 +11,7 @@

 Name:           bind-dyndb-ldap
 Version:        11.6
-Release:        6%{?dist}
+Release:        5%{?dist}.alma.2
 Summary:        LDAP back-end plug-in for BIND

 Group:          System Environment/Libraries
@ -22,6 +22,7 @@ Source1:        https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2.a

 Patch0001:      0001-Modify-empty-zone-conflicts-under-exclusive-mode_rhbz#2133036.patch
 Patch0002:      0002-add-rwlock-before-include-zt-h.patch
+# https://pagure.io/bind-dyndb-ldap/c/dbbcc2f07ea6955c6b0b5a719f8058c54b1d750c
 Patch0003:      0003-bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch

 BuildRequires:  bind-devel >= %{bind_version}, bind-lite-devel >= %{bind_version}, bind-pkcs11-devel >= %{bind_version}
@ -44,7 +45,11 @@ off of your LDAP server.


 %prep
-%autosetup -n %{name}-%{VERSION} -p1
+%setup -q -n %{name}-%{VERSION}
+
+for p in %patches; do
+    %__patch -p1 -i $p
+done

 %build
 autoreconf -fiv
@ -111,13 +116,11 @@ sed -i.bak -e "$SEDSCRIPT" /etc/named.conf


 %changelog
-* Thu Apr 03 2025 Rafael Jeffman <rjeffman@redhat.com> - 11.6-6
- Fix rpminspect warnings
-  Resolves: RHEL-22497
+* Fri May 24 2024 Eduard Abdullin <eabdullin@almalinux.org> 11.6-5.alma.2
+- Rebuild with latest bind

-* Tue Apr 02 2024 Rafael Jeffman <rjeffman@redhat.com> - 11.6-5
- Rebuild due to Bind ABI changes.
-  Resolves: RHEL-28842
+* Fri Apr 12 2024 Andrew Lukoshko <alukoshko@almalinux.org> 11.6-5.alma.1
+- use BIND macros when defining DNS names (CVE-2023-50387)

 * Thu Oct 13 2022 Rafael Jeffman <rjeffman@redhat.com> - 11.6-4
 - Modify empty zone conflicts under exclusive mode
Author	SHA1	Message	Date
eabdullin	fb7d705bcd	Rebuild with latest bind	2024-05-24 12:33:51 +03:00
Andrew Lukoshko	4e24428cc3	use BIND macros when defining DNS names (CVE-2023-50387)	2024-04-12 16:35:12 +00:00