Fixes of CVE-2023-50387 and CVE-2023-50868 caused ABI change

2024-04-12 18:01:35 +02:00 · 2024-04-12 18:01:35 +02:00 · 2990379a18
parent c3e15c4a64
commit 2990379a18
2 changed files with 9 additions and 1 deletions
--- a/.bind.metadata
+++ b/.bind.metadata
@ -0,0 +1,2 @@
+30cbd1f3e9d2d47d653498143334128aac1f8fc0 bind-9.16.23.tar.xz
+d8bd9c9c851f7f3e9419c4ccbda25813a97893a9 bind-9.16.23.tar.xz.asc
--- a/bind.spec
+++ b/bind.spec
@ -51,7 +51,7 @@ Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
 Name:     bind
 License:  MPLv2.0
 Version:  9.16.23
-Release:  18%{?dist}
+Release:  19%{?dist}
 Epoch:    32
 Url:      https://www.isc.org/downloads/bind/
 #
@ -165,6 +165,9 @@ Requires:       bind-libs%{?_isa} = %{epoch}:%{version}-%{release}
 Requires(post): ((policycoreutils-python-utils and libselinux-utils) if (selinux-policy-targeted or selinux-policy-mls))
 Requires(post): ((selinux-policy and selinux-policy-base) if (selinux-policy-targeted or selinux-policy-mls))
 Recommends:     bind-utils bind-dnssec-utils
+# Fixes of CVE-2023-50387 and CVE-2023-50868 caused ABI change
+# Enforce updated rebuild is accepted only
+Conflicts:      bind-dyndb-ldap < 11.9-9
 BuildRequires:  gcc, make
 BuildRequires:  openssl-devel, libtool, autoconf, pkgconfig, libcap-devel
 BuildRequires:  libidn2-devel, libxml2-devel
@ -1213,6 +1216,9 @@ fi;
 %endif

 %changelog
+* Fri Apr 12 2024 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-19
+- Ensure incompatible bind-dyndb-ldap is not accepted
+
 * Mon Mar 25 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-18
 - Prevent crashing at masterformat system test (CVE-2023-6516)