Update to 9.11.4-P1

- Fixes CVE-2018-5740 - Adds root key sentinel mechanism support - incremental zone transfer limit to prevent journal corruption - rndc reload memory leak
2018-08-09 12:06:29 +02:00 · 2018-08-09 12:06:29 +02:00 · 35334375ff
parent 899014a8d1
commit 35334375ff
3 changed files with 9 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -84,3 +84,4 @@ bind-9.7.2b1.tar.gz
 /config-18.tar.bz2
 /bind-9.11.4rc1.tar.gz
 /bind-9.11.4.tar.gz
+/bind-9.11.4-P1.tar.gz
--- a/bind.spec
+++ b/bind.spec
@ -2,7 +2,7 @@
 # Red Hat BIND package .spec file
 #

-#%%global PATCHVER P1
+%global PATCHVER P1
 #%%global PREVER rc1
 %global BINDVERSION %{version}%{?PREVER}%{?PATCHVER:-%{PATCHVER}}

@ -52,7 +52,7 @@ Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
 Name:     bind
 License:  MPLv2.0
 Version:  9.11.4
-Release:  4%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
+Release:  5%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
 Epoch:    32
 Url:      http://www.isc.org/products/BIND/
 #
@ -1409,6 +1409,11 @@ rm -rf ${RPM_BUILD_ROOT}


 %changelog
+* Thu Aug 09 2018 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-5.P1
+- Update to 9.11.4-P1
+- Adds root key sentinel support
+- Large IXFR zone transfers are rejected to prevent journal corruption
+
 * Thu Aug 02 2018 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-4
 - Support unavailable MD5 in FIPS mode

--- a/2
+++ b/2
@ -1,2 +1,2 @@
-SHA512 (bind-9.11.4.tar.gz) = e27b7730ddb2ff7ccece9b47bc79fdc91f87c74fff47c549dec1383bc663aa68796596aef0c42682f8a7c32469acf69e1946087a29b91997676fa78bd8364980
+SHA512 (bind-9.11.4-P1.tar.gz) = 7d7f3f6b557a49d1a808c0ad7d1f42f99f2e1e510c834078bd1fa88697cbc447634a461e8de1260a9668967f51797de8b40761dddfc6fc24055b2d5b494eec0d
 SHA512 (config-18.tar.bz2) = c0a0a1fd58a7e2c09fe69915b9a4c682d1b6c96e78583f63ce5355f663c9509d28facfd3aa078b228b69954d0af4bfa484ef661a9568aaafe6eade97dda3c3d9