Fixes of CVE-2023-50387 and CVE-2023-50868 caused ABI change

Enforce updated rebuild is accepted only, conflict with older builds

; Related: CVE-2023-50387 CVE-2023-50868
Related: RHEL-25397 RHEL-25386
This commit is contained in:
Petr Menšík 2024-04-12 18:01:35 +02:00
parent c3e15c4a64
commit 86862fc8d8

View File

@ -51,7 +51,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
Name: bind
License: MPLv2.0
Version: 9.16.23
Release: 18%{?dist}
Release: 19%{?dist}
Epoch: 32
Url: https://www.isc.org/downloads/bind/
#
@ -165,6 +165,9 @@ Requires: bind-libs%{?_isa} = %{epoch}:%{version}-%{release}
Requires(post): ((policycoreutils-python-utils and libselinux-utils) if (selinux-policy-targeted or selinux-policy-mls))
Requires(post): ((selinux-policy and selinux-policy-base) if (selinux-policy-targeted or selinux-policy-mls))
Recommends: bind-utils bind-dnssec-utils
# Fixes of CVE-2023-50387 and CVE-2023-50868 caused ABI change
# Enforce updated rebuild is accepted only
Conflicts: bind-dyndb-ldap < 11.9-9
BuildRequires: gcc, make
BuildRequires: openssl-devel, libtool, autoconf, pkgconfig, libcap-devel
BuildRequires: libidn2-devel, libxml2-devel
@ -1213,6 +1216,9 @@ fi;
%endif
%changelog
* Fri Apr 12 2024 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-19
- Ensure incompatible bind-dyndb-ldap is not accepted
* Mon Mar 25 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-18
- Prevent crashing at masterformat system test (CVE-2023-6516)