diff options
| author | Doug Barton <dougb@FreeBSD.org> | 2010-12-04 07:57:16 +0800 |
|---|---|---|
| committer | Doug Barton <dougb@FreeBSD.org> | 2010-12-04 07:57:16 +0800 |
| commit | ee030af2cc2b3c28788ff83c7d26fdf909144e22 (patch) | |
| tree | 327bf839cd36ee9b3018aaa1d5f964bf3be9ccdb /dns | |
| parent | 73ce7e99bbe7bd5b0138b092f3281febcee0a496 (diff) | |
| download | freebsd-ports-gnome-ee030af2cc2b3c28788ff83c7d26fdf909144e22.tar.gz freebsd-ports-gnome-ee030af2cc2b3c28788ff83c7d26fdf909144e22.tar.zst freebsd-ports-gnome-ee030af2cc2b3c28788ff83c7d26fdf909144e22.zip | |
Update to version 9.4-ESV-R4, the latest from ISC, which addresses
the following security vulnerability.
For more information regarding these issues please see:
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
Key algorithm rollover
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614
Affects resolver operators who are validating with DNSSEC,
and querying zones which are in a key rollover period.
The bug will cause answers to incorrectly be marked as insecure.
For the port:
1. Add CONFLICT for the ../bind-tools port
2. Remove CONFLICT for the removed ../bind9 port
3. Remove OPTION for threads on < RELENG_7
4. Remove MD5 from distinfo
5. Switch to pkg-install to create the symlinks to /etc/namedb/ as
requested in [1]
PR: ports/151635 [1]
Submitted by: Benjamin Lee <ben@b1c1l1.com> [1]
Diffstat (limited to 'dns')
| -rw-r--r-- | dns/bind94/Makefile | 24 | ||||
| -rw-r--r-- | dns/bind94/distinfo | 11 |
2 files changed, 11 insertions, 24 deletions
diff --git a/dns/bind94/Makefile b/dns/bind94/Makefile index e2b108a90100..264654d023de 100644 --- a/dns/bind94/Makefile +++ b/dns/bind94/Makefile @@ -12,7 +12,7 @@ # release you can generally build it cleanly from the source - Doug PORTNAME= bind94 -PORTVERSION= 9.4.4.ESV.3 +PORTVERSION= 9.4.4.ESV.4 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} \ http://dougbarton.us/Downloads/%SUBDIR%/ @@ -22,10 +22,10 @@ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= dougb@FreeBSD.org -COMMENT= The BIND DNS suite version 9.4-ESV-R1 with updated DNSSEC and threads +COMMENT= The BIND DNS suite with updated DNSSEC and threads # ISC releases things like 9.4.0b3, which our versioning doesn't like -ISCVERSION= 9.4-ESV-R3 +ISCVERSION= 9.4-ESV-R4 MAKE_JOBS_UNSAFE= yes @@ -33,7 +33,7 @@ GNU_CONFIGURE= yes CONFIGURE_ARGS= --localstatedir=/var --disable-linux-caps \ --with-randomdev=/dev/random -CONFLICTS= bind9*-9.[3567].* bind9-sdb-* host-* +CONFLICTS= bind9*-9.[567].* bind9-sdb-* host-* bind-tools-9.* OPTIONS= SSL "Building without OpenSSL removes DNSSEC" on \ LINKS "Create conf file symlinks in ${PREFIX}" on \ @@ -41,6 +41,7 @@ OPTIONS= SSL "Building without OpenSSL removes DNSSEC" on \ LARGE_FILE "64-bit file support" off \ SIGCHASE "dig/host/nslookup will do DNSSEC validation" off \ IPV6 "IPv6 Support (autodetected by default)" off \ + THREADS "Compile with thread support" on \ DLZ_POSTGRESQL "DLZ Postgres driver" off \ DLZ_MYSQL "DLZ MySQL driver (single-threaded BIND)" off \ DLZ_BDB "DLZ BDB driver" off \ @@ -53,13 +54,6 @@ USE_OPENSSL= yes .include <bsd.port.pre.mk> -# We are ok by default from 7.0-RELEASE on -.if ${OSVERSION} >= 700055 -OPTIONS+= THREADS "Compile with thread support" on -.else -OPTIONS+= THREADS "Compile w/threads (Not Recommended <FreeBSD-7)" off -.endif - .if !defined(WITHOUT_SSL) CONFIGURE_ARGS+= --with-openssl=${OPENSSLBASE} .else @@ -211,6 +205,7 @@ post-patch: ${WRKSRC}/bin/${FILE}.Dist > ${WRKSRC}/bin/${FILE} .endfor +PKGINSTALL= ${.CURDIR}/../bind97/pkg-install post-install: ${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \ ${BIND_DESTETC}/rndc.conf.sample @@ -223,12 +218,7 @@ post-install: ${WRKSRC}/README ${DOCSDIR}/ .endif .if !defined(WITHOUT_LINKS) && !defined(WITH_REPLACE_BASE) - ${MKDIR} /var/named${PREFIX}/etc -.for DIR in ${PREFIX}/etc /var/named${PREFIX}/etc -.for FILE in named.conf rndc.key - ${LN} -sf /etc/namedb/${FILE} ${DIR}/${FILE} -.endfor -.endfor + PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL .endif @${CAT} ${PKGMESSAGE} diff --git a/dns/bind94/distinfo b/dns/bind94/distinfo index f8693f1eed63..d26053463ae3 100644 --- a/dns/bind94/distinfo +++ b/dns/bind94/distinfo @@ -1,9 +1,6 @@ -MD5 (bind-9.4-ESV-R3.tar.gz) = 2fb4d50c5872114e556aac478fc69b49 -SHA256 (bind-9.4-ESV-R3.tar.gz) = 824f81b361faa4252e62662f7c83f81eb0027cc34cea15f8ff5b6feff3103812 -SIZE (bind-9.4-ESV-R3.tar.gz) = 6707499 -MD5 (bind-9.4-ESV-R3.tar.gz.asc) = aa4ec1bf3679b9540034231feace183a -SHA256 (bind-9.4-ESV-R3.tar.gz.asc) = 7a2da50360f3e40f4307065af9db8161af8a10823630cfc970cc1b755a971458 -SIZE (bind-9.4-ESV-R3.tar.gz.asc) = 480 -MD5 (bind-9.4.1-geodns-patch.tar.gz) = d3d515bdef525f9a31787b36a105e690 +SHA256 (bind-9.4-ESV-R4.tar.gz) = 2b25d013b34dfed5b70dff5d75825a4338eaa724f68a554afdad4adcd5be10d5 +SIZE (bind-9.4-ESV-R4.tar.gz) = 6753355 +SHA256 (bind-9.4-ESV-R4.tar.gz.asc) = 80b6bc6c204393ce0d2cc763a54cd396667ce1355013f97f2b5f92cc3120fc8f +SIZE (bind-9.4-ESV-R4.tar.gz.asc) = 481 SHA256 (bind-9.4.1-geodns-patch.tar.gz) = 352413037e4779519c0a5b70aef801c8f84bcf15d1d485b16096d75f83644a65 SIZE (bind-9.4.1-geodns-patch.tar.gz) = 2057 |