From 23283c50e96d7812a42b1272329fa3ba05a5a6e6 Mon Sep 17 00:00:00 2001 From: John Kehayias Date: Wed, 28 Feb 2024 15:22:37 -0500 Subject: gnu: bind: Update to 9.19.21 [security fixes]. The current release fixes CVE-2023-50387 and other security issues. Previous releases fix many other security issues. * gnu/packages/dns.scm (bind): Update to 9.19.21. [source]: Remove 'patches' field. * gnu/packages/patches/bind-re-add-attr-constructor-priority.patch: Remove. * gnu/local.mk (dist_patch_DATA): Remove it. Reported-by: Felix Lechner Change-Id: I2415de88f16d9c952a1adcee5219980a3a19bb59 --- gnu/local.mk | 1 - gnu/packages/dns.scm | 8 +-- .../bind-re-add-attr-constructor-priority.patch | 57 ---------------------- 3 files changed, 4 insertions(+), 62 deletions(-) delete mode 100644 gnu/packages/patches/bind-re-add-attr-constructor-priority.patch diff --git a/gnu/local.mk b/gnu/local.mk index 208d74ef3e..1e3433d96d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -979,7 +979,6 @@ dist_patch_DATA = \ %D%/packages/patches/bazaar-CVE-2017-14176.patch \ %D%/packages/patches/bc-fix-cross-compilation.patch \ %D%/packages/patches/bdb-5.3-atomics-on-gcc-9.patch \ - %D%/packages/patches/bind-re-add-attr-constructor-priority.patch \ %D%/packages/patches/brightnessctl-elogind-support.patch \ %D%/packages/patches/bsd-games-2.17-64bit.patch \ %D%/packages/patches/bsd-games-add-configure-config.patch \ diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm index 90a0fdf9de..84d3293c79 100644 --- a/gnu/packages/dns.scm +++ b/gnu/packages/dns.scm @@ -337,23 +337,23 @@ (define-public isc-bind ;; When updating, check whether isc-dhcp's bundled copy should be as well. ;; The BIND release notes are available here: ;; https://www.isc.org/bind/ - (version "9.16.38") + (version "9.19.21") (source (origin (method url-fetch) (uri (string-append "https://ftp.isc.org/isc/bind9/" version "/bind-" version ".tar.xz")) (sha256 - (base32 "03y52iyc2g63lkk9x2vaizpr0jv27g1z6mcxnjw8m8l4kaflrx4d")) - (patches - (search-patches "bind-re-add-attr-constructor-priority.patch")))) + (base32 "133f1aq8acaz9z03cl0gcrj4pq0hqm6c3sm4hz67d37phndsjs1b")))) (build-system gnu-build-system) (outputs `("out" "utils")) (inputs ;; It would be nice to add GeoIP and gssapi once there are packages. (list libcap + liburcu libuv libxml2 + `(,nghttp2 "lib") openssl p11-kit python diff --git a/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch b/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch deleted file mode 100644 index 33e4f183f6..0000000000 --- a/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 6361de07a35f2e9dc1d7201d6b26ca31da93ee69 Mon Sep 17 00:00:00 2001 -From: Tobias Geerinckx-Rice -Date: Thu, 9 Dec 2021 01:07:32 +0100 -Subject: [PATCH] Revert "Remove priority from attribute - constructor/destructor" - -This reverts commit 0340df46ec5897636dd071bc8b5c4272cfa7d7be. It works -around an irrelevant operating system and breaks compilation on Guix: - -mem.c:873: fatal error: RUNTIME_CHECK(((pthread_mutex_lock(((&contextslock))) == 0) ? 0 : 34) == 0) failed -/gnu/store/…-bash-minimal-5.0.16/bin/bash: line 1: 13768 Aborted ./${fuzzer} - -Let's simply revert it for now---there are securities at stake! ---- - lib/isc/include/isc/util.h | 8 ++++---- - lib/isc/lib.c | 4 ++-- - 2 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h -index f0f7f85fa4..64c26587ac 100644 ---- a/lib/isc/include/isc/util.h -+++ b/lib/isc/include/isc/util.h -@@ -49,11 +49,11 @@ - #endif /* __GNUC__ */ - - #if HAVE_FUNC_ATTRIBUTE_CONSTRUCTOR && HAVE_FUNC_ATTRIBUTE_DESTRUCTOR --#define ISC_CONSTRUCTOR __attribute__((constructor)) --#define ISC_DESTRUCTOR __attribute__((destructor)) -+#define ISC_CONSTRUCTOR(priority) __attribute__((constructor(priority))) -+#define ISC_DESTRUCTOR(priority) __attribute__((destructor(priority))) - #elif WIN32 --#define ISC_CONSTRUCTOR --#define ISC_DESTRUCTOR -+#define ISC_CONSTRUCTOR(priority) -+#define ISC_DESTRUCTOR(priority) - #endif - - /*% -diff --git a/lib/isc/lib.c b/lib/isc/lib.c -index f3576b2659..2a167fec21 100644 ---- a/lib/isc/lib.c -+++ b/lib/isc/lib.c -@@ -35,9 +35,9 @@ isc_lib_register(void) { - } - - void --isc__initialize(void) ISC_CONSTRUCTOR; -+isc__initialize(void) ISC_CONSTRUCTOR(101); - void --isc__shutdown(void) ISC_DESTRUCTOR; -+isc__shutdown(void) ISC_DESTRUCTOR(101); - - void - isc__initialize(void) { --- -2.34.0 - -- cgit v1.2.3