diff options
Diffstat (limited to 'main/bind/APKBUILD')
-rw-r--r-- | main/bind/APKBUILD | 103 |
1 files changed, 53 insertions, 50 deletions
diff --git a/main/bind/APKBUILD b/main/bind/APKBUILD index 81ba8feb970..0453b03dbfa 100644 --- a/main/bind/APKBUILD +++ b/main/bind/APKBUILD @@ -3,18 +3,21 @@ # Contributor: Carlo Landmeter <clandmeter@alpinelinux.org> # Contributor: Natanael Copa <ncopa@alpinelinux.org> # Contributor: ungleich <alpinelinux@ungleich.ch> -# Maintainer: +# Maintainer: Mike Crute <mike@crute.us> pkgname=bind -pkgver=9.16.28 +pkgver=9.18.25 _ver=${pkgver%_p*} _p=${pkgver#*_p} _major=${pkgver%%.*} [ "$_p" != "$pkgver" ] && _ver="$_ver-P$_p" -pkgrel=0 +pkgrel=1 pkgdesc="The ISC DNS server" url="https://www.isc.org/" arch="all" license="MPL-2.0" +# check: requires bind server +# fhs: creates /var/run; TODO: fix? +options="!check !fhs" pkgusers="named" pkggroups="named" depends="dns-root-hints bind-tools" @@ -22,23 +25,20 @@ depends_dev="$pkgname $pkgname-plugins $pkgname-tools" _depends_plugins="$pkgname" _root_keys_upstream="dnssec-root" _depends_root_keys="$_root_keys_upstream" -_py3deps="py3-ply python3" makedepends=" bash - bsd-compat-headers fstrm-dev - json-c-dev krb5-dev libcap-dev libuv-dev libxml2-dev + json-c-dev linux-headers + nghttp2-dev openldap-dev - openssl1.1-compat-dev + openssl-dev>3 perl protobuf-c-dev - $_py3deps - python3-dev $_depends_root_keys " install="$pkgname.pre-install $pkgname.post-install" @@ -49,15 +49,12 @@ subpackages=" $pkgname-libs $pkgname-openrc $pkgname-${_root_keys_upstream}:root_keys:noarch - py3-$pkgname:_py3 $pkgname-dnssec-tools:_dnssec_tools $pkgname-plugins $pkgname-tools " source=" https://downloads.isc.org/isc/bind$_major/$_ver/bind-$_ver.tar.xz - bind.plugindir.patch - bind.so_bsdcompat.patch named.initd named.confd named.conf.authoritative @@ -67,6 +64,28 @@ source=" " # secfixes: +# 9.18.24-r0: +# - CVE-2023-4408 +# - CVE-2023-5517 +# - CVE-2023-5679 +# - CVE-2023-5680 +# - CVE-2023-6516 +# - CVE-2023-50387 +# - CVE-2023-50868 +# 9.18.19-r0: +# - CVE-2023-3341 +# - CVE-2023-4236 +# 9.18.11-r0: +# - CVE-2022-3094 +# - CVE-2022-3736 +# - CVE-2022-3924 +# 9.18.7-r0: +# - CVE-2022-2795 +# - CVE-2022-2881 +# - CVE-2022-2906 +# - CVE-2022-3080 +# - CVE-2022-38177 +# - CVE-2022-38178 # 9.16.27-r0: # - CVE-2022-0396 # - CVE-2021-25220 @@ -135,7 +154,6 @@ prepare() { -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \ "$i" done - update_config_sub } build() { @@ -150,28 +168,20 @@ build() { --localstatedir=/var \ --mandir=/usr/share/man \ --infodir=/usr/share/info \ - --with-dlopen=yes \ - --with-dlz-filesystem=yes \ - --with-dlz-ldap=yes \ - --with-dlz-stub=yes \ - --with-gssapi=/usr \ - --with-libjson \ - --with-libtool \ + --with-gssapi=yes \ --with-libxml2 \ - --with-openssl=/usr \ - --with-python=python3 \ + --with-json-c \ + --with-openssl=yes \ --enable-dnstap \ --enable-largefile \ --enable-linux-caps \ --enable-shared \ - --enable-static \ - --disable-isc-spnego \ - --disable-backtrace + --disable-static make } check() { - ./bin/named/named -V + make test } package() { @@ -203,24 +213,15 @@ package() { ln -s named.ca root.cache } -_py3() { - pkgdesc="A module allowing rndc commands to be sent from Python programs" - depends="$_py3deps" - mkdir -p "$subpkgdir"/usr/lib - mv "$pkgdir"/usr/lib/python3* "$subpkgdir"/usr/lib/ -} - _dnssec_tools() { pkgdesc="Utilities for DNSSEC keys and DNS zone files management" - depends="py3-$pkgname=$pkgver-r$pkgrel" - mkdir -p "$subpkgdir"/usr/sbin + mkdir -p "$subpkgdir"/usr/bin mv \ - "$pkgdir"/usr/sbin/nsec3hash \ - "$pkgdir"/usr/sbin/dnssec* \ - "$subpkgdir"/usr/sbin/ + "$pkgdir"/usr/bin/nsec3hash \ + "$pkgdir"/usr/bin/dnssec* \ + "$subpkgdir"/usr/bin/ } - plugins() { pkgdesc="The ISC DNS server plugins" depends="$_depends_plugins" @@ -231,16 +232,20 @@ plugins() { tools() { pkgdesc="The ISC DNS tools" - depends="$depends_tools" + depends="" - mkdir -p "$subpkgdir"/usr - mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ + mkdir -p "$subpkgdir"/usr/bin + for i in "$pkgdir"/usr/bin/*; do + case "${i##*/}" in + named-checkconf) ;; + *) mv "$i" "$subpkgdir"/usr/bin ;; + esac + done mkdir -p "$subpkgdir"/usr/sbin for i in "$pkgdir"/usr/sbin/*; do - file "$i" | grep 'Python script' >/dev/null 2>&1 && continue || : case "${i##*/}" in - named|named-checkconf|rndc) ;; + named|rndc) ;; *) mv "$i" "$subpkgdir"/usr/sbin ;; esac done @@ -248,7 +253,7 @@ tools() { root_keys() { pkgdesc="ISC BIND DNSSEC Root Keys" - depends="$depends_root_keys" + depends="" local _dir _file _link _dir="usr/share/$_root_keys_upstream" @@ -270,7 +275,7 @@ libs() { pkgdesc="$pkgdesc (libraries)" local dir= file= for dir in lib usr/lib; do - for file in "$pkgdir"/$dir/lib*.so; do + for file in "$pkgdir"/"$dir"/lib*.so; do [ -f "$file" ] || continue mkdir -p "$subpkgdir"/$dir mv "$file" "$subpkgdir"/$dir/ @@ -285,10 +290,8 @@ _gpgfingerprints=" " sha512sums=" -7314c039b6d61b90e7f7c6d4465a26b214de67272116e334b8a3e2551b1d66c028819024ec819676c1cc66e6bf81f17890239bb48e4c40f9d6cea35f025976d3 bind-9.16.28.tar.xz -2b32d1e7f62cd1e01bb4fdd92d15460bc14761b933d5acc463a91f5ecd4773d7477c757c5dd2738e8e433693592cf3f623ffc142241861c91848f01aa84640d6 bind.plugindir.patch -7167dccdb2833643dfdb92994373d2cc087e52ba23b51bd68bd322ff9aca6744f01fa9d8a4b9cd8c4ce471755a85c03ec956ec0d8a1d4fae02124ddbed6841f6 bind.so_bsdcompat.patch -53db80f7ee4902f42fb1d0bc959242bcb6f20d95256bda99ce2c206af8b4703c7f72bb26d026c633f70451b84a37c3946b210951e34dd5d6620b181cd0183de4 named.initd +af2b751b72121a6e98d762110bff183984ab5312d0e080b4ff091f3176437d8be570a8d849034ae4df5eee4e8795f32196d94859262e44f2ce55d8b3d895ba6e bind-9.18.25.tar.xz +3d1d3e954aaee5e125f6b6f3cb660b51fc91d803df4cad43c47dbe97f19789cef20b5ca2834624668f0d761a5b81ac72db8959745d6eb293ca1154a1b390a007 named.initd 127bdcc0b5079961f0951344bc3fad547450c81aee2149eac8c41a8c0c973ea0ffe3f956684c6fcb735a29c43d2ff48c153b6a71a0f15757819a72c492488ddf named.confd d2f61d02d7829af51faf14fbe2bafe8bc90087e6b6697c6275a269ebbddcaa14a234fff5c41da793e945e8ff1de3de0858a40334e0d24289eab98df4bb721ac5 named.conf.authoritative 3aba9763cfaf0880a89fd01202f41406b465547296ce91373eb999ea7719040bc1ac4e47b0de025a8060f693d3d88774a20d09a43fa7ac6aa43989b58b5ee8fe named.conf.recursive |