diff options
| author | Tobias Geerinckx-Rice <me@tobias.gr> | 2019-04-25 04:35:50 +0200 |
|---|---|---|
| committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2019-04-25 04:42:17 +0200 |
| commit | 0406434baaf180af51c02c2cee02d972356047b3 (patch) | |
| tree | 3cdd8f40a630b88ddf06aa417215e9ef394c5b2c /gnu/packages/patches | |
| parent | 9b19734c50a2f377e474e37cde15291b3fdf524a (diff) | |
| download | guix-0406434baaf180af51c02c2cee02d972356047b3.tar.gz | |
gnu: bind: Update to 9.12.4-P1 [fixes CVE-2018-5743, CVE-2019-6467].
* gnu/packages/dns.scm (isc-bind): Update to 9.12.4-P1. [source]: Add patch. [inputs]: Add python and python-ply. * packages/patches/bind-fix-unused-pk11-ecc-constants.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
Diffstat (limited to 'gnu/packages/patches')
| -rw-r--r-- | gnu/packages/patches/bind-fix-unused-pk11-ecc-constants.patch | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/gnu/packages/patches/bind-fix-unused-pk11-ecc-constants.patch b/gnu/packages/patches/bind-fix-unused-pk11-ecc-constants.patch new file mode 100644 index 0000000000..ab7cc83684 --- /dev/null +++ b/gnu/packages/patches/bind-fix-unused-pk11-ecc-constants.patch @@ -0,0 +1,43 @@ +From: Tobias Geerinckx-Rice <me@tobias.gr> +Date: Thu, 25 Apr 2019 04:36:52 +0200 +Subject: [PATCH] gnu: bind: Fix unused PKCS#11 ECC constants. + +Without this patch, the build fails: + + pkcs11-keygen.c: In function ‘main’: + pkcs11-keygen.c:424:32: error: ‘pk11_ecc_prime256v1’ undeclared (first use in this function) + public_template[4].pValue = pk11_ecc_prime256v1; + ^ + pkcs11-keygen.c:424:32: note: each undeclared identifier is reported only once for each function it appears in + pkcs11-keygen.c:428:32: error: ‘pk11_ecc_secp384r1’ undeclared (first use in this function) + public_template[4].pValue = pk11_ecc_secp384r1; + ^ + make[2]: *** [Makefile:217: pkcs11-keygen.o] Error 1 + +Fix copied verbatim from upstream[0]. + +[0]: https://gitlab.isc.org/isc-projects/bind9/issues/935 + +--- +--- orig-bind-9.11.6/bin/pkcs11/pkcs11-keygen.c 2019-02-27 15:28:15.000000000 -0800 ++++ bind-9.11.6/bin/pkcs11/pkcs11-keygen.c 2019-03-11 09:20:50.955257469 -0700 +@@ -403,6 +403,10 @@ + public_template[RSA_PUBLIC_EXPONENT].ulValueLen = expsize; + break; + case key_ecc: ++#if !defined(HAVE_PKCS11_ECDSA) ++ fprintf(stderr, "prime256v1 and secp3841r1 is not supported\n"); ++ usage(); ++#else + op_type = OP_EC; + if (bits == 0) + bits = 256; +@@ -429,7 +433,7 @@ + public_template[4].ulValueLen = + sizeof(pk11_ecc_secp384r1); + } +- ++#endif + break; + case key_ecx: + #if !defined(CKM_EDDSA_KEY_PAIR_GEN) |