1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-02 10:31:36 +00:00
Commit graph

56 commits

Author SHA1 Message Date
Robin Gloster b447f624c3
bind: 9.10.4-P6 -> 9.10.5 2017-05-20 14:24:57 +02:00
Franz Pletz eb79649414
bind: disable seccomp by default
Fixes #25645 & #23431.
2017-05-09 18:19:38 +02:00
Nikolay Amiantov f1e7a60b16
dnsutils: +sigchase support for dig
Fixes #10728, closes #22989.
The dnsutils output got ~60kiB bigger, and I see no extra runtime deps.
2017-02-19 12:13:05 +01:00
Franz Pletz da5eaa3c21
bind: 9.10.4-P5 -> 9.10.4-P6 for CVE-2017-3135
See https://kb.isc.org/article/AA-01453.

cc #22549
2017-02-09 10:44:16 +01:00
Peter Simons 2fd0a9f3c7 bind: update to 9.10.4-P5 (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444, CVE-2016-9778) 2017-01-12 10:00:22 +01:00
Franz Pletz e6708cea37
bind: fix collision of binaries in outputs
Using outputsToInstall the intended behaviour of including host and dnsutils
when bind is installed can be implemented instead of using symlinks to fix
installing all outputs individually with nix-env.

Fixes #19761.
2017-01-07 02:44:54 +01:00
Vladimír Čunát f0b9ecfa01
bind: fixup more openssl.dev references 2016-12-08 19:10:19 +01:00
Peter Simons 0b180d1ca4 bind: update to 9.10.4-P4 to fix CVE-2016-8864 2016-11-01 22:16:26 +01:00
Tuomas Tynkkynen b4d8f8b8e2 bind: Disable seccomp on non-x86
The list of permitted syscalls in the seccomp sandbox is only defined
for x86. It fails to build otherwise:

````
In file included from /tmp/nix-build-bind-9.10.4-P3.drv-0/bind-9.10.4-P3/lib/isc/include/isc/magic.h:23:0,
                 from /tmp/nix-build-bind-9.10.4-P3.drv-0/bind-9.10.4-P3/lib/isc/include/isc/app.h:89,
                 from ./main.c:26:
./main.c: In function 'setup_seccomp':
./main.c:848:17: error: 'scmp_syscalls' undeclared (first use in this function)
  INSIST((sizeof(scmp_syscalls) / sizeof(int)) ==
````
2016-10-16 23:37:48 +03:00
Franz Pletz fa405aa264 bind: split out dnsutils & host binaries (#18903)
These tools are commonly used but don't require the other bind binaries.
Bind's libs are used, so they've also been split into an extra output.

The old version of host isn't maintained anymore and was removed From Debian
back in 2009: https://packages.qa.debian.org/h/host.html
2016-10-08 16:01:15 +02:00
Franz Pletz 96b1d15e0c
bind: enable seccomp on linux 2016-09-28 10:50:25 +02:00
Peter Simons 8aaf610d4d bind: cosmetic fix for Emacs' syntax highlighting 2016-09-27 19:30:21 +02:00
Peter Simons 7a5ff282aa bind: update to version 9.10.4-P3 to fix CVE-2016-2776 2016-09-27 19:29:51 +02:00
Tim Steinbach dbbff67754 bind: 9.10.4 -> 9.10.4-P2 (#18880) 2016-09-24 01:55:00 +02:00
Tuomas Tynkkynen 048a30e4e4 treewide: Fix dev references to libxml2 2016-08-30 03:02:32 +03:00
Tuomas Tynkkynen a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Vladimír Čunát c4661e9643 Merge: make dev output references explicit
This is a rebase of most commits from #14766,
resolving conflicts and a few other evaluation problems.
2016-05-22 12:09:23 +02:00
Tuomas Tynkkynen 2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen ff24ce23c9 bind: Fix references to openssl in *.la files
Avoids reference to the OpenSSL development headers.
2016-05-18 23:05:51 +03:00
Peter Simons 8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Tuomas Tynkkynen 0561e14c3b bind: Split into multiple outputs
A patch is needed to make bind not print its configure flags on
'named -V'.
2016-05-14 22:12:59 +03:00
Tuomas Tynkkynen e460267737 bind: Attempt to fix Darwin OpenSSL linking
Issue #15279 reports:

````
Checking for OpenSSL library... using OpenSSL from /nix/store/c6kijfc5py2805lmqczvmcws5cm9jg1l-openssl-1.0.2g-dev/lib and /nix/store/c6kijfc5py2805lmqczvmcws5cm9jg1l-openssl-1.0.2g-dev/include
checking whether linking with OpenSSL works... no
configure: error: Could not run test program using OpenSSL from
/nix/store/c6kijfc5py2805lmqczvmcws5cm9jg1l-openssl-1.0.2g-dev/lib and /nix/store/c6kijfc5py2805lmqczvmcws5cm9jg1l-openssl-1.0.2g-dev/include.
Please check the argument to --with-openssl and your
shared library configuration (e.g., LD_LIBRARY_PATH).
builder for ‘/nix/store/54nni99j4ycwws6zfjwcvv8vxsdk895i-bind-9.10.4.drv’ failed with exit code 1
````
2016-05-13 23:31:30 +03:00
Alexander Ried 5be72c23ea bind: LibreSSL compatibility added upstream 2016-05-03 04:58:01 +02:00
Alexander Ried 19ce448380 bind: 9.10.3-P4 -> 9.10.4 2016-05-03 04:58:01 +02:00
Franz Pletz 404a699a20 bind: 9.10.3 -> 9.10.3-P4 (security)
Fixes:

  * CVE-2016-1285: https://kb.isc.org/article/AA-01352/
  * CVE-2016-1286: https://kb.isc.org/article/AA-01353/
2016-03-21 03:53:21 +01:00
Franz Pletz 0e07172c6d bind: Fix patching Makefile.in
There is no postPatchPhase.
2015-12-25 21:39:56 -05:00
Robin Gloster bdfc4efd67 bind: add patch to build with libressl 2.3 2015-12-23 22:08:33 +00:00
William A. Kennington III ecd90e61cc bind: 9.10.2-P4 -> 9.10.3 2015-09-17 14:12:38 -07:00
William A. Kennington III 21370fb150 bind: 9.10.2-P3 -> 9.10.2-P4 2015-09-02 21:49:43 -07:00
William A. Kennington III 3932ba7a54 bind: 9.10.2-P2 -> 9.10.2-P3 2015-07-29 10:36:45 -07:00
Pascal Wittmann 007e288912 bind: update from 9.10.2 to 9.10.2-P2, fixes CVE-2015-4620 2015-07-10 18:20:29 +02:00
Eelco Dolstra ab8b68cd99 Revert "bind: Modify build"
This reverts commit 0a06b99d69.
2015-06-04 14:54:51 +02:00
Eelco Dolstra 676fbc2578 Revert "bind: Enable parallel building"
This reverts commit e74b5704a8.
2015-06-04 14:54:51 +02:00
Eelco Dolstra 4fdf489073 Revert "dnsutils: Add smaller derivation of bind"
This reverts commit bb6ac771c4.
2015-06-04 14:54:51 +02:00
Eelco Dolstra 0a4de71cb0 Revert "bind: Add propagatedBuildInputs"
This reverts commit 9f70b1ab31.
2015-06-04 14:54:51 +02:00
William A. Kennington III 9f70b1ab31 bind: Add propagatedBuildInputs 2015-05-24 15:01:21 -07:00
William A. Kennington III bb6ac771c4 dnsutils: Add smaller derivation of bind 2015-05-23 22:26:23 -07:00
William A. Kennington III e74b5704a8 bind: Enable parallel building 2015-05-23 20:07:51 -07:00
William A. Kennington III 0a06b99d69 bind: Modify build 2015-05-23 19:07:13 -07:00
koral f1e615f6df bind: 9.9.5-W1 -> 9.10.2 + added rndc key 2015-03-01 20:02:09 +00:00
Bjørn Forsman c9baba9212 Fix many package descriptions
(My OCD kicked in today...)

Remove repeated package names, capitalize first word, remove trailing
periods and move overlong descriptions to longDescription.

I also simplified some descriptions as well, when they were particularly
long or technical, often based on Arch Linux' package descriptions.

I've tried to stay away from generated expressions (and I think I
succeeded).

Some specifics worth mentioning:
 * cron, has "Vixie Cron" in its description. The "Vixie" part is not
   mentioned anywhere else. I kept it in a parenthesis at the end of the
   description.

 * ctags description started with "Exuberant Ctags ...", and the
   "exuberant" part is not mentioned elsewhere. Kept it in a parenthesis
   at the end of description.

 * nix has the description "The Nix Deployment System". Since that
   doesn't really say much what it is/does (especially after removing
   the package name!), I changed that to "Powerful package manager that
   makes package management reliable and reproducible" (borrowed from
   nixos.org).

 * Tons of "GNU Foo, Foo is a [the important bits]" descriptions
   is changed to just [the important bits]. If the package name doesn't
   contain GNU I don't think it's needed to say it in the description
   either.
2014-08-24 22:31:37 +02:00
Patrick Mahoney b947cde3a5 bind: Expand to all unix platforms. 2014-08-04 15:09:07 -05:00
Peter Simons b0c2354809 bind: update to version 9.9.5-W1 (fixes CVE-2013-6230 and CVE 2014-0591) 2014-03-03 13:10:05 +01:00
Peter Simons 6603ef3bf8 bind: update to version 9.9.4-P2 2014-01-14 15:55:24 +01:00
Peter Simons 516377c0b6 bind: update to 9.9.3-p2 to fix CVE-2013-4854 2013-07-28 13:50:11 +02:00
Peter Simons 2e618df532 bind: avoid build impurity by explicitly enabling/disabling features
The BIND configure script finds extra dependencies in /usr/include and /usr/lib,
and activates additional features if it does. This may cause the build to fail
on systems that cannot use a chroot environment. Actively disabling those
additional features prevents this issue from occurring.
2013-06-10 15:38:00 +02:00
Peter Simons bfa846cd6e bind: update to 9.9.3-P1 to fix CVE-2013-3919 2013-06-07 13:27:12 +02:00
Peter Simons e655ac24d2 bind: add meta.license attribute 2013-04-01 11:46:14 +02:00
Peter Simons d95c79bad7 bind: update to version 9.9.2-P2 to fix CVE 2010-4051 /2010-4052 2013-04-01 11:46:13 +02:00
Michael Raskin 8eec7bf2f6 Updating BIND to freshest version 9.9.2 2012-10-17 16:27:38 +04:00