| Summary: | Bump bind package to 9.5.1-P1 (security) | ||
|---|---|---|---|
| Product: | buildroot | Reporter: | Gustavo Zacarias <gustavo> |
| Component: | Outdated package | Assignee: | unassigned |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | buildroot |
| Priority: | P5 | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Host: | i686-linux | Target: | arm-softfloat-linux-uclibcgnueabi |
| Build: | |||
| Attachments: |
Bump bind package to 9.5.1-P1 and migrate to Makefile.autotools.in
Bump bind package to 9.5.1-P1 and migrate to Makefile.autotools.in |
||
Created attachment 107 [details]
Bump bind package to 9.5.1-P1 and migrate to Makefile.autotools.in
My bad, uninstall wouldn't remove the initscript in the previous version.
Thanks, committed as r25536. I changed it to not install into staging_dir, as nothing seems to need it. Regarding the init scripts: I would prefer to not add extra config options for it, but instead only install the script if it isn't present in the target_skeleton. |
Created attachment 105 [details] Bump bind package to 9.5.1-P1 and migrate to Makefile.autotools.in Current bind package is version 9.3.2 which is from the 9.3 branch and is EOLed. It has many security bugs probably fixed in 9.3.6-P1 but since it won't be supported for long it's probably metter to move on to a supported branch. CVE-2009-0025, CVE-2008-1447, CVE-2008-0122, CVE-2007-2926 and probably more. While at it migrate to Makefile.autotools.in too. Also introduced an option for/not to install userland tools (dig, host, nslookup, nsupdate). Some initscripts (like the one used by bind) aren't too nice or people may want to use their own initscripts, is it worth considering introducing an option in buildroot so that packages don't install their initscripts?