From patchwork Thu Jun 25 07:09:52 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Stefan_S=C3=B8rensen?= <stefan@astylos.dk>
X-Patchwork-Id: 1316759
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=140.211.166.136; helo=silver.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
 dmarc=none (p=none dis=none) header.from=astylos.dk
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (1024-bit key;
 secure) header.d=astylos.dk header.i=@astylos.dk header.a=rsa-sha256
 header.s=google header.b=bMIeIFlI;
	dkim-atps=neutral
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 49srkb3M9Zz9sSJ
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Thu, 25 Jun 2020 17:10:15 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id 2E8A122EE7;
	Thu, 25 Jun 2020 07:10:10 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id wbMQmIpT-YCM; Thu, 25 Jun 2020 07:10:07 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by silver.osuosl.org (Postfix) with ESMTP id CF669220CA;
	Thu, 25 Jun 2020 07:10:06 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])
 by ash.osuosl.org (Postfix) with ESMTP id 1B60E1BF361
 for <buildroot@lists.busybox.net>; Thu, 25 Jun 2020 07:10:05 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by fraxinus.osuosl.org (Postfix) with ESMTP id 187058614A
 for <buildroot@lists.busybox.net>; Thu, 25 Jun 2020 07:10:05 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
 by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id IekQ3w_N7Njs for <buildroot@lists.busybox.net>;
 Thu, 25 Jun 2020 07:10:04 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mail-ed1-f65.google.com (mail-ed1-f65.google.com
 [209.85.208.65])
 by fraxinus.osuosl.org (Postfix) with ESMTPS id 2DFD186142
 for <buildroot@buildroot.org>; Thu, 25 Jun 2020 07:10:03 +0000 (UTC)
Received: by mail-ed1-f65.google.com with SMTP id g1so3339614edv.6
 for <buildroot@buildroot.org>; Thu, 25 Jun 2020 00:10:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=astylos.dk; s=google;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=SBLKupTntaLmNx7jbvpBG9Zs7vCDCvbjzdTu5eVtLxw=;
 b=bMIeIFlI1TTKPoTBzpIJTc2CgffcDScDR0Sg5L27wDBRd9Og45dpnGgrEUzy1BJpJ5
 gO33Zf6EwuOzrGx3Am2R5QlFmXE8SCSKXdsRQB8IyHgc36ZHLGC4kuuYeUS6QmHsbZ2x
 iIXXwLYVhI/GeeQ3O9IO5uYr6BI/c+gNO6+s0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=SBLKupTntaLmNx7jbvpBG9Zs7vCDCvbjzdTu5eVtLxw=;
 b=hwBksmHChauWmz/CSLwImAT+SSrMu3DZbD+1+2Uy3vQHCr4lbhMSyczFniLcsvmYg9
 df5f7jEgSGA4b/Ko24ADYpSS8Dse1IeZ5eH2sQDpAVZ++dy5+l+5kG8go6Ydk0N4og0R
 vWz/I9UcniPs1m25Shjqcce2Ax8J5J/IT/N2wjCfXdbLwIsAdTI+6w9tQxmRfjDc+Uhr
 nDZ9yprQd8i8yzFWnTDzsFkA4LTgt2GefpVi8QIRXs5fWD7bbO8gEgIsYAS7ezeeVuap
 Dllws9l1DTKjy9OaRXaeArRP5kAG1o30tA8j4LEPLC6dQfdUhASGryRBD4qkeBu8pNYs
 yjjg==
X-Gm-Message-State: AOAM533+DvBG2v6hswhCUQbh6n/Hlvx4nlFvY+x5oLBO0Z+XrQWLpWML
 /Uewf9mzbQKcGyR+A3ZdexLJ+nwa14A=
X-Google-Smtp-Source: 
 ABdhPJxiPdaY4w2astBH2hqcownmKeBxikvZPt+psaQp+DxwZX8Q6IN6hSlCqYHUqoMbzyAjX66V2g==
X-Received: by 2002:a05:6402:1217:: with SMTP id
 c23mr30308732edw.270.1593069001995;
 Thu, 25 Jun 2020 00:10:01 -0700 (PDT)
Received: from e31094.local ([85.191.46.138])
 by smtp.gmail.com with ESMTPSA id g13sm16951995edy.27.2020.06.25.00.10.00
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 25 Jun 2020 00:10:01 -0700 (PDT)
From: stefan@astylos.dk
X-Google-Original-From: stefan.sorensen@spectralink.com
To: buildroot@buildroot.org
Date: Thu, 25 Jun 2020 09:09:52 +0200
Message-Id: <20200625070952.3005722-1-stefan.sorensen@spectralink.com>
X-Mailer: git-send-email 2.25.4
MIME-Version: 1.0
Subject: [Buildroot] [PATCH] package/bind: security bump to version 9.11.20
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

From: Stefan Sørensen <stefan.sorensen@spectralink.com>

Fixes the following security issue:
 * CVE-2020-8619: It was possible to trigger an INSIST failure when a
   zone with an interior wildcard label was queried in a certain
   pattern.

Release notes:
https://ftp.isc.org/isc/bind9/cur/9.11/RELEASE-NOTES-bind-9.11.20.txt

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
 package/bind/bind.hash | 4 ++--
 package/bind/bind.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/bind/bind.hash b/package/bind/bind.hash
index 4eb3aff3b1..282b2aeba3 100644
--- a/package/bind/bind.hash
+++ b/package/bind/bind.hash
@@ -1,4 +1,4 @@
-# Verified from https://ftp.isc.org/isc/bind9/9.11.19/bind-9.11.19.tar.gz.asc
+# Verified from https://ftp.isc.org/isc/bind9/9.11.20/bind-9.11.20.tar.gz.asc
 # with key AE3FAC796711EC59FC007AA474BB6B9A4CBB3D38
-sha256  0dee554a4caa368948b32da9a0c97b516c19103bc13ff5b3762c5d8552f52329  bind-9.11.19.tar.gz
+sha256  306831a738a275693bbe1d6839a09b34a2c8b5c26f8a42ea57ef000a6a99c2b6  bind-9.11.20.tar.gz
 sha256  da2aec2b7f6f0feb16bcb080e2c587375fd3195145f047e4d92d112f5b9db501  COPYRIGHT
diff --git a/package/bind/bind.mk b/package/bind/bind.mk
index 362a26dce6..80f8defca8 100644
--- a/package/bind/bind.mk
+++ b/package/bind/bind.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.19
+BIND_VERSION = 9.11.20
 BIND_SITE = https://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)