9 years ago · a681221e3b
--- a/b/bind/bind-vl.spec
+++ b/b/bind/bind-vl.spec
@@ -2,8 +2,8 @@
 
				 
			
 
				 %define sname bind
			
 
				 %define pname bind
			
 
				-%define pversion 9.9.6.P1
			
 
				-%define sversion 9.9.6-P1
			
 
				+%define pversion 9.9.6.P2
			
 
				+%define sversion 9.9.6-P2
			
 
				 %define bind_epoch 1
			
 
				 # fixed <BTS:VineLinux:1139>
			
 
				 %define old_bind_version 1:9.9.2p2-1vl7
			
@@ -15,7 +15,7 @@ Summary: A DNS (Domain Name System) server.
 
				 Summary(ja): DNS (Domain Name System) サーバ
			
 
				 Name: %{pname}
			
 
				 Version: %{pversion}
			
 
				-Release: 3%{?_dist_release}
			
 
				+Release: 1%{?_dist_release}
			
 
				 Epoch: %{bind_epoch}
			
 
				 License: distributable
			
 
				 Group: System Environment/Daemons
			
@@ -30,7 +30,7 @@ Source5: keygen.c
 
				 Patch1: bind-9.3.3rc2-rndckey.patch
			
 
				 
			
 
				 BuildRoot: %{_tmppath}/%{name}-%{version}-root
			
 
				-BuildRequires: openssl-devel glibc-devel libtool
			
 
				+BuildRequires: openssl-devel glibc-devel libtool readline-devel
			
 
				 BuildRequires: libxml2-devel
			
 
				 BuildRequires: libcap-devel
			
 
				 Requires(pre): %{pname}-utils = %{bind_epoch}:%{version}-%{release}
			
@@ -287,7 +287,6 @@ fi
 
				 %{_mandir}/man1/nslookup.1*
			
 
				 %{_mandir}/man8/nslookup.8*
			
 
				 
			
 
				-
			
 
				 %files devel
			
 
				 %defattr(-,root,root)
			
 
				 %{_libdir}/*.so
			
@@ -300,9 +299,13 @@ fi
 
				 %{_bindir}/isc-config.sh
			
 
				 
			
 
				 %changelog
			
 
				+* Fri Feb 27 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 9.9.6.P2-1
			
 
				+- new upstream release with secrity fix (CVE-2015-1349)
			
 
				+- added BR: readline-devel
			
 
				+
			
 
				 * Fri Feb  6 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 9.9.6.P1-3
			
 
				 - new upstream release with secrity fix (CVE-2014-8500)  
			
 
				-- used "3" as release number  because of being newer than Vine Linux/6 updates
			
 
				+- used "3" as release number because of being newer than Vine Linux/6 updates
			
 
				 
			
 
				 * Tue Oct 08 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 9.9.4-1
			
 
				 - update to 9.9.4(ESV)
			
--- a/n/ntp/ntp-vl.spec
+++ b/n/ntp/ntp-vl.spec
@@ -4,7 +4,7 @@ Summary: Synchronizes system time using the Network Time Protocol (NTP).
 
				 Summary(ja): Network Time Protocol (NTP) を用いたシステム時刻の同期
			
 
				 Name: ntp
			
 
				 Version: 4.2.6p5
			
 
				-Release: 3%{?_dist_release}
			
 
				+Release: 4%{?_dist_release}
			
 
				 License: distributable
			
 
				 Group: System Environment/Daemons
			
 
				 URL: http://www.ntp.org/
			
@@ -77,6 +77,8 @@ Patch100: ntp-4.2.6p5-cve-2014-9293.patch
 
				 Patch110: ntp-4.2.6p5-cve-2014-9294.patch
			
 
				 Patch120: ntp-4.2.6p3_CVE-2014-9295.patch
			
 
				 Patch130: ntp-4.2.6p3_CVE-2014-9296.patch
			
 
				+Patch140: ntp-4.2.6p3-CVE-2014-9297.patch
			
 
				+Patch150: ntp-4.2.6p5-CVE-2014-9298.patch
			
 
				 
			
 
				 Requires(pre): /sbin/chkconfig
			
 
				 # PreReq: /sbin/chkconfig
			
@@ -156,11 +158,12 @@ sed -i 's|/var/db/ntp-kod|%{_localstatedir}/lib/ntp/sntp-kod|' sntp/{sntp.1,main
 
				 %patch60 -p0 -b .NANO
			
 
				 
			
 
				 # security
			
 
				-# %patch100 -p1 -b .CVE-2009-0159
			
 
				 %patch100 -p1 -b .cve-2014-9293
			
 
				 %patch110 -p1 -b .cve-2014-9294
			
 
				 %patch120 -p1 -b .CVE-2014-9295
			
 
				 %patch130 -p1 -b .CVE-2014-9296
			
 
				+%patch140 -p1 -b .CVE-2014-9297
			
 
				+%patch150 -p1 -b .CVE-2014-9298
			
 
				 
			
 
				 %build
			
 
				 # autoconf
			
@@ -272,6 +275,13 @@ fi
 
				 %{_mandir}/man8/ntptrace.8*
			
 
				 
			
 
				 %changelog
			
 
				+* Fri Feb 27 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 4.2.6p5-4
			
 
				+- added patch140 and 150 from Vine Linux/6
			
 
				+  * Mon Feb  9 2015 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 4.2.6p3-5
			
 
				+  - add patch140 for fix CVE-2014-9297 (length value in extension fields)
			
 
				+  - add patch150 for fix CVE-2014-9298 (bypass ACLs based on IPv6)
			
 
				+    these patches based from debian wheezy, thanks.
			
 
				+  
			
 
				 * Fri Feb  6 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 4.2.6p5-3
			
 
				 - added patch100-130 from Vine Linux/6
			
 
				   * Sun Dec 21 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 4.2.6p3-4
			
--- a/o/openldap/openldap-vl.spec
+++ b/o/openldap/openldap-vl.spec
@@ -16,7 +16,7 @@ Summary: The configuration files, libraries and documentation for OpenLDAP.
 
				 Summary(ja): OpenLDAP の設定ファイル，ライブラリ，ドキュメント.
			
 
				 Name: openldap
			
 
				 Version: 2.4.23
			
 
				-Release: 5%{?_dist_release}
			
 
				+Release: 6%{?_dist_release}
			
 
				 License: OpenLDAP
			
 
				 Group: System Environment/Libraries
			
 
				 URL: http://www.openldap.org/
			
@@ -71,6 +71,8 @@ Patch1141: openldap-cve-relay-rwm-translucent.patch
 
				 Patch1144: openldap-cve-nss-cipher-suite-ignored.patch
			
 
				 ## based CentOS 6.3; openldap 2.4.23-26.el6_3.2
			
 
				 Patch1145: openldap-VineLinux-cve-nss-default-cipher-suite-always-selected.patch
			
 
				+# CVE-2013-4449
			
 
				+Patch1146: openldap-rwm-reference-counting.patch
			
 
				 
			
 
				 BuildRoot: %{_tmppath}/%{name}-%{version}-root
			
 
				 BuildRequires: autoconf, automake, libtool >= 2.2.6a
			
@@ -241,6 +243,8 @@ pushd openldap-%{version}
 
				 %patch1141 -p1 -b .cve-relay-rwm-translucent
			
 
				 %patch1144 -p1 -b .cve-nss-cipher-suite-ignored
			
 
				 %patch1145 -p2 -b .cve-VineLinux-nss-default-cipher-suite-always-selected
			
 
				+# CVE-2013-4449
			
 
				+%patch1146 -p1 -b .rwm-reference-counting
			
 
				 
			
 
				 libtoolize --force --copy
			
 
				 popd
			
@@ -707,6 +711,9 @@ fi
 
				 
			
 
				 
			
 
				 %changelog
			
 
				+* Fri Feb 27 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 2.4.23-6
			
 
				+- add patch1146 for fix CVE-2013-4449
			
 
				+
			
 
				 * Tue Dec 16 2014 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 2.4.23-5
			
 
				 - added Patch700 to build with libdb 5.3.28