Commit Graph

127 Commits

Author SHA1 Message Date
Vladimír Čunát c76f8d9c7a knot-resolver: maintenance 1.3.0 -> 1.3.1 2017-06-23 14:48:29 +02:00
Vladimír Čunát 75872f3161 knot-dns: security 2.5.1 -> 2.5.2
https://lists.nic.cz/pipermail/knot-dns-users/2017-June/001144.html
2017-06-23 14:48:10 +02:00
Franz Pletz 72c36db003 bind: 9.10.5 -> 9.10.5-P1 for CVE-2017-3140 2017-06-15 13:43:09 +02:00
Franz Pletz 44cb792077 powerdns: 4.0.2 -> 4.0.3 2017-06-13 21:21:59 +02:00
Vladimír Čunát 156a9afb2b knot-resolver: 1.2.6 -> 1.3.0 2017-06-13 10:57:33 +02:00
Vladimír Čunát db0235ce76 knot-dns: quick bugfix 2.5.0 -> 2.5.1 2017-06-07 17:57:42 +02:00
Franz Pletz f18bcc1e2a knot-dns: 2.4.2 -> 2.5.0 2017-06-06 03:59:16 +02:00
Michiel Leenaars 16857df2f3 nsd: fix openssl path in nsd-control-setup
Closes #26002
2017-05-26 10:00:28 +02:00
Michiel Leenaars 51269faa08 nsd: 4.1.15 -> 4.1.16 2017-05-26 10:00:16 +02:00
Robin Gloster b447f624c3 bind: 9.10.4-P6 -> 9.10.5 2017-05-20 14:24:57 +02:00
Franz Pletz eb79649414 bind: disable seccomp by default
Fixes #25645 & #23431.
2017-05-09 18:19:38 +02:00
Vladimír Čunát d7501b986a luajit: 2.1.0-beta2 -> 2.1.0-beta3
The removal of `luaL_reg` alias caused lots of breakage.
Only sysdig and knot-resolver needed (also) other changes.
2017-05-02 14:00:45 +02:00
Vladimír Čunát 125cf35273 knot-resolver: maintenance 1.2.5 -> 1.2.6 2017-04-24 16:36:27 +02:00
Christoph Hrdinka 60160234aa nsd: 4.1.14 -> 4.1.15 2017-04-08 21:49:13 +02:00
Vladimír Čunát 44168b4b22 knot-resolver: update the source hash
Just nitpick changes in the tarball, minutes after the release.
2017-04-05 16:08:11 +02:00
Vladimír Čunát 12839e4599 knot-resolver: maintenance 1.2.4 -> 1.2.5 2017-04-05 15:49:27 +02:00
John Ericson 4c0d7da183 Get rid of all with { inherit... } and just used let inherit...
The old forms presumably predates, or were made in ignorance of,
`let inherit`. This way is better style as the scoping as more lexical,
something which Nix can (or might already!) take advantage of.
2017-03-30 03:05:05 -04:00
Vladimír Čunát 070ae18422 knot-dns: maintenance 2.4.1 -> 2.4.2 2017-03-23 16:34:11 +01:00
Vladimír Čunát 74f92e9556 knot-resolver: maintenance 1.2.3 -> 1.2.4 2017-03-09 21:25:45 +01:00
Vladimír Čunát cb63a0b2da knot-resolver: maintenance 1.2.2 -> 1.2.3
Just tiny fixes for some rare circumstances.
https://lists.nic.cz/pipermail/knot-dns-users/2017-February/001066.html
2017-02-23 16:23:23 +01:00
Rene Treffer 055d6399ef coredns: 001 -> 005 2017-02-19 21:26:10 +01:00
Nikolay Amiantov f1e7a60b16 dnsutils: +sigchase support for dig
Fixes #10728, closes #22989.
The dnsutils output got ~60kiB bigger, and I see no extra runtime deps.
2017-02-19 12:13:05 +01:00
Vladimír Čunát e5ac6bc999 knot-resolver: use embedded lmdb on Darwin for now
I don't know what's wrong there, and Darwin isn't among primary platforms
for kresd.
2017-02-15 10:23:44 +01:00
Vladimír Čunát 2fce8dda39 knot-dns: fixup Darwin build again, hopefully 2017-02-14 00:47:26 +01:00
Vladimír Čunát 935ede8a59 knot-resovler: use shared lmdb now 2017-02-13 16:56:54 +01:00
Vladimír Čunát 5b75338a50 knot-dns: use shared lmdb 2017-02-13 16:50:39 +01:00
Vladimír Čunát 45b1d0cb8c knot-dns: maintenance 2.4.0 -> 2.4.1 2017-02-11 17:51:57 +01:00
Vladimír Čunát 0b7fec6272 knot-resolver: maintenance 1.2.1 -> 1.2.2
In particular, trust anchor bootstrapping is fixed after IANA publishing
an additional key.
2017-02-11 17:47:45 +01:00
Christoph Hrdinka 3047bb2e9c nsd: 4.1.13 -> 4.1.14
* Fix #1132 for SERVFAIL zones perform backoff, and remembers the timeout on next startup.

* Fix null memcpy for radixtree with single link element.
* Robust fix against missing master in tcp_open for xfrd.
* Fix wildcards in include: config statements with chroot enabled.
* suppress compile warning in lex files.
* Fix to try every master once, then wait for timeout or notify.
* Save backoff timeout into xfrd.state file, this file has a higher version number now. Old files are skipped silently (causes refresh) and created as new files upon exit.
* Fix restart of zone transfers when new config becomes available.
2017-02-10 15:12:18 +01:00
Franz Pletz da5eaa3c21 bind: 9.10.4-P5 -> 9.10.4-P6 for CVE-2017-3135
See https://kb.isc.org/article/AA-01453.

cc #22549
2017-02-09 10:44:16 +01:00
Vladimír Čunát c3badbb366 knot-resolver: 1.2.0 -> 1.2.1
It mainly fixes a single issue that perhaps has a minor security impact.
https://lists.nic.cz/pipermail/knot-dns-users/2017-February/001045.html
2017-02-01 22:46:15 +01:00
Vladimír Čunát dacbca2730 knot-dns: yet another attempt to fix build on Darwin 2017-01-31 12:53:24 +01:00
Vladimír Čunát 612333a770 knot-resolver: yet another attempt to fix build on Darwin 2017-01-30 20:08:16 +01:00
Vladimír Čunát 7f7faab009 knot-dns: yet another attempt to fix build on Darwin 2017-01-30 16:10:59 +01:00
Vladimír Čunát 196b87f707 knot-dns: another attempt to fix build on Darwin 2017-01-30 11:55:30 +01:00
Vladimír Čunát fd32b16f9e knot-dns: another attempt to fix build on Darwin
The effort is getting long, without any direct access to a Darwin machine.
2017-01-30 10:09:44 +01:00
Vladimír Čunát f27fb8ab75 knot-{dns,resolver}: try to fix on darwin
Evaluation works now, at least.
2017-01-25 22:42:20 +01:00
Vladimír Čunát 278bbe3b33 add kresd service with basic options
Still celebrating today's 1.2.0 release!
2017-01-25 18:46:28 +01:00
Vladimír Čunát 5d5fb4a2fb knot-resolver: init at 1.2.0
Celebrating today's release!
2017-01-25 15:22:09 +01:00
rnhmjoj d79ea39d04 pdns-recursor: init at 4.0.4 2017-01-23 08:09:51 +01:00
Vladimír Čunát 64b7f096e6 knot-dns: 2.3.3 -> 2.4.0 2017-01-19 11:23:21 +01:00
Jörg Thalheim 1fe51342a9 powerdns: 4.0.1 -> 4.0.2 2017-01-14 23:01:56 +01:00
Peter Simons 2fd0a9f3c7 bind: update to 9.10.4-P5 (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444, CVE-2016-9778) 2017-01-12 10:00:22 +01:00
Franz Pletz e6708cea37 bind: fix collision of binaries in outputs
Using outputsToInstall the intended behaviour of including host and dnsutils
when bind is installed can be implemented instead of using symlinks to fix
installing all outputs individually with nix-env.

Fixes #19761.
2017-01-07 02:44:54 +01:00
Vladimír Čunát df07922e3e knot-dns: init at 2.3.3
Only .lib is tested ATM.
2016-12-13 15:31:29 +01:00
Vladimír Čunát f0b9ecfa01 bind: fixup more openssl.dev references 2016-12-08 19:10:19 +01:00
Peter Simons 0b180d1ca4 bind: update to 9.10.4-P4 to fix CVE-2016-8864 2016-11-01 22:16:26 +01:00
Graham Christensen c48fd00fae nsd: 4.1.12 -> 4.1.13 for CVE-2016-6173
Closes #19685
2016-10-19 15:16:54 +02:00
Tuomas Tynkkynen b4d8f8b8e2 bind: Disable seccomp on non-x86
The list of permitted syscalls in the seccomp sandbox is only defined
for x86. It fails to build otherwise:

````
In file included from /tmp/nix-build-bind-9.10.4-P3.drv-0/bind-9.10.4-P3/lib/isc/include/isc/magic.h:23:0,
                 from /tmp/nix-build-bind-9.10.4-P3.drv-0/bind-9.10.4-P3/lib/isc/include/isc/app.h:89,
                 from ./main.c:26:
./main.c: In function 'setup_seccomp':
./main.c:848:17: error: 'scmp_syscalls' undeclared (first use in this function)
  INSIST((sizeof(scmp_syscalls) / sizeof(int)) ==
````
2016-10-16 23:37:48 +03:00
Franz Pletz fa405aa264 bind: split out dnsutils & host binaries (#18903)
These tools are commonly used but don't require the other bind binaries.
Bind's libs are used, so they've also been split into an extra output.

The old version of host isn't maintained anymore and was removed From Debian
back in 2009: https://packages.qa.debian.org/h/host.html
2016-10-08 16:01:15 +02:00