Commit Graph

120 Commits

Author SHA1 Message Date
Shea Levy
60c8c02877
bind: Remove unnecessary environment defines. 2018-03-01 18:33:36 -05:00
Shea Levy
a1e219e562
bind: Fix cross-compilation 2018-02-28 15:01:31 -05:00
Tim Steinbach
54415188b2
bind: 9.11.2 -> 9.12.0 2018-02-25 13:20:47 -05:00
Will Dietz
24dd0323b1 bind: perl as nativeBuildInput 2018-01-22 17:24:53 -06:00
adisbladis
ca094d7af2
bind: License changed to MPL 2.0 2018-01-17 09:39:20 +08:00
Andreas Rammhold
d2b852fe7d
bind: 9.11.2 -> 9.11.2-P1 (fixes CVE-2017-3145, CVE-2017-3143, CVE-2017-3141 & CVE-2017-3140)
For more details see [1].

[1] http://ftp.isc.org/isc/bind9/9.11.2-P1/RELEASE-NOTES-bind-9.11.2-P1.html
2018-01-17 02:29:13 +01:00
Dylan Simon
0f881aec23 bind: explicitly disable lmdb
Autodetected by default (so should be disabled) but avoid finding a
broken system version.
2017-12-21 15:07:22 -05:00
Gregor Kleen
a2e40f7254 nixpkgs/bind: use python3 2017-11-17 14:03:30 +01:00
Gregor Kleen
9826f5cc3c nixos/nsd: automatic DNSSEC using BIND toolset 2017-11-16 01:52:28 +01:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Franz Pletz
cfbac7bbad
bind: 9.11.1-P2 -> 9.11.2 for multiple CVEs
See: https://kb.isc.org/article/AA-01522

Fixes: CVE-2017-3140 CVE-2017-3141 CVE-2017-3142 CVE-2017-3143
2017-08-01 10:26:20 +02:00
Tim Steinbach
171c088754
bind: 9.10.5-P2 -> 9.11.1-P2 2017-06-30 13:52:04 -04:00
Peter Simons
c4430ba248 bind: update to version 9.10.5-P2 to fix CVE-2017-3142 and CVE-2017-3143 2017-06-29 22:15:01 +02:00
Franz Pletz
72c36db003
bind: 9.10.5 -> 9.10.5-P1 for CVE-2017-3140 2017-06-15 13:43:09 +02:00
Robin Gloster
b447f624c3
bind: 9.10.4-P6 -> 9.10.5 2017-05-20 14:24:57 +02:00
Franz Pletz
eb79649414
bind: disable seccomp by default
Fixes #25645 & #23431.
2017-05-09 18:19:38 +02:00
Nikolay Amiantov
f1e7a60b16
dnsutils: +sigchase support for dig
Fixes #10728, closes #22989.
The dnsutils output got ~60kiB bigger, and I see no extra runtime deps.
2017-02-19 12:13:05 +01:00
Franz Pletz
da5eaa3c21
bind: 9.10.4-P5 -> 9.10.4-P6 for CVE-2017-3135
See https://kb.isc.org/article/AA-01453.

cc #22549
2017-02-09 10:44:16 +01:00
Peter Simons
2fd0a9f3c7 bind: update to 9.10.4-P5 (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444, CVE-2016-9778) 2017-01-12 10:00:22 +01:00
Franz Pletz
e6708cea37
bind: fix collision of binaries in outputs
Using outputsToInstall the intended behaviour of including host and dnsutils
when bind is installed can be implemented instead of using symlinks to fix
installing all outputs individually with nix-env.

Fixes #19761.
2017-01-07 02:44:54 +01:00
Vladimír Čunát
f0b9ecfa01
bind: fixup more openssl.dev references 2016-12-08 19:10:19 +01:00
Peter Simons
0b180d1ca4 bind: update to 9.10.4-P4 to fix CVE-2016-8864 2016-11-01 22:16:26 +01:00
Tuomas Tynkkynen
b4d8f8b8e2 bind: Disable seccomp on non-x86
The list of permitted syscalls in the seccomp sandbox is only defined
for x86. It fails to build otherwise:

````
In file included from /tmp/nix-build-bind-9.10.4-P3.drv-0/bind-9.10.4-P3/lib/isc/include/isc/magic.h:23:0,
                 from /tmp/nix-build-bind-9.10.4-P3.drv-0/bind-9.10.4-P3/lib/isc/include/isc/app.h:89,
                 from ./main.c:26:
./main.c: In function 'setup_seccomp':
./main.c:848:17: error: 'scmp_syscalls' undeclared (first use in this function)
  INSIST((sizeof(scmp_syscalls) / sizeof(int)) ==
````
2016-10-16 23:37:48 +03:00
Franz Pletz
fa405aa264 bind: split out dnsutils & host binaries (#18903)
These tools are commonly used but don't require the other bind binaries.
Bind's libs are used, so they've also been split into an extra output.

The old version of host isn't maintained anymore and was removed From Debian
back in 2009: https://packages.qa.debian.org/h/host.html
2016-10-08 16:01:15 +02:00
Franz Pletz
96b1d15e0c
bind: enable seccomp on linux 2016-09-28 10:50:25 +02:00
Peter Simons
8aaf610d4d bind: cosmetic fix for Emacs' syntax highlighting 2016-09-27 19:30:21 +02:00
Peter Simons
7a5ff282aa bind: update to version 9.10.4-P3 to fix CVE-2016-2776 2016-09-27 19:29:51 +02:00
Tim Steinbach
dbbff67754 bind: 9.10.4 -> 9.10.4-P2 (#18880) 2016-09-24 01:55:00 +02:00
Tuomas Tynkkynen
048a30e4e4 treewide: Fix dev references to libxml2 2016-08-30 03:02:32 +03:00
Tuomas Tynkkynen
a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Vladimír Čunát
c4661e9643 Merge: make dev output references explicit
This is a rebase of most commits from #14766,
resolving conflicts and a few other evaluation problems.
2016-05-22 12:09:23 +02:00
Tuomas Tynkkynen
2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen
ff24ce23c9 bind: Fix references to openssl in *.la files
Avoids reference to the OpenSSL development headers.
2016-05-18 23:05:51 +03:00
Peter Simons
8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Tuomas Tynkkynen
0561e14c3b bind: Split into multiple outputs
A patch is needed to make bind not print its configure flags on
'named -V'.
2016-05-14 22:12:59 +03:00
Tuomas Tynkkynen
e460267737 bind: Attempt to fix Darwin OpenSSL linking
Issue #15279 reports:

````
Checking for OpenSSL library... using OpenSSL from /nix/store/c6kijfc5py2805lmqczvmcws5cm9jg1l-openssl-1.0.2g-dev/lib and /nix/store/c6kijfc5py2805lmqczvmcws5cm9jg1l-openssl-1.0.2g-dev/include
checking whether linking with OpenSSL works... no
configure: error: Could not run test program using OpenSSL from
/nix/store/c6kijfc5py2805lmqczvmcws5cm9jg1l-openssl-1.0.2g-dev/lib and /nix/store/c6kijfc5py2805lmqczvmcws5cm9jg1l-openssl-1.0.2g-dev/include.
Please check the argument to --with-openssl and your
shared library configuration (e.g., LD_LIBRARY_PATH).
builder for ‘/nix/store/54nni99j4ycwws6zfjwcvv8vxsdk895i-bind-9.10.4.drv’ failed with exit code 1
````
2016-05-13 23:31:30 +03:00
Alexander Ried
5be72c23ea bind: LibreSSL compatibility added upstream 2016-05-03 04:58:01 +02:00
Alexander Ried
19ce448380 bind: 9.10.3-P4 -> 9.10.4 2016-05-03 04:58:01 +02:00
Franz Pletz
404a699a20 bind: 9.10.3 -> 9.10.3-P4 (security)
Fixes:

  * CVE-2016-1285: https://kb.isc.org/article/AA-01352/
  * CVE-2016-1286: https://kb.isc.org/article/AA-01353/
2016-03-21 03:53:21 +01:00
Franz Pletz
0e07172c6d bind: Fix patching Makefile.in
There is no postPatchPhase.
2015-12-25 21:39:56 -05:00
Robin Gloster
bdfc4efd67 bind: add patch to build with libressl 2.3 2015-12-23 22:08:33 +00:00
William A. Kennington III
ecd90e61cc bind: 9.10.2-P4 -> 9.10.3 2015-09-17 14:12:38 -07:00
William A. Kennington III
21370fb150 bind: 9.10.2-P3 -> 9.10.2-P4 2015-09-02 21:49:43 -07:00
William A. Kennington III
3932ba7a54 bind: 9.10.2-P2 -> 9.10.2-P3 2015-07-29 10:36:45 -07:00
Pascal Wittmann
007e288912 bind: update from 9.10.2 to 9.10.2-P2, fixes CVE-2015-4620 2015-07-10 18:20:29 +02:00
Eelco Dolstra
ab8b68cd99 Revert "bind: Modify build"
This reverts commit 0a06b99d69.
2015-06-04 14:54:51 +02:00
Eelco Dolstra
676fbc2578 Revert "bind: Enable parallel building"
This reverts commit e74b5704a8.
2015-06-04 14:54:51 +02:00
Eelco Dolstra
4fdf489073 Revert "dnsutils: Add smaller derivation of bind"
This reverts commit bb6ac771c4.
2015-06-04 14:54:51 +02:00
Eelco Dolstra
0a4de71cb0 Revert "bind: Add propagatedBuildInputs"
This reverts commit 9f70b1ab31.
2015-06-04 14:54:51 +02:00
William A. Kennington III
9f70b1ab31 bind: Add propagatedBuildInputs 2015-05-24 15:01:21 -07:00
William A. Kennington III
bb6ac771c4 dnsutils: Add smaller derivation of bind 2015-05-23 22:26:23 -07:00
William A. Kennington III
e74b5704a8 bind: Enable parallel building 2015-05-23 20:07:51 -07:00
William A. Kennington III
0a06b99d69 bind: Modify build 2015-05-23 19:07:13 -07:00
koral
f1e615f6df bind: 9.9.5-W1 -> 9.10.2 + added rndc key 2015-03-01 20:02:09 +00:00
Bjørn Forsman
c9baba9212 Fix many package descriptions
(My OCD kicked in today...)

Remove repeated package names, capitalize first word, remove trailing
periods and move overlong descriptions to longDescription.

I also simplified some descriptions as well, when they were particularly
long or technical, often based on Arch Linux' package descriptions.

I've tried to stay away from generated expressions (and I think I
succeeded).

Some specifics worth mentioning:
 * cron, has "Vixie Cron" in its description. The "Vixie" part is not
   mentioned anywhere else. I kept it in a parenthesis at the end of the
   description.

 * ctags description started with "Exuberant Ctags ...", and the
   "exuberant" part is not mentioned elsewhere. Kept it in a parenthesis
   at the end of description.

 * nix has the description "The Nix Deployment System". Since that
   doesn't really say much what it is/does (especially after removing
   the package name!), I changed that to "Powerful package manager that
   makes package management reliable and reproducible" (borrowed from
   nixos.org).

 * Tons of "GNU Foo, Foo is a [the important bits]" descriptions
   is changed to just [the important bits]. If the package name doesn't
   contain GNU I don't think it's needed to say it in the description
   either.
2014-08-24 22:31:37 +02:00
Patrick Mahoney
b947cde3a5 bind: Expand to all unix platforms. 2014-08-04 15:09:07 -05:00
Peter Simons
b0c2354809 bind: update to version 9.9.5-W1 (fixes CVE-2013-6230 and CVE 2014-0591) 2014-03-03 13:10:05 +01:00
Peter Simons
6603ef3bf8 bind: update to version 9.9.4-P2 2014-01-14 15:55:24 +01:00
Peter Simons
516377c0b6 bind: update to 9.9.3-p2 to fix CVE-2013-4854 2013-07-28 13:50:11 +02:00
Peter Simons
2e618df532 bind: avoid build impurity by explicitly enabling/disabling features
The BIND configure script finds extra dependencies in /usr/include and /usr/lib,
and activates additional features if it does. This may cause the build to fail
on systems that cannot use a chroot environment. Actively disabling those
additional features prevents this issue from occurring.
2013-06-10 15:38:00 +02:00
Peter Simons
bfa846cd6e bind: update to 9.9.3-P1 to fix CVE-2013-3919 2013-06-07 13:27:12 +02:00
Peter Simons
e655ac24d2 bind: add meta.license attribute 2013-04-01 11:46:14 +02:00
Peter Simons
d95c79bad7 bind: update to version 9.9.2-P2 to fix CVE 2010-4051 /2010-4052 2013-04-01 11:46:13 +02:00
Michael Raskin
8eec7bf2f6 Updating BIND to freshest version 9.9.2 2012-10-17 16:27:38 +04:00
Eelco Dolstra
3cf0b00b5a bind: Update to 9.7.6-P3
Fixes CVE-2012-4244.
2012-10-02 11:48:54 -04:00
Eelco Dolstra
36667965f9 * Updated bind to 9.7.6-P1, which includes a fix for CVE-2012-1667.
svn path=/nixpkgs/trunk/; revision=34370
2012-06-06 15:51:48 +00:00
Lluís Batlle i Rossell
8dc9474e4d Making bind use /var/run/named instead of $out/var/run/named for the runtime temporary files.
svn path=/nixpkgs/trunk/; revision=25509
2011-01-11 22:08:43 +00:00
Lluís Batlle i Rossell
a9345a51c5 Updating bind
svn path=/nixpkgs/trunk/; revision=25457
2011-01-07 11:33:04 +00:00
Eelco Dolstra
7f5b839524 * Removed selectVersion. There's no good reason to write
`selectVersion ./foo "bar"' instead of `import ./foo/bar.nix'.
* Replaced `with args' with formal function arguments in several
  packages.
* Renamed several files to `default.nix'.  As a general rule, version
  numbers should only be included in the filename when there is a
  reason to keep multiple versions of a package in Nixpkgs.
  Otherwise, it just makes it harder to update the package.

svn path=/nixpkgs/trunk/; revision=18403
2009-11-18 09:39:59 +00:00
Michael Raskin
3d7f5dd7d6 Added BIND
svn path=/nixpkgs/trunk/; revision=12064
2008-06-12 18:10:08 +00:00