source: projects/specs/branches/6/d/dnsmasq/dnsmasq-vl.spec @ 11195

Revision 11195, 8.7 KB checked in by iwamoto, 6 years ago (diff)

dnsmasq: add patch CVE-2017-14491

Line 
1Name:           dnsmasq
2Version:        2.45
3Release:        3%{?_dist_release}
4Summary:        A lightweight DHCP/caching DNS server
5Summary(ja):    軽量 DHCP/DNSキャッシュサーバ
6
7Group:          System Environment/Daemons
8License:        GPLv2 or GPLv3
9URL:            http://www.thekelleys.org.uk/dnsmasq/
10Source0:        http://www.thekelleys.org.uk/dnsmasq/%{name}-%{version}.tar.gz
11Patch0:         %{name}-2.33-initscript.patch
12Patch1:         %{name}-configuration.patch
13Patch100:       dnsmasq-2.45_CVE-2017-14491.patch
14
15BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
16
17BuildRequires:  dbus-devel
18BuildRequires:  pkgconfig
19
20Requires(post):  /sbin/chkconfig
21Requires(post):  /sbin/service
22Requires(post):  /bin/sed /bin/grep
23Requires(preun): /sbin/chkconfig
24Requires(preun): /sbin/service
25
26Vendor: Project Vine
27Distribution: Vine Linux
28
29%description
30Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server.
31It is designed to provide DNS and, optionally, DHCP, to a small network.
32It can serve the names of local machines which are not in the global
33DNS. The DHCP server integrates with the DNS server and allows machines
34with DHCP-allocated addresses to appear in the DNS with names configured
35either in each host or in a central configuration file. Dnsmasq supports
36static and dynamic DHCP leases and BOOTP for network booting of diskless
37machines.
38
39
40%prep
41%setup -q -n %{name}-%{version}
42%patch0 -p1
43%patch1 -p1
44
45%patch100 -p1 -b .CVE-2017-14491
46
47%build
48make %{?_smp_mflags}
49
50
51%install
52rm -rf $RPM_BUILD_ROOT
53# normally i'd do 'make install'...it's a bit messy, though
54mkdir -p $RPM_BUILD_ROOT%{_sbindir} $RPM_BUILD_ROOT%{_initrddir} \
55        $RPM_BUILD_ROOT%{_mandir}/man8 \
56        $RPM_BUILD_ROOT%{_var}/lib/dnsmasq \
57        $RPM_BUILD_ROOT%{_sysconfdir}/dnsmasq.d \
58        $RPM_BUILD_ROOT%{_sysconfdir}/dbus-1/system.d
59install src/dnsmasq $RPM_BUILD_ROOT%{_sbindir}/dnsmasq
60install dnsmasq.conf.example $RPM_BUILD_ROOT%{_sysconfdir}/dnsmasq.conf
61install dbus/dnsmasq.conf $RPM_BUILD_ROOT%{_sysconfdir}/dbus-1/system.d/
62install rpm/dnsmasq.init $RPM_BUILD_ROOT%{_initrddir}/dnsmasq
63install -m 644 man/dnsmasq.8 $RPM_BUILD_ROOT%{_mandir}/man8/
64
65%clean
66rm -rf $RPM_BUILD_ROOT
67
68%post
69if [ "$1" = "2" ]; then # if we're being upgraded
70    # if using the old leases location, move the file to the new one
71    # but only if we're not clobbering another file
72    #
73    if [ -f /var/lib/misc/dnsmasq.leases -a ! -f /var/lib/dnsmasq/dnsmasq.leases ]; then
74        # causes rpmlint to report dangerous-command-in-post,
75        # but that's the price of selinux compliance :-(
76        mv -f /var/lib/misc/dnsmasq.leases /var/lib/dnsmasq/dnsmasq.leases || :
77    fi
78    # ugly, but kind of necessary
79    if [ ! `grep -q dhcp-leasefile=/var/lib/misc/dnsmasq.leases %{_sysconfdir}/dnsmasq.conf` ]; then
80        cp %{_sysconfdir}/dnsmasq.conf %{_sysconfdir}/dnsmasq.conf.tmp || :
81        sed -e 's/var\/lib\/misc/var\/lib\/dnsmasq/' < %{_sysconfdir}/dnsmasq.conf.tmp > %{_sysconfdir}/dnsmasq.conf || :
82        rm -f %{_sysconfdir}/dnsmasq.conf.tmp || :
83    fi
84    /sbin/service dnsmasq condrestart >/dev/null 2>&1 || :
85else # if we're being installed
86    /sbin/chkconfig --add dnsmasq
87fi
88
89%preun
90if [ "$1" = "0" ]; then     # execute this only if we are NOT doing an upgrade
91    /sbin/service dnsmasq stop >/dev/null 2>&1 || :
92    /sbin/chkconfig --del dnsmasq
93fi
94
95
96%files
97%defattr(-,root,root,-)
98%doc CHANGELOG COPYING FAQ doc.html setup.html dbus/DBus-interface
99%config(noreplace) %attr(644,root,root) %{_sysconfdir}/dnsmasq.conf
100%dir /etc/dnsmasq.d
101%dir %{_var}/lib/dnsmasq
102%config(noreplace) %attr(644,root,root) %{_sysconfdir}/dbus-1/system.d/dnsmasq.conf
103%{_initrddir}/dnsmasq
104%{_sbindir}/dnsmasq
105%{_mandir}/man8/dnsmasq*
106
107
108%changelog
109* Tue Oct  3 2017 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.45-3
110- add patch100 for fix CVE-2017-14491
111- add Vendor/Distri tags
112
113* Sun Apr 17 2011 Shu KONNO <owa@bg.wakwak.com> 2.45-2
114- rebuilt with rpm-4.8.1-3
115
116* Thu Jul 31 2008 Daisuke SUZUKI <daisuke@linux.or.jp> 2.45-1
117- initial build for Vine Linux
118
119* Mon Jul 21 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.45-1
120- Upstream release (bugfixes)
121
122* Wed Jul 16 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.43-2
123- New upstream release, contains fixes for CVE-2008-1447/CERT VU#800113
124- Dropped patch for newer glibc (merged upstream)
125
126* Wed Feb 13 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.8
127- Added upstream-authored patch for newer glibc (thanks Simon!)
128
129* Wed Feb 13 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.7
130- New upstream release
131
132* Wed Jan 30 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.6.rc1
133- Release candidate
134- Happy Birthday Isaac!
135
136* Wed Jan 23 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.5.test30
137- Bugfix update
138
139* Mon Dec 31 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.4.test26
140- Bugfix/feature enhancement update
141
142* Thu Dec 13 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.3.test24
143- Upstream fix for fairly serious regression
144
145* Tue Dec 04 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.2.test20
146- New upstream test release
147- Moving dnsmasq.leases to /var/lib/dnsmasq/ as per BZ#407901
148- Ignoring dangerous-command-in-%%post rpmlint warning (as per above fix)
149- Patch consolidation/cleanup
150- Removed conditionals for Fedora <= 3 and Aurora 2.0
151
152* Tue Sep 18 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.40-1
153- Finalized upstream release
154- Removing URLs from patch lines (CVS is the authoritative source)
155- Added more magic to make spinning rc/test packages more seamless
156
157* Sun Aug 26 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.40-0.1.rc2
158- New upstream release candidate (feature-frozen), thanks Simon!
159- License clarification
160
161* Tue May 29 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.39-1
162- New upstream version (bugfixes, enhancements)
163
164* Mon Feb 12 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.38-1
165- New upstream version with bugfix for potential hang
166
167* Tue Feb 06 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.37-1
168- New upstream version
169
170* Wed Jan 24 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.36-1
171- New upstream version
172
173* Mon Nov 06 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.35-2
174- Stop creating /etc/sysconfig on %%install
175- Create /etc/dnsmasq.d on %%install
176
177* Mon Nov 06 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.35-1
178- Update to 2.35
179- Removed UPGRADING_to_2.0 from %%doc as per upstream change
180- Enabled conf-dir in default config as per RFE BZ#214220 (thanks Chris!)
181- Added %%dir /etc/dnsmasq.d to %%files as per above RFE
182
183* Tue Oct 24 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.34-2
184- Fixed BZ#212005
185- Moved %%postun scriptlet to %%post, where it made more sense
186- Render scriptlets safer
187- Minor cleanup for consistency
188
189* Thu Oct 19 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.34-1
190- Hardcoded version in patches, as I'm getting tired of updating them
191- Update to 2.34
192
193* Mon Aug 28 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.33-2
194- Rebuild for FC6
195
196* Tue Aug 15 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.33-1
197- Update
198
199* Sat Jul 22 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.32-3
200- Added pkgconfig BuildReq due to reduced buildroot
201
202* Thu Jul 20 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.32-2
203- Forced update due to dbus version bump
204
205* Mon Jun 12 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.32-1
206- Update from upstream
207- Patch from Dennis Gilmore fixed the conditionals to detect Aurora Linux
208
209* Mon May  8 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.31-1
210- Removed dbus config patch (now provided upstream)
211- Patched in init script (no longer provided upstream)
212- Added DBus-interface to docs
213
214* Tue May  2 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-4.2
215- More upstream-recommended cleanups :)
216- Killed sysconfig file (provides unneeded functionality)
217- Tweaked init script a little more
218
219* Tue May  2 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-4
220- Moved options out of init script and into /etc/sysconfig/dnsmasq
221- Disabled DHCP_LEASE in sysconfig file, fixing bug #190379
222- Simon Kelley provided dbus/dnsmasq.conf, soon to be part of the tarball
223
224* Thu Apr 27 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-3
225- Un-enabled HAVE_ISC_READER, a hack to enable a deprecated feature (request)
226- Split initscript & enable-dbus patches, conditionalized dbus for FC3
227- Tweaked name field in changelog entries (trying to be consistent)
228
229* Mon Apr 24 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-2
230- Disabled stripping of binary while installing (oops)
231- Enabled HAVE_ISC_READER/HAVE_DBUS via patch
232- Added BuildReq for dbus-devel
233
234* Mon Apr 24 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-1
235- Initial Fedora Extras RPM
Note: See TracBrowser for help on using the repository browser.