retitle 681448 unblock: nsd3/3.2.12-1 thank you Hi Niels, > Hi, > > The changes sums up to: > > 79 files changed, 2907 insertions(+), 2130 deletions(-) > > > Which is way more than I can sanely review. Can you generate a manual > debdiff where you filter out the auto-generated files (e.g. > configlexer.c)? That might give a better view of what is happening. This should be much better: 27 files changed, 399 insertions(+), 86 deletions(-) Attached are patches between nsd-3.2.10 and nsd-3.2.12, manually sieved and merged from svn, each change a patch. = CVE-2012-2978.patch = ; Already included in security update query.c | 3 +++ 1 file changed, 3 insertions(+) = dane-protocol-support-TLSA-record.patch = ; Adds new RR type dns.c | 7 ++++++- dns.h | 1 + zparser.y | 13 ++++++++++++- 3 files changed, 19 insertions(+), 2 deletions(-) = minor-changes.patch = ; Miscelaneous small fixes answer.c | 3 ++- difffile.c | 6 ++++-- iterated_hash.c | 2 ++ server.c | 4 ++-- 4 files changed, 10 insertions(+), 5 deletions(-) = enable-dname-compression-again.patch = ; This re-enables old (correct) behaviour for name compression query.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) = fallback-to-axfr.patch = ; Fallback to AXFR if IXFR fails xfrd.c | 11 +++++++++++ 1 file changed, 11 insertions(+) = fd-not-minus-one.patch = ; Various fixes for file descriptor fixes (basically unifying them to (fd != -1)) ipc.c | 6 +++--- netio.c | 4 ++-- server.c | 20 ++++++++++---------- 3 files changed, 15 insertions(+), 15 deletions(-) = fix-for-OpenBSD-accept-spinning.patch = ; OpenBSD related, not applies to us netio.c | 27 ++++++++++++++++++++++++++- netio.h | 5 ++++- server.c | 24 ++++++++++++++++++++---- 3 files changed, 50 insertions(+), 6 deletions(-) = new-dnssec-alg.patch = ; New DNSSEC algorithm mnemonics (ECDSA) rdata.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) = updated-axfr-and-edns0bis-support.patch = ; Update NSD behaviour to match bis RFCs axfr.c | 9 +++++++-- query.c | 5 +++-- 2 files changed, 10 insertions(+), 4 deletions(-) = zone-statistics.patch = ; Add Bind 8 style per zone statistics ; Note that this is just changes in the code and Debian build doesn't ; enable this new configuration option in 3.2.11/3.2.12 build Makefile.in | 2 + configlexer.lex | 1 configparser.y | 12 ++++++- configure.ac | 43 ++++++++++++++++++++++----- namedb.h | 6 +++ nsd-checkconf.c | 15 +++++++++ nsd.c | 84 +++++++++++++++++++++++++++++++++++++++++++++++++++++ nsd.conf.5.in | 3 + nsd.conf.sample.in | 3 + nsd.h | 43 +++++++++++++-------------- options.c | 5 +++ options.h | 1 query.c | 6 +++ server.c | 60 ++++++++++++++++++++++++++++++++++--- util.h | 20 ++++++++++++ 15 files changed, 267 insertions(+), 37 deletions(-) Thank you for considering this, -- Ondřej Surý <ondrej@sury.org>
Attachment:
CVE-2012-2978.patch
Description: Binary data
Attachment:
dane-protocol-support-TLSA-record.patch
Description: Binary data
Attachment:
enable-dname-compression-again.patch
Description: Binary data
Attachment:
fallback-to-axfr.patch
Description: Binary data
Attachment:
fd-not-minus-one.patch
Description: Binary data
Attachment:
fix-for-OpenBSD-accept-spinning.patch
Description: Binary data
Attachment:
new-dnssec-alg.patch
Description: Binary data
Attachment:
updated-axfr-and-edns0bis-support.patch
Description: Binary data
Attachment:
zone-statistics.patch
Description: Binary data
Attachment:
minor-changes.patch
Description: Binary data