Package: guix-patches;
Reported by: Leo Famulari <leo <at> famulari.name>
Date: Wed, 8 Dec 2021 19:58:02 UTC
Severity: normal
Done: Tobias Geerinckx-Rice <me <at> tobias.gr>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 52377 in the body.
You can then email your comments to 52377 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#52377; Package guix-patches.
(Wed, 08 Dec 2021 19:58:02 GMT) Full text and rfc822 format available.Leo Famulari <leo <at> famulari.name>:guix-patches <at> gnu.org.
(Wed, 08 Dec 2021 19:58:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: guix-patches <at> gnu.org Subject: [security]: Update BIND DNS Date: Wed, 8 Dec 2021 14:56:53 -0500
[Message part 1 (text/plain, inline)]
The following two patches update the BIND 9 DNS package, as well as the bundled BIND in isc-dhcp. Please test them on your Guix Systems.
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#52377; Package guix-patches.
(Wed, 08 Dec 2021 20:04:01 GMT) Full text and rfc822 format available.Message #8 received at 52377 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name>
To: 52377 <at> debbugs.gnu.org
Subject: [security 1/2] gnu: BIND: Update to 9.16.23 [fixes CVE-2021-{25218,
25219}].
Date: Wed, 8 Dec 2021 15:03:25 -0500
* gnu/packages/dns.scm (isc-bind): Update to 9.16.23.
---
gnu/packages/dns.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index 0c2e037b4f..dbd67125d0 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -373,7 +373,7 @@ (define-public isc-bind
;; When updating, check whether isc-dhcp's bundled copy should be as well.
;; The BIND release notes are available here:
;; https://www.isc.org/bind/
- (version "9.16.16")
+ (version "9.16.23")
(source (origin
(method url-fetch)
(uri (string-append
@@ -381,7 +381,7 @@ (define-public isc-bind
"/bind-" version ".tar.xz"))
(sha256
(base32
- "0yqxfq7qc26x7qhk0nkp8h7x9jggzaafm712bvfffy7qml13k4bc"))))
+ "0g0pxzhzcz6nzkiab4cs9sgbjdzqgy44aa477v7akdlwm8kmxnyy"))))
(build-system gnu-build-system)
(outputs `("out" "utils"))
(inputs
--
2.34.0
guix-patches <at> gnu.org:bug#52377; Package guix-patches.
(Wed, 08 Dec 2021 20:04:02 GMT) Full text and rfc822 format available.Message #11 received at 52377 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: 52377 <at> debbugs.gnu.org Subject: [security 2/2] gnu: isc-dhcp: Update bundled BIND to 9.11.36 [fixes CVE-2021-25219]. Date: Wed, 8 Dec 2021 15:03:26 -0500
* gnu/packages/admin.scm (isc-dhcp)[inputs]: Update bundled BIND to 9.11.36.
---
gnu/packages/admin.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 8e55d980e0..ce12c01582 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -1152,7 +1152,7 @@ (define-public alive
(define-public isc-dhcp
(let* ((bind-major-version "9")
(bind-minor-version "11")
- (bind-patch-version "32")
+ (bind-patch-version "36")
(bind-release-type "") ; for patch release, use "-P"
(bind-release-version "") ; for patch release, e.g. "6"
(bind-version (string-append bind-major-version
@@ -1312,7 +1312,7 @@ (define-public isc-dhcp
"/bind-" bind-version ".tar.gz"))
(sha256
(base32
- "0hhkb4d14hvly2751cxl2s2xyim3bri8qaisgkcm456xfi5wpy6b"))))
+ "108nh7hha4r0lb5hf1fn7lqaascvhsrghpz6afm5lf9vf2vgqly9"))))
("coreutils*" ,coreutils)
("sed*" ,sed)))
--
2.34.0
guix-patches <at> gnu.org:bug#52377; Package guix-patches.
(Wed, 08 Dec 2021 20:13:02 GMT) Full text and rfc822 format available.Message #14 received at 52377 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name>
To: 52377 <at> debbugs.gnu.org
Subject: Re: [security 1/2] gnu: BIND: Update to 9.16.23 [fixes
CVE-2021-{25218, 25219}].
Date: Wed, 8 Dec 2021 15:12:20 -0500
On Wed, Dec 08, 2021 at 03:03:25PM -0500, Leo Famulari wrote:
> * gnu/packages/dns.scm (isc-bind): Update to 9.16.23.
This actually fails its test suite, like this:
------
starting phase `check'
for fuzzer in dns_name_fromtext_target dns_rdata_fromwire_text; do \
./${fuzzer} ; \
done
testing 12 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_name_fromtext_target.in/example.com
mem.c:873: fatal error: RUNTIME_CHECK(((pthread_mutex_lock(((&contextslock))) == 0) ? 0 : 34) == 0) failed
/gnu/store/pwcp239kjf7lnj5i4lkdzcfcxwcfyk72-bash-minimal-5.0.16/bin/bash: line 1: 13086 Aborted ./${fuzzer}
testing 39 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/svcb
testing 6 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/sshfp
testing 6 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/smimea
testing 9 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-99
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-98
testing 17 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-97
testing 11 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-96
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-95
testing 23 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-94
testing 48 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-93
testing 74 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-92
testing 42 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-91
testing 74 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-90
testing 52 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-9
testing 63 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-89
testing 36 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-88
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-87
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-86
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-85
testing 9 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-84
testing 15 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-83
testing 12 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-82
testing 11 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-81
testing 11 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-80
testing 67 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-8
testing 9 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-79
testing 12 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-78
testing 8 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-77
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-76
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-75
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-74
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-73
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-72
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-71
testing 27 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-70
testing 9 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-7
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-69
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-68
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-67
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-66
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-65
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-64
testing 23 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-63
testing 28 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-62
testing 29 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-61
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-60
testing 5 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-6
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-59
testing 38 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-58
testing 49 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-57
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-56
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-55
testing 83 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-54
testing 7 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-53
testing 6 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-52
testing 12 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-51
testing 18 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-50
testing 5 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-5
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-49
testing 54 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-48
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-47
testing 23 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-46
testing 38 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-45
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-44
testing 30 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-43
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-42
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-41
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-40
testing 5 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-4
testing 22 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-39
testing 66 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-38
testing 66 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-37
testing 10 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-36
testing 12 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-35
testing 7 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-34
testing 11 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-33
testing 9 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-32
testing 37 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-31
testing 33 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-30
testing 72 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-3
testing 8 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-29
testing 8 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-28
testing 7 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-27
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-26
testing 15 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-25
testing 8 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-24
testing 12 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-23
testing 19 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-22
testing 75 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-21
testing 151 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-20
testing 5 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-2
testing 22 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-19
testing 23 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-18
testing 38 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-17
testing 5 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-16
testing 7 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-15
testing 7 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-143
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-142
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-141
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-140
testing 38 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-14
testing 51 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-139
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-138
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-137
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-136
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-135
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-134
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-133
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-132
testing 51 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-131
testing 60 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-130
testing 30 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-13
testing 26 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-129
testing 56 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-128
testing 48 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-127
testing 50 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-126
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-125
testing 65 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-124
testing 25 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-123
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-122
testing 110 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-121
testing 126 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-120
testing 8 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-12
testing 57 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-119
testing 115 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-118
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-117
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-116
testing 57 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-115
testing 57 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-114
testing 93 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-113
testing 69 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-112
testing 84 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-111
testing 71 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-110
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-11
testing 68 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-109
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-108
testing 31 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-107
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-106
testing 22 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-105
testing 21 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-104
testing 44 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-103
testing 26 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-102
testing 25 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-101
testing 12 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-100
testing 77 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-10
testing 7 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-1
testing 15 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/input-0
testing 20 bytes from /tmp/guix-build-bind-9.16.23.drv-0/bind-9.16.23/fuzz/dns_rdata_fromwire_text.in/cdnskey
mem.c:873: fatal error: RUNTIME_CHECK(((pthread_mutex_lock(((&contextslock))) == 0) ? 0 : 34) == 0) failed
/gnu/store/pwcp239kjf7lnj5i4lkdzcfcxwcfyk72-bash-minimal-5.0.16/bin/bash: line 1: 13087 Aborted ./${fuzzer}
make: *** [Makefile:460: check] Error 134
command "make" "check" failed with status 2
builder for `/gnu/store/a622a1zbzsa3n7jl6igw09d3sd743b2l-bind-9.16.23.drv' failed with exit code 1
build of /gnu/store/a622a1zbzsa3n7jl6igw09d3sd743b2l-bind-9.16.23.drv failed
View build log at '/var/log/guix/drvs/a6/22a1zbzsa3n7jl6igw09d3sd743b2l-bind-9.16.23.drv.bz2'.
guix build: error: build of `/gnu/store/a622a1zbzsa3n7jl6igw09d3sd743b2l-bind-9.16.23.drv' failed
------
guix-patches <at> gnu.org:bug#52377; Package guix-patches.
(Wed, 08 Dec 2021 20:36:02 GMT) Full text and rfc822 format available.Message #17 received at 52377 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name>
To: 52377 <at> debbugs.gnu.org
Subject: Re: [security 1/2] gnu: BIND: Update to 9.16.23 [fixes
CVE-2021-{25218, 25219}].
Date: Wed, 8 Dec 2021 15:35:44 -0500
On Wed, Dec 08, 2021 at 03:12:20PM -0500, Leo Famulari wrote: > On Wed, Dec 08, 2021 at 03:03:25PM -0500, Leo Famulari wrote: > > * gnu/packages/dns.scm (isc-bind): Update to 9.16.23. > > This actually fails its test suite, like this: This failure appears in 9.16.17. So, there is not even an intermediate upgrade of this package that we can deploy.
guix-patches <at> gnu.org:bug#52377; Package guix-patches.
(Thu, 09 Dec 2021 00:38:02 GMT) Full text and rfc822 format available.Message #20 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: Leo Famulari <leo <at> famulari.name>
Cc: 52377-done <at> debbugs.gnu.org, guix-patches <at> gnu.org
Subject: Re: [bug#52377] [security 1/2] gnu: BIND: Update to 9.16.23 [fixes
CVE-2021-{25218, 25219}].
Date: Thu, 09 Dec 2021 01:29:17 +0100
[Message part 1 (text/plain, inline)]
Leo, Leo Famulari 写道: > * gnu/packages/dns.scm (isc-bind): Update to 9.16.23. Thanks! I updated BIND to 9.16.23 in commit 4ca0e9d5f77ec309a5a8a7eba3d97fd3bb4852d5, which reverts the upstream commit that caused this new test failure. I had to tediously bisect this; I never would've guessed it was to blame. The patch won't keep forever. Bug reports to ISC seem to require a GitLab account. Can't say I'm in a terrible rush to create yet another one. Do you have one? Maybe this problem will just go away with a newer GCC. We can hope… I went ahead and pushed your matching isc-dhcp patch. I wouldn't normally do this to people with commit access but it seemed justified. Kind regards, T G-R
[signature.asc (application/pgp-signature, inline)]
Tobias Geerinckx-Rice <me <at> tobias.gr>:Leo Famulari <leo <at> famulari.name>:guix-patches <at> gnu.org:bug#52377; Package guix-patches.
(Thu, 09 Dec 2021 04:16:02 GMT) Full text and rfc822 format available.Message #28 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name>
To: Tobias Geerinckx-Rice <me <at> tobias.gr>
Cc: 52377-done <at> debbugs.gnu.org, guix-patches <at> gnu.org
Subject: Re: [bug#52377] [security 1/2] gnu: BIND: Update to 9.16.23 [fixes
CVE-2021-{25218, 25219}].
Date: Wed, 8 Dec 2021 23:14:59 -0500
[Message part 1 (text/plain, inline)]
On Thu, Dec 09, 2021 at 01:29:17AM +0100, Tobias Geerinckx-Rice wrote: > I updated BIND to 9.16.23 in commit > 4ca0e9d5f77ec309a5a8a7eba3d97fd3bb4852d5, which reverts the upstream commit > that caused this new test failure. I had to tediously bisect this; I never > would've guessed it was to blame. Thanks for doing this work. You said it was tedious, but I'm curious if you have some scripts for bisecting Guix packages through upstream Git history? > The patch won't keep forever. Bug reports to ISC seem to require a GitLab > account. Can't say I'm in a terrible rush to create yet another one. Do > you have one? I probably can't look at this until next week (vacation). > Maybe this problem will just go away with a newer GCC. We can hope… It's worth a try. > I went ahead and pushed your matching isc-dhcp patch. I wouldn't normally > do this to people with commit access but it seemed justified. I'm happy you did it!
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#52377; Package guix-patches.
(Thu, 09 Dec 2021 04:16:03 GMT) Full text and rfc822 format available.Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Thu, 06 Jan 2022 12:24:07 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.