synchronize a patch from SP1 to remove default buildin key
This commit is contained in:
eaglegai
parent
bb40067735
commit
ec2071d644
42
unbound-remove-buildin-key.patch
Normal file
42
unbound-remove-buildin-key.patch
Normal file
@ -0,0 +1,42 @@
|
||||
From bd895d2d82990bfe059acfb0e078bb8d44207287 Mon Sep 17 00:00:00 2001
|
||||
From: hanzhijun <hanzhijun1@huawei.com>
|
||||
Date: Fri, 19 Feb 2021 16:20:53 +0800
|
||||
Subject: [PATCH] remove buildin key
|
||||
|
||||
---
|
||||
smallapp/unbound-anchor.c | 19 -------------------
|
||||
1 file changed, 19 deletions(-)
|
||||
|
||||
diff --git a/smallapp/unbound-anchor.c b/smallapp/unbound-anchor.c
|
||||
index b8bd1b8..4c8f404 100644
|
||||
--- a/smallapp/unbound-anchor.c
|
||||
+++ b/smallapp/unbound-anchor.c
|
||||
@@ -215,25 +215,6 @@ get_builtin_cert(void)
|
||||
return
|
||||
/* The ICANN CA fetched at 24 Sep 2010. Valid to 2028 */
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
-"MIIDdzCCAl+gAwIBAgIBATANBgkqhkiG9w0BAQsFADBdMQ4wDAYDVQQKEwVJQ0FO\n"
|
||||
-"TjEmMCQGA1UECxMdSUNBTk4gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFjAUBgNV\n"
|
||||
-"BAMTDUlDQU5OIFJvb3QgQ0ExCzAJBgNVBAYTAlVTMB4XDTA5MTIyMzA0MTkxMloX\n"
|
||||
-"DTI5MTIxODA0MTkxMlowXTEOMAwGA1UEChMFSUNBTk4xJjAkBgNVBAsTHUlDQU5O\n"
|
||||
-"IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRYwFAYDVQQDEw1JQ0FOTiBSb290IENB\n"
|
||||
-"MQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKDb\n"
|
||||
-"cLhPNNqc1NB+u+oVvOnJESofYS9qub0/PXagmgr37pNublVThIzyLPGCJ8gPms9S\n"
|
||||
-"G1TaKNIsMI7d+5IgMy3WyPEOECGIcfqEIktdR1YWfJufXcMReZwU4v/AdKzdOdfg\n"
|
||||
-"ONiwc6r70duEr1IiqPbVm5T05l1e6D+HkAvHGnf1LtOPGs4CHQdpIUcy2kauAEy2\n"
|
||||
-"paKcOcHASvbTHK7TbbvHGPB+7faAztABLoneErruEcumetcNfPMIjXKdv1V1E3C7\n"
|
||||
-"MSJKy+jAqqQJqjZoQGB0necZgUMiUv7JK1IPQRM2CXJllcyJrm9WFxY0c1KjBO29\n"
|
||||
-"iIKK69fcglKcBuFShUECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B\n"
|
||||
-"Af8EBAMCAf4wHQYDVR0OBBYEFLpS6UmDJIZSL8eZzfyNa2kITcBQMA0GCSqGSIb3\n"
|
||||
-"DQEBCwUAA4IBAQAP8emCogqHny2UYFqywEuhLys7R9UKmYY4suzGO4nkbgfPFMfH\n"
|
||||
-"6M+Zj6owwxlwueZt1j/IaCayoKU3QsrYYoDRolpILh+FPwx7wseUEV8ZKpWsoDoD\n"
|
||||
-"2JFbLg2cfB8u/OlE4RYmcxxFSmXBg0yQ8/IoQt/bxOcEEhhiQ168H2yE5rxJMt9h\n"
|
||||
-"15nu5JBSewrCkYqYYmaxyOC3WrVGfHZxVI7MpIFcGdvSb2a1uyuua8l0BKgk3ujF\n"
|
||||
-"0/wsHNeP22qNyVO+XVBzrM8fk8BSUFuiT/6tZTYXRtEt5aKQZgXbKU5dUF3jT9qg\n"
|
||||
-"j/Br5BZw3X/zd325TvnswzMC1+ljLzHnQGGk\n"
|
||||
"-----END CERTIFICATE-----\n"
|
||||
;
|
||||
}
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: unbound
|
||||
Version: 1.11.0
|
||||
Release: 10
|
||||
Release: 11
|
||||
Summary: Unbound is a validating, recursive, caching DNS resolver
|
||||
License: BSD
|
||||
Url: https://nlnetlabs.nl/projects/unbound/about/
|
||||
@ -29,6 +29,7 @@ Patch4: backport-0001-CVE-2022-30698-and-CVE-2022-30699.patch
|
||||
Patch5: backport-0002-CVE-2022-30698-and-CVE-2022-30699.patch
|
||||
Patch6: backport-CVE-2022-3204.patch
|
||||
Patch7: backport-CVE-2023-50387_CVE-2023-50868.patch
|
||||
Patch8: unbound-remove-buildin-key.patch
|
||||
|
||||
BuildRequires: make flex swig pkgconfig systemd python-unversioned-command
|
||||
BuildRequires: libevent-devel expat-devel openssl-devel python3-devel
|
||||
@ -231,6 +232,12 @@ popd
|
||||
%{_mandir}/man*
|
||||
|
||||
%changelog
|
||||
* Fri Mar 01 2024 gaihuiying <eaglegai@163.com> - 1.11.0-11
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
- SUG:NA
|
||||
- DESC:synchronize a patch from SP1 to remove default buildin key
|
||||
|
||||
* Tue Feb 27 2024 gaihuiying <eaglegai@163.com> - 1.11.0-10
|
||||
- Type:cves
|
||||
- CVE:CVE-2024-1488
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user