diff options
| author | Vladimír Čunát <v@cunat.cz> | 2019-07-10 16:52:57 +0200 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2019-07-10 17:42:37 +0200 |
| commit | f15625a6c03bb056945d6ca18b292c95adf109a1 (patch) | |
| tree | 31dcd2f1c28034eedf128d7b4aab756ebf30dabe /pkgs/servers/dns/knot-resolver/default.nix | |
| parent | 9efdd2e43477aa4b7e8b6d8da62e351125964991 (diff) | |
| download | nixpkgs-f15625a6c03bb056945d6ca18b292c95adf109a1.tar nixpkgs-f15625a6c03bb056945d6ca18b292c95adf109a1.tar.gz nixpkgs-f15625a6c03bb056945d6ca18b292c95adf109a1.tar.bz2 nixpkgs-f15625a6c03bb056945d6ca18b292c95adf109a1.tar.lz nixpkgs-f15625a6c03bb056945d6ca18b292c95adf109a1.tar.xz nixpkgs-f15625a6c03bb056945d6ca18b292c95adf109a1.tar.zst nixpkgs-f15625a6c03bb056945d6ca18b292c95adf109a1.zip | |
knot-resolver: 4.0.0 -> 4.1.0 (security)
https://lists.nic.cz/pipermail/knot-resolver-users/2019/000189.html Fixes DNS spoofing problems: CVE-2019-10190 CVE-2019-10191 but also minor things, adds new features, etc. In particular aarch64 should work now, at least as long as not using some lua library that suffers from the same problem with lightuserdata, e.g. cqueues does suffer from this.
Diffstat (limited to 'pkgs/servers/dns/knot-resolver/default.nix')
| -rw-r--r-- | pkgs/servers/dns/knot-resolver/default.nix | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/pkgs/servers/dns/knot-resolver/default.nix b/pkgs/servers/dns/knot-resolver/default.nix index 8d9e2d7a5b9..deb2c21aeba 100644 --- a/pkgs/servers/dns/knot-resolver/default.nix +++ b/pkgs/servers/dns/knot-resolver/default.nix @@ -23,11 +23,11 @@ exportLuaPathsFor = luaPkgs: '' unwrapped = stdenv.mkDerivation rec { name = "knot-resolver-${version}"; - version = "4.0.0"; + version = "4.1.0"; src = fetchurl { url = "https://secure.nic.cz/files/knot-resolver/${name}.tar.xz"; - sha256 = "37161d931e64535ce38c33b9635f06a43cd1541945bf2c79a55e37f230de1631"; + sha256 = "2fe470f9bb1007667cdd448f758087244b7195a0234c2b100a9beeed0a2d3e68"; }; outputs = [ "out" "dev" ]; @@ -61,7 +61,8 @@ unwrapped = stdenv.mkDerivation rec { rm "$out"/lib/libkres.a ''; - doInstallCheck = stdenv.hostPlatform == stdenv.buildPlatform; + # aarch64: see https://github.com/wahern/cqueues/issues/223 + doInstallCheck = with stdenv; hostPlatform == buildPlatform && !hostPlatform.isAarch64; installCheckInputs = [ cmocka which cacert ]; installCheckPhase = '' meson test --print-errorlogs @@ -71,8 +72,7 @@ unwrapped = stdenv.mkDerivation rec { description = "Caching validating DNS resolver, from .cz domain registry"; homepage = https://knot-resolver.cz; license = licenses.gpl3Plus; - # Platforms using negative pointers for stack won't work ATM due to LuaJIT impl. - platforms = filter (p: p != "aarch64-linux") platforms.unix; + platforms = platforms.unix; maintainers = [ maintainers.vcunat /* upstream developer */ ]; }; }; |