bind: 9.16.16 -> 9.16.25

Fixes CVE-2021-25219.
https://downloads.isc.org/isc/bind9/9.16.25/doc/arm/html/notes.html

3 files changed, 20 insertions, 31 deletions

diff --git a/pkgs/servers/dns/bind/default.nix b/pkgs/servers/dns/bind/default.nix
index 19b3a25de59..5aa702e28d6 100644
--- a/pkgs/servers/dns/bind/default.nix
+++ b/pkgs/servers/dns/bind/default.nix
@@ -9,18 +9,17 @@
 
 stdenv.mkDerivation rec {
   pname = "bind";
-  version = "9.16.16";
+  version = "9.16.25";
 
   src = fetchurl {
     url = "https://downloads.isc.org/isc/bind9/${version}/${pname}-${version}.tar.xz";
-    sha256 = "sha256-bJE5Aq34eOfcXiKc6pT678nUD0R3WjAhPt0Ihg92HXs=";
+    sha256 = "sha256-n6MohQ+ChD74t78f9TIstosRAnOjPzdbpB81Jw9eH/M=";
   };
 
   outputs = [ "out" "lib" "dev" "man" "dnsutils" "host" ];
 
   patches = [
     ./dont-keep-configure-flags.patch
-    ./remove-mkdir-var.patch
   ];
 
   nativeBuildInputs = [ perl pkg-config ];
diff --git a/pkgs/servers/dns/bind/dont-keep-configure-flags.patch b/pkgs/servers/dns/bind/dont-keep-configure-flags.patch
index ceb887e678e..89c58226573 100644
--- a/pkgs/servers/dns/bind/dont-keep-configure-flags.patch
+++ b/pkgs/servers/dns/bind/dont-keep-configure-flags.patch
@@ -1,20 +1,22 @@
-diff -ru a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h
---- a/bin/named/include/named/globals.h	2020-09-24 17:43:49.398977491 +0200
-+++ b/bin/named/include/named/globals.h	2020-09-24 17:44:36.826590553 +0200
-@@ -69,7 +69,9 @@
- EXTERN const char *named_g_product     INIT(PRODUCT);
- EXTERN const char *named_g_description INIT(DESCRIPTION);
- EXTERN const char *named_g_srcid       INIT(SRCID);
+diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h
+index 82b632ef04..dedfd4d33b 100644
+--- a/bin/named/include/named/globals.h
++++ b/bin/named/include/named/globals.h
+@@ -71,7 +71,9 @@ EXTERN const char *named_g_version	  INIT(VERSION);
+ EXTERN const char *named_g_product	  INIT(PRODUCT);
+ EXTERN const char *named_g_description	  INIT(DESCRIPTION);
+ EXTERN const char *named_g_srcid	  INIT(SRCID);
 +#if 0
- EXTERN const char *named_g_configargs  INIT(CONFIGARGS);
+ EXTERN const char *named_g_configargs	  INIT(CONFIGARGS);
 +#endif
- EXTERN const char *named_g_builder     INIT(BUILDER);
- EXTERN in_port_t named_g_port	       INIT(0);
- EXTERN isc_dscp_t named_g_dscp	       INIT(-1);
-diff -ru a/bin/named/main.c b/bin/named/main.c
---- a/bin/named/main.c	2020-09-24 17:43:49.399977504 +0200
-+++ b/bin/named/main.c	2020-09-24 17:44:24.102426273 +0200
-@@ -506,7 +506,9 @@
+ EXTERN const char *named_g_builder	  INIT(BUILDER);
+ EXTERN in_port_t named_g_port		  INIT(0);
+ EXTERN isc_dscp_t named_g_dscp		  INIT(-1);
+diff --git a/bin/named/main.c b/bin/named/main.c
+index 9ad2d0e277..9729a2b3fc 100644
+--- a/bin/named/main.c
++++ b/bin/named/main.c
+@@ -521,7 +521,9 @@ printversion(bool verbose) {
  	}
  
  	printf("running on %s\n", named_os_uname());
@@ -24,7 +26,7 @@ diff -ru a/bin/named/main.c b/bin/named/main.c
  #ifdef __clang__
  	printf("compiled by CLANG %s\n", __VERSION__);
  #else /* ifdef __clang__ */
-@@ -1102,9 +1104,11 @@
+@@ -1089,9 +1091,11 @@ setup(void) {
  		      NAMED_LOGMODULE_MAIN, ISC_LOG_NOTICE, "running on %s",
  		      named_os_uname());
  
diff --git a/pkgs/servers/dns/bind/remove-mkdir-var.patch b/pkgs/servers/dns/bind/remove-mkdir-var.patch
deleted file mode 100644
index d0dcd580c20..00000000000
--- a/pkgs/servers/dns/bind/remove-mkdir-var.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -53,8 +53,7 @@ docclean manclean maintainer-clean::
- doc man:: ${MANOBJS}
- 
- installdirs:
--	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir} \
--	${DESTDIR}${localstatedir}/run ${DESTDIR}${sysconfdir}
-+	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir} ${DESTDIR}${sysconfdir}
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man1
- 
- install:: isc-config.sh installdirs