chn/nixpkgs
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixpkgs.git synced 2026-01-12 02:40:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

kea: 2.6.2 -> 2.6.3

Browse Source 
https://downloads.isc.org/isc/kea/2.6.3/Kea-2.6.3-ReleaseNotes.txt

https://kb.isc.org/docs/cve-2025-32801
https://kb.isc.org/docs/cve-2025-32802
https://kb.isc.org/docs/cve-2025-32803

Fixes: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803

(cherry picked from commit fde8885198)
This commit is contained in:
Martin Weinelt
2025-05-28 22:09:00 +02:00
parent dccabcdb3f
commit 268ecc7bb2
3 changed files with 42 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
nixos/modules/services/networking/kea.nix
View File

@@ -265,12 +265,24 @@ in
config =
let
commonEnvironment = {
KEA_CONTROL_SOCKET_DIR = "/run/kea";
KEA_LOCKFILE_DIR = "/run/kea";
KEA_PIDFILE_DIR = "/run/kea";
};
commonServiceConfig = {
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
ExecReload = toString [
(lib.getExe' pkgs.coreutils "kill")
"-HUP"
"$MAINPID"
];
DynamicUser = true;
User = "kea";
ConfigurationDirectory = "kea";
Restart = "on-failure";
RuntimeDirectory = "kea";
RuntimeDirectoryMode = "0750";
RuntimeDirectoryPreserve = true;
StateDirectory = "kea";
UMask = "0077";
@@ -280,6 +292,12 @@ in
lib.mkMerge [
{
environment.systemPackages = [ package ];
users.users.kea = {
isSystemUser = true;
group = "kea";
};
users.groups.kea = { };
}
(lib.mkIf cfg.ctrl-agent.enable {
@@ -312,10 +330,7 @@ in
"kea-dhcp-ddns-server.service"
];
environment = {
KEA_PIDFILE_DIR = "/run/kea";
KEA_LOCKFILE_DIR = "/run/kea";
};
environment = commonEnvironment;
restartTriggers = [
ctrlAgentConfig
@@ -358,10 +373,7 @@ in
"multi-user.target"
];
environment = {
KEA_PIDFILE_DIR = "/run/kea";
KEA_LOCKFILE_DIR = "/run/kea";
};
environment = commonEnvironment;
restartTriggers = [
dhcp4Config
@@ -411,10 +423,7 @@ in
"multi-user.target"
];
environment = {
KEA_PIDFILE_DIR = "/run/kea";
KEA_LOCKFILE_DIR = "/run/kea";
};
environment = commonEnvironment;
restartTriggers = [
dhcp6Config
@@ -460,10 +469,7 @@ in
"multi-user.target"
];
environment = {
KEA_PIDFILE_DIR = "/run/kea";
KEA_LOCKFILE_DIR = "/run/kea";
};
environment = commonEnvironment;
restartTriggers = [
dhcpDdnsConfig

24
pkgs/by-name/ke/kea/dont-create-var.patch
View File

@@ -1,28 +1,34 @@
diff --git a/Makefile.am b/Makefile.am
index 10708e7..d4efd73 100644
index a81f4cc..5d61407 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -150,13 +150,6 @@ cppcheck:
@@ -173,18 +173,6 @@ cppcheck:
docs:
$(MAKE) -C doc/sphinx
-
-# These steps are necessary during installation
-# These steps are necessary during installation. chmod is for reinstallation/upgrade.
-install-exec-hook:
- mkdir -p $(DESTDIR)${localstatedir}/log/
- mkdir -p $(DESTDIR)${localstatedir}/lib/${PACKAGE_NAME}
- mkdir -p $(DESTDIR)${runstatedir}/${PACKAGE_NAME}
- mkdir -m 750 -p "$(DESTDIR)${localstatedir}/lib/${PACKAGE_NAME}"
- chmod 750 "$(DESTDIR)${localstatedir}/lib/${PACKAGE_NAME}"
- mkdir -m 750 -p "$(DESTDIR)${localstatedir}/log/${PACKAGE_NAME}"
- chmod 750 "$(DESTDIR)${localstatedir}/log/${PACKAGE_NAME}"
- mkdir -m 750 -p "$(DESTDIR)${runstatedir}/${PACKAGE_NAME}"
- chmod 750 "$(DESTDIR)${runstatedir}/${PACKAGE_NAME}"
- mkdir -m 750 -p "$(DESTDIR)${sysconfdir}/${PACKAGE_NAME}"
- chmod 750 "$(DESTDIR)${sysconfdir}/${PACKAGE_NAME}"
-
EXTRA_DIST = tools/path_replacer.sh
EXTRA_DIST += tools/mk_cfgrpt.sh
diff --git a/src/lib/dhcpsrv/Makefile.am b/src/lib/dhcpsrv/Makefile.am
index a0a0289..ba42f8a 100644
index 7e0f3c4..08c53d8 100644
--- a/src/lib/dhcpsrv/Makefile.am
+++ b/src/lib/dhcpsrv/Makefile.am
@@ -408,5 +408,3 @@ libkea_dhcpsrv_parsers_include_HEADERS = \
@@ -420,6 +420,3 @@ libkea_dhcpsrv_parsers_include_HEADERS = \
parsers/shared_networks_list_parser.h \
parsers/simple_parser4.h \
parsers/simple_parser6.h
-
-install-data-local:
- $(mkinstalldirs) $(DESTDIR)$(dhcp_data_dir)

8
pkgs/by-name/ke/kea/package.nix
View File

@@ -24,11 +24,11 @@
stdenv.mkDerivation rec {
pname = "kea";
version = "2.6.2"; # only even minor versions are stable
version = "2.6.3"; # only even minor versions are stable
src = fetchurl {
url = "https://ftp.isc.org/isc/${pname}/${version}/${pname}-${version}.tar.gz";
hash = "sha256-ilC2MQNzS1nDuGGczWdm0t/uPwLjpfnzq8HNVfcPpCQ=";
hash = "sha256-ACQaWVX/09IVosCYxFJ/nX9LIDGIsnb5o2JQ3T2d1hI=";
};
patches = [
@@ -36,9 +36,9 @@ stdenv.mkDerivation rec {
];
postPatch = ''
substituteInPlace ./src/bin/keactrl/Makefile.am --replace '@sysconfdir@' "$out/etc"
substituteInPlace ./src/bin/keactrl/Makefile.am --replace-fail '@sysconfdir@' "$out/etc"
# darwin special-casing just causes trouble
substituteInPlace ./m4macros/ax_crypto.m4 --replace 'apple-darwin' 'nope'
substituteInPlace ./m4macros/ax_crypto.m4 --replace-fail 'apple-darwin' 'nope'
'';
outputs = [