bind: update to 9.10.5.

Fixes:
* CVE-2016-2775
* CVE-2016-2776
* CVE-2016-6170
* CVE-2016-8864
* CVE-2016-9131
* CVE-2016-9147
* CVE-2016-9444
* CVE-2017-3135
* CVE-2017-3136
* CVE-2017-3137
* CVE-2017-3138

common/shlibs

@@ -992,10 +992,10 @@ libtirpc.so.1 libtirpc-0.2.2_1
 librpcsecgss.so.3 librpcsecgss-0.19_1
 libnfsidmap.so.0 libnfsidmap-0.24_1
 liblwres.so.141 bind-libs-9.10.2P3_2
-libdns.so.165 bind-libs-9.10.4P1_1
+libdns.so.170 bind-libs-9.10.5_1
 libbind9.so.140 bind-libs-9.10.2P3_2
-libisccfg.so.140 bind-libs-9.10.2P3_2
+libisccfg.so.144 bind-libs-9.10.5_1
-libisc.so.160 bind-libs-9.10.3_1
+libisc.so.170 bind-libs-9.10.5_1
 libisccc.so.140 bind-libs-9.10.2P3_2
 libirs.so.141 bind-libs-9.10.2P3_2
 libplist.so.3 libplist-1.12_1

srcpkgs/bind/patches/libressl.patch

@@ -0,0 +1,148 @@
+--- lib/isc/sha2.c.orig
++++ lib/isc/sha2.c
+@@ -69,7 +69,7 @@
+ #endif
+ 
+ #ifdef ISC_PLATFORM_OPENSSLHASH
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define EVP_MD_CTX_new() &(context->_ctx)
+ #define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr)
+ #define EVP_MD_CTX_reset(c) EVP_MD_CTX_cleanup(c)
+--- lib/isc/include/isc/sha2.h.orig
++++ lib/isc/include/isc/sha2.h
+@@ -84,7 +84,7 @@
+ 
+ typedef struct {
+ 	EVP_MD_CTX *ctx;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	EVP_MD_CTX _ctx;
+ #endif
+ } isc_sha2_t;
+--- lib/isc/include/isc/hmacmd5.h.orig
++++ lib/isc/include/isc/hmacmd5.h
+@@ -42,7 +42,7 @@
+ 
+ typedef struct {
+ 	HMAC_CTX *ctx;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	HMAC_CTX _ctx;
+ #endif
+ } isc_hmacmd5_t;
+--- lib/isc/hmacmd5.c.orig
++++ lib/isc/hmacmd5.c
+@@ -43,7 +43,7 @@
+ #endif
+ 
+ #ifdef ISC_PLATFORM_OPENSSLHASH
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define HMAC_CTX_new() &(ctx->_ctx), HMAC_CTX_init(&(ctx->_ctx))
+ #define HMAC_CTX_free(ptr) HMAC_CTX_cleanup(ptr)
+ #endif
+--- lib/isc/md5.c.orig
++++ lib/isc/md5.c
+@@ -54,7 +54,7 @@
+ #include <isc/util.h>
+ 
+ #ifdef ISC_PLATFORM_OPENSSLHASH
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define EVP_MD_CTX_new() &(ctx->_ctx)
+ #define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr)
+ #endif
+--- lib/isc/hmacsha.c.orig
++++ lib/isc/hmacsha.c
+@@ -40,7 +40,7 @@
+ #endif
+ 
+ #ifdef ISC_PLATFORM_OPENSSLHASH
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define HMAC_CTX_new() &(ctx->_ctx), HMAC_CTX_init(&(ctx->_ctx))
+ #define HMAC_CTX_free(ptr) HMAC_CTX_cleanup(ptr)
+ #endif
+--- lib/isc/include/isc/hmacsha.h.orig
++++ lib/isc/include/isc/hmacsha.h
+@@ -42,7 +42,7 @@
+ 
+ typedef struct {
+ 	HMAC_CTX *ctx;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	HMAC_CTX _ctx;
+ #endif
+ } isc_hmacsha_t;
+--- lib/isc/include/isc/sha1.h.orig
++++ lib/isc/include/isc/sha1.h
+@@ -41,7 +41,7 @@
+ 
+ typedef struct {
+ 	EVP_MD_CTX *ctx;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	EVP_MD_CTX _ctx;
+ #endif
+ } isc_sha1_t;
+--- lib/isc/include/isc/md5.h.orig
++++ lib/isc/include/isc/md5.h
+@@ -60,7 +60,7 @@
+ 
+ typedef struct {
+ 	EVP_MD_CTX *ctx;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	EVP_MD_CTX _ctx;
+ #endif
+ } isc_md5_t;
+--- lib/isc/aes.c.orig
++++ lib/isc/aes.c
+@@ -33,7 +33,7 @@
+ #include <openssl/opensslv.h>
+ #include <openssl/evp.h>
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define EVP_CIPHER_CTX_new() &(_context), EVP_CIPHER_CTX_init(&_context)
+ #define EVP_CIPHER_CTX_free(c) RUNTIME_CHECK(EVP_CIPHER_CTX_cleanup(c) == 1)
+ #endif
+@@ -42,7 +42,7 @@
+ isc_aes128_crypt(const unsigned char *key, const unsigned char *in,
+ 		 unsigned char *out)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	EVP_CIPHER_CTX _context;
+ #endif
+ 	EVP_CIPHER_CTX *c;
+@@ -62,7 +62,7 @@
+ isc_aes192_crypt(const unsigned char *key, const unsigned char *in,
+ 		 unsigned char *out)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	EVP_CIPHER_CTX _context;
+ #endif
+ 	EVP_CIPHER_CTX *c;
+@@ -82,7 +82,7 @@
+ isc_aes256_crypt(const unsigned char *key, const unsigned char *in,
+ 		 unsigned char *out)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 	EVP_CIPHER_CTX _context;
+ #endif
+ 	EVP_CIPHER_CTX *c;
+--- lib/isc/sha1.c.orig
++++ lib/isc/sha1.c
+@@ -50,7 +50,7 @@
+ #endif
+ 
+ #ifdef ISC_PLATFORM_OPENSSLHASH
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define EVP_MD_CTX_new() &(context->_ctx)
+ #define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr)
+ #endif

srcpkgs/bind/patches/seccomp.patch

@@ -1,38 +0,0 @@
---- bin/named/include/named/seccomp.h.orig
-+++ bin/named/include/named/seccomp.h
-@@ -57,6 +57,8 @@
- 	SCMP_SYS(rt_sigsuspend),
- 	SCMP_SYS(fstat),
- 	SCMP_SYS(epoll_ctl),
- 	SCMP_SYS(gettimeofday),
-+	SCMP_SYS(getpid),
-+	SCMP_SYS(getrandom),
- 	SCMP_SYS(unlink),
- 	SCMP_SYS(socket),
-@@ -121,6 +123,8 @@
- 	"fstat",
- 	"epoll_ctl",
- 	"gettimeofday",
-+	"getpid",
-+	"getrandom",
- 	"unlink",
- 	"socket",
- 	"sendto",
-@@ -190,6 +194,8 @@
- 	SCMP_SYS(fstat64),
- 	SCMP_SYS(epoll_ctl),
- 	SCMP_SYS(gettimeofday),
-+	SCMP_SYS(getpid),
-+	SCMP_SYS(getrandom),
- 	SCMP_SYS(unlink),
- #ifndef ISC_PLATFORM_USETHREADS
- 	SCMP_SYS(fcntl64),
-@@ -226,6 +232,8 @@
- 	"fstat64",
- 	"epoll_ctl",
- 	"gettimeofday",
-+	"getpid",
-+	"getrandom",
- 	"unlink",
- #ifndef ISC_PLATFORM_USETHREADS
- 	"fcntl64",

srcpkgs/bind/template

@@ -1,16 +1,16 @@
 # Template file for 'bind'
 pkgname=bind
-_distver=9.10.4
+_distver=9.10.5
-_patchver=P6
+# _patchver=
-version="${_distver}${_patchver}"
+version="${_distver}${_patchver:+$_patchver}"
-revision=4
+revision=1
-wrksrc="${pkgname}-${_distver}-${_patchver}"
+wrksrc="${pkgname}-${_distver}${_patchver:+-$_patchver}"
 short_desc="Berkeley Internet Name Domain server"
 maintainer="Juan RP <xtraeme@voidlinux.eu>"
 license="ISC"
 homepage="http://www.isc.org/software/bind/"
-distfiles="http://ftp.isc.org/isc/bind9/${_distver}-${_patchver}/bind-${_distver}-${_patchver}.tar.gz"
+distfiles="http://ftp.isc.org/isc/bind9/${_distver}${_patchver:+-$_patchver}/bind-${_distver}${_patchver:+-$_patchver}.tar.gz"
-checksum=a1dfbfd1d11cb52f2d9e5af0def25763798bda243841722dd0b319086a73ee65
+checksum=71688d2e134e42205075eef93cc1b78b42a140a2d61bf8263afc9c92fc872b0e
 
 build_options="geoip seccomp"
 build_options_default="geoip"