./net/bind8, The Berkeley Internet Name Daemon, an implementation of DNS

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2008Q1, Version: 8.4.7pl1nb1, Package name: bind-8.4.7pl1nb1, Maintainer: pkgsrc-users

BIND (Berkeley Internet Name Domain) is an implementation of the
Domain Name System (DNS) protocols and provides an openly redistributable
reference implementation of the major components of the Domain Name
System, including:

* a Domain Name System server (named)
* a Domain Name System resolver library
* tools for verifying the proper operation of the DNS server

The BIND DNS Server is used on the vast majority of name serving machines
on the Internet, providing a robust and stable architecture on top of which
an organization's naming architecture can be built. The resolver library
included in the BIND distribution provides the standard APIs for translation
between domain names and Internet addresses and is intended to be linked with
applications requiring name service.

BIND Version 8.2.2 patchlevel 5 (Released November 12th, 1999)

If you are running any version of BIND prior to 8.2.2 patchlevel 5,
we recommend you upgrade to the current version for security reasons.
There is one potential remote access exploit fixed in this release,
and there are several fixes for various denial-of-service bugs.


Master sites:


Version history: (Expand)


CVS history: (Expand)


   2008-05-11 11:33:42 by Geert Hendrickx | Files touched by this commit (3)
Log message:
Pullup ticket 2369 - requested by tonnerre
security fix for bind 8

- pkgsrc/net/bind8/Makefile				1.40
- pkgsrc/net/bind8/distinfo				1.22
- pkgsrc/net/bind8/patches/patch-ao			1.1

   Module Name:	pkgsrc
   Committed By:	tonnerre
   Date:		Sun May 11 00:00:57 UTC 2008

   Modified Files:
	   pkgsrc/net/bind8: Makefile distinfo
   Added Files:
	   pkgsrc/net/bind8/patches: patch-ao

   Log message:
   Fix CVE-2008-0122 for libbind (as contained in bind). A misplaced
   boundary check can be abused for implementation specific exploitation:
   depending on the use of libbind, this can result in denial of service
   or even remote code execution.