./net/bind912, Berkeley Internet Name Daemon implementation of DNS, version 9.12

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 9.12.3, Package name: bind-9.12.3, Maintainer: pkgsrc-users

BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture. Some
of the important features of BIND-9 are:

- DNS Security
- IP version 6
- DNS Protocol Enhancements
- Views
- Multiprocessor Support
- Improved Portability Architecture
- Full NSEC3 support
- Automatic zone re-signing
- New update-policy methods tcp-self and 6to4-self

This package contains the BIND 9.12 release.

- named and related libraries have been substantially refactored for
improved query performance.
- Code implementing the name server query processing logic has been
moved into a new libns library.
- The DNS Response Policy Service API (DNSRPS) is now supported.
- Log file timestamps can now also be formatted in ISO 8601 (local)
or ISO 8601 (UTC) formats.
- Added support for the EDNS Padding and Keepalive options.
- 'new-zones-directory' option sets the location where the
configuration data for zones added by rndc addzone is stored.
- The default key algorithm in rndc-confgen is now hmac-sha256.
- filter-aaaa-on-v4 and filter-aaaa-on-v6 options are now available
by default without a configure option.
- The obsolete isc-hmac-fixup command has been removed.



Package options: inet6, readline, threads

Master sites:

SHA1: 55131f7ab7d9f970ec3097eba5bbfb06346bcf7a
RMD160: bbfc7901afad2f2bcfa1d0515fd4eac01539da5e
Filesize: 8414.711 KB

Version history: (Expand)


CVS history: (Expand)


   2018-10-30 10:34:45 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (1)
Log message:
bind912: typo in COMMENT
   2018-10-24 13:10:32 by Jonathan Perkin | Files touched by this commit (3)
Log message:
bind912: Fix build on SunOS.  Fix PKG_OPTIONS_VAR.
   2018-10-21 17:51:46 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
net/bind912: udpate to 9.12.3

	--- 9.12.3 released ---

	--- 9.12.3rc1 released ---

5038.	[bug]		Chaosnet addresses were compared incorrectly.
			[GL #562]

5035.	[test]		Fixed errors that prevented the DNSRPS subtests
			from running in the rpz and rpzrecurse system
			tests. [GL #503]

5034.	[bug]		A race between threads could prevent zone maintenance
			scheduled immediately after zone load from being
			performed. [GL #542]

5033.	[bug]		When adding NTAs to multiple views using "rndc nta",
			the text returned via rndc was incorrectly terminated
			after the first line, making it look as if only one
			NTA had been added. Also, it was not possible to
			differentiate between views with the same name but
			different classes; this has been corrected with the
			addition of a "-class" option. [GL #105]

5032.	[func]		Add krb5-selfsub and ms-selfsub update policy rules.
			[GL #511]

5030.	[bug]		Align CMSG buffers to a 64-bit boundary, fixes crash
			on architectures with strict alignment. [GL #521]

5028.	[bug]		Spread the initial RRSIG expiration times over the
			entire working sig-validity-interval when signing a
			zone in named to even out re-signing and transfer
			loads. [GL #418]

5026.	[bug]		rndc reconfig should not touch already loaded zones.
			[GL #276]

5022.	[doc]		Update ms-self, ms-subdomain, krb5-self, and
			krb5-subdomain documentation. [GL !708]

5021.	[bug]		dig returned a non-zero exit code when it received a
			reply over TCP after a retry. [GL #487]

5019.	[cleanup]	A message is now logged when ixfr-from-differences is
			set at zone level for an inline-signed zone. [GL #470]

5018.	[bug]		Fix incorrect sizeof arguments in lib/isc/pk11.c.
			[GL !588]

5017.	[bug]		lib/isc/pk11.c failed to unlink the session before
			releasing the lock which is unsafe. [GL !589]

5016.	[bug]		Named could assert with overlapping filter-aaaa and
			dns64 acls. [GL #445]

5015.	[bug]		Reloading all zones caused zone maintenance to cease
			for inline-signed zones. [GL #435]

5014.	[bug]		Signatures loaded from the journal for the signed
			version of an inline-signed zone were not scheduled for
			refresh. [GL #482]

5013.	[bug]		A referral response with a non-empty ANSWER section was
			inadvertently being treated as an error. [GL #390]

5012.	[bug]		Fix lock order reversal in pk11_initialize. [GL !590]

5009.	[bug]		Upon an OpenSSL failure, the first error in the OpenSSL
			error queue was not logged. [GL #476]

5008.	[bug]		"rndc signing -nsec3param ..." requests were silently
			ignored for zones which were not yet loaded or
			transferred. [GL #468]

5007.	[cleanup]	Replace custom ISC boolean and integer data types
			with C99 stdint.h and stdbool.h types. [GL #9]

5006.	[cleanup]	Code preparing a delegation response was extracted from
			query_delegation() and query_zone_delegation() into a
			separate function in order to decrease code
			duplication. [GL #431]

5005.	[bug]		dnssec-verify, and dnssec-signzone at the verification
			step, failed on some validly signed zones. [GL #442]

5004.	[bug]		'rndc reconfig' could cause inline zones to stop
			re-signing. [GL #439]

5003.	[bug]		dns_acl_isinsecure did not handle geoip elements.
			[GL #406]

5002.	[bug]		mdig: Handle malformed +ednsopt option, support 100
			+ednsopt options per query rather than 100 total and
			address memory leaks if +ednsopt was specified.
			[GL #410]

5001.	[bug]		Fix refcount errors on error paths. [GL !563]

5000.	[bug]		named_server_servestale() could leave the server in
			exclusive mode if an error occured. [GL #441]

4996.	[bug]		dig: Handle malformed +ednsopt option. [GL #403]

4995.	[test]		Add tests for "tcp-self" update policy. [GL !282]

4994.	[bug]		Trust anchor telemetry queries were not being sent
			upstream for locally served zones. [GL #392]

4992.	[bug]		The wrong address was being logged for trust anchor
			telemetry queries. [GL #379]

4990.	[bug]		Prevent a possible NULL reference in pkcs11-keygen.
			[GL #401]

4988.	[bug]		Don't synthesize NXDOMAIN from NSEC for records under
			a DNAME. [GL #386]
   2018-09-27 06:24:19 by Thomas Klausner | Files touched by this commit (2)
Log message:
bind91?: fix whitespace
   2018-09-25 20:07:37 by Tobias Nygren | Files touched by this commit (1)
Log message:
bind912: fix bl3 reference
   2018-09-20 12:03:03 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
net/bind912: update to 9.12.2pl2

Update bind912 to 9.12.2pl2 (BIND 9.12.2-P2).

	--- 9.12.2-P2 released ---

5022.	[doc]		Update ms-self, ms-subdomain, krb5-self, and
			krb5-subdomain documentation. [GL !708]

5015.	[bug]		Reloading all zones caused zone maintenance to cease
			for inline-signed zones. [GL #435]

5014.	[bug]		Signatures loaded from the journal for the signed
			version of an inline-signed zone were not scheduled for
			refresh. [GL #482]

5013.	[bug]		A referral response with a non-empty ANSWER section was
			inadvertently being treated as an error. [GL #390]

5004.	[bug]		'rndc reconfig' could cause inline zones to stop
			re-signing. [GL #439]
   2018-09-13 04:57:43 by John Klos | Files touched by this commit (4)
Log message:
Disable atomic operations on VAX and m68k in addition to mipsel so BIND
compiles on these architectures.
   2018-09-09 15:16:02 by Takahiro Kambe | Files touched by this commit (17) | Package updated
Log message:
net/bind912: Added BIND 9.12 package

Add bind-9.12.2pl1 (BIND 9.12.2-P1) pacakge.

Note: named(8) requires writable permission to current directory when
start up or the directory specified by "directory" in options statement.

BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture.  Some
of the important features of BIND-9 are:

	- DNS Security
	- IP version 6
	- DNS Protocol Enhancements
	- Views
	- Multiprocessor Support
	- Improved Portability Architecture
	- Full NSEC3 support
	- Automatic zone re-signing
	- New update-policy methods tcp-self and 6to4-self

This package contains the BIND 9.12 release.

	- named and related libraries have been substantially refactored for
	  improved query performance.
	- Code implementing the name server query processing logic has been
	  moved into a new libns library.
	- The DNS Response Policy Service API (DNSRPS) is now supported.
	- Log file timestamps can now also be formatted in ISO 8601 (local)
	  or ISO 8601 (UTC) formats.
	- Added support for the EDNS Padding and Keepalive options.
	- 'new-zones-directory' option sets the location where the
	  configuration data for zones added by rndc addzone is stored.
	- The default key algorithm in rndc-confgen is now hmac-sha256.
	- filter-aaaa-on-v4 and filter-aaaa-on-v6 options are now available
	  by default without a configure option.
	- The obsolete isc-hmac-fixup command has been removed.