pkgsrc.se | The NetBSD package collection

./net/bind96, Berkeley Internet Name Daemon implementation of DNS, version 9.6

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 9.6.3.1.ESV.9pl1, Package name: bind-9.6.3.1.ESV.9pl1, Maintainer: pkgsrc-users

BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture. Some
of the important features of BIND-9 are:

- DNS Security
- IP version 6
- DNS Protocol Enhancements
- Views
- Multiprocessor Support
- Improved Portability Architecture
- Full NSEC3 support
- Automatic zone re-signing
- New update-policy methods tcp-self and 6to4-self

This package contains the BIND 9.6 release.

Package options: inet6, threads

Master sites: (Expand)

SHA1: 739cd279243308af616179dcf3d84fbe8a57e9c3
RMD160: 252d221d4d811d84642c432a920b139d10341ae3
Filesize: 6260.055 KB

Version history: (Expand)

(2013-06-06) Updated to version: bind-9.6.3.1.ESV.9pl1
(2013-06-01) Updated to version: bind-9.6.3.1.ESV.7pl4nb5
(2013-03-03) Updated to version: bind-9.6.3.1.ESV.7pl4nb4
(2013-02-12) Updated to version: bind-9.6.3.1.ESV.7pl4nb3
(2012-12-16) Updated to version: bind-9.6.3.1.ESV.7pl4nb2
(2012-10-21) Updated to version: bind-9.6.3.1.ESV.7pl4nb1

CVS history: (Expand)

2013-06-06 04:57:58 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
Update bind96 to 9.6.3.1.ESV.9pl1 (BIND 9.6-ESV-R9-P1).
Please refer CHANGES file for complete changes and here is quote from
release announce.

Introduction

   BIND 9.6-ESV-R9-P1 is the latest production release of BIND 9.6-ESV.

Security Fixes

   Prevents exploitation of a runtime_check which can crash named
   when satisfying a recursive query for particular malformed zones.
   (CVE-2013-3919) [RT #33690]

   Prevents a named assert (crash) when validating caused by using
   "Bad cache" data before it has been initialized. [CVE-2012-3817]
   [RT #30025]

   A condition has been corrected where improper handling of
   zero-length RDATA could cause undesirable behavior, including
   termination of the named process. [CVE-2012-1667] [RT #29644]

New Features

   Adds a new configuration option, "check-spf"; valid values are
   "warn" (default) and "ignore".  When set to \ 
"warn", checks SPF
   and TXT records in spf format, warning if either resource record
   type occurs without a corresponding record of the other resource
   record type.  [RT #33355]

   Adds support for Uniform Resource Identifier (URI) resource
   records. [RT #23386]

   Adds support for Host Identity Protocol (HIP) resource records
   [RT #19384]

   Adds support for the EUI48 and EUI64 RR types. [RT #33082]

   Adds support for the RFC 6742 ILNP record types (NID, LP, L32,
   and L64). [RT #31836]

   The contributed queryperf utility has been improved, now retaining
   better round trip time statistics. [RT #30128]

2013-05-31 14:42:58 by Thomas Klausner | Files touched by this commit (2880)

Log message:
Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.

2013-04-06 05:45:29 by Blue Rats | Files touched by this commit (152)

Log message:
Fixes:

 COMMENT should not be longer than 70 characters.
 COMMENT should not begin with 'A'.
 COMMENT should not begin with 'An'.
 COMMENT should not begin with 'a'.
 COMMENT should not end with a period.
 COMMENT should start with a capital letter.

pkglint warnings. Some files also got minor formatting, spelling, and style
corrections.

2013-03-02 21:33:35 by Thomas Klausner | Files touched by this commit (83) | Package updated

Log message:
Bump PKGREVISION for mysql default change to 55.

2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) | Package updated

Log message:
PKGREVISION bumps for the security/openssl 1.0.1d update.

2012-10-23 19:19:22 by Aleksej Saushev | Files touched by this commit (671)

Log message:
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

2012-10-21 17:49:07 by Aleksey Cheusov | Files touched by this commit (5)

Log message:
Add CONFLICTS between net/bind and net/host.
net/bind9*: remove "bind<x.y.z" entries from CONFLICTS. It is useless
   because package's PKGBASE is "bind".

2012-10-10 05:04:57 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
Update bind96 to 9.6.3.1.ESV.7pl4 (BIND 9.6-ESV-R7-P4).

Here are change changes from release note.  Note security fixes except
CVE-2012-5166 should be already fixed in previous version of bind96 package.

Please refer https://kb.isc.org/article/AA-00795 for list of full bug fixes.

Security Fixes

* A deliberately constructed combination of records could cause named to hang
  while populating the additional section of a response. [CVE-2012-5166] [RT
  #31090]
* Prevents a named assert (crash) when queried for a record whose RDATA
  exceeds 65535 bytes [CVE-2012-4244] [RT #30416]
* Prevents a named assert (crash) when validating caused by using "Bad \ 
cache"
  data before it has been initialized. [CVE-2012-3817] [RT #30025]
* A condition has been corrected where improper handling of zero-length RDATA
  could cause undesirable behavior, including termination of the named
  process. [CVE-2012-1667] [RT #29644]

New Features

  None

Feature Changes

* Improves OpenSSL error logging [RT #29932]
* nslookup now returns a nonzero exit code when it is unable to get an answer.
  [RT #29492]