./net/ldns, Library for simplified DNS programming

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2011Q3, Version: 1.6.11, Package name: ldns-1.6.11, Maintainer: he

The goal of ldns is to simplify DNS programming, it supports recent
RFCs like the DNSSEC documents, and allows developers to easily
create software conforming to current RFCs, and experimental software
for current Internet Drafts. A secondary benefit of using ldns is
speed; ldns is written in C it should be a lot faster than Perl.


Required to build:
[lang/perl5] [devel/gmake] [devel/libtool-base]

Master sites:

SHA1: 2c4537eee39a1af63e8dde4f35498ce78c968c1f
RMD160: 7580869e4b8bdd2d31cb08cb690c2e3d0663f381
Filesize: 994.501 KB

Version history: (Expand)

CVS history: (Expand)


   2011-10-23 18:08:46 by Matthias Scheler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #3577 - requested by he
net/ldns: security update

Revisions pulled up:
- net/ldns/Makefile                                             1.19
- net/ldns/PLIST                                                1.4
- net/ldns/distinfo                                             1.11

---
   Module Name:	pkgsrc
   Committed By:	he
   Date:		Sat Oct 22 19:44:54 UTC 2011

   Modified Files:
   	pkgsrc/net/ldns: Makefile PLIST distinfo

   Log message:
   Update to version 1.6.11.

   Pkgsrc changes:
    o Sync PLIST, additional man page installed.

   Upstream changes:
   1.6.11	2011-09-29
   	* bugfix #394: Fix socket leak on errors
   	* bugfix #392: Apex only and percentage checks for ldns-verify-zone
   	  (thanks Miek Gieben)
   	* bugfix #398: Allow NSEC RRSIGs before the NSEC3 in ldns-verify-zone
   	* Fix python site package path from sitelib to sitearch for pyldns.
   	* Fix python api to support python2 and python3 (thanks Karel Slany).
   	* bugfix #401: Correction of date/time functions algorithm and
   	  prevention of an infinite loop therein
   	* bugfix #402: Correct the minimum and maximum number of rdata fields
   	  in TSIG. (thanks David Keeler)
   	* bugfix #403: Fix heap overflow (thanks David Keeler)
   	* bugfix #404: Make parsing APL strings more robust
   	  (thanks David Keeler)
   	* bugfix #391: Complete library assessment to prevent assertion errors
          	  through ldns_rdf_size usage.
   	* Slightly more specific error messaging on wrong number of rdata
   	  fields with the LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG and
   	  LDNS_STATUS_MISSING_RDATA_FIELDS_KEY result codes.
   	* bugfix #406: More rigorous openssl result code handling to prevent
   	  future crashes within openssl.
   	* Fix ldns_fetch_valid_domain_keys to search deeper than just one level
             for a DNSKEY that signed a DS RR. (this function was used in the
   	  check_dnssec_trace nagios module)
   	* bugfix #407: Canonicalize TSIG dnames and algorithm fields
   	* A new output specifier to accommodate configuration of what to show
   	  in comment texts when converting host and/or wire-format data to
   	  string. All conversion to string and printing functions have a new
   	  version that have such a format specifier as an extra argument.
   	  The default is changed so that only DNSKEY RR's are annotated with
   	  an comment show the Key Tag of the DNSKEY.
   	* Fixed the ldns resolver to not mark a nameserver unreachable when
   	  edns0 is tried unsuccessfully with size 4096 (no return packet came),
   	  but to still try TCP. A big UDP packet might have been corrupted by
   	  fragments dropping firewalls.
   	* Update of libdns.vim (thanks Miek Gieben)
   	* Added the ldnsx Python module to our contrib section, which adds even
   	  more pythonisticism to the usage of ldns with  Python. (Many thanks
   	  to Christpher Olah and Paul Wouters)
   	  The ldnsx module is automatically installed when --with-pyldns is
   	  used with configuring, but may explicitly be excluded with the
   	  --without-pyldnsx option to configure.
   	* bugfix #410: Fix clearing out temporary data on stack in sha2.c
   	* bugfix #411: Don't let empty non-terminal NSEC3s cause
   	  assertion failure.