./net/bind911, Berkeley Internet Name Daemon implementation of DNS, version 9.11

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2019Q1, Version: 9.11.6pl1, Package name: bind-9.11.6pl1, Maintainer: pkgsrc-users

BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture. Some
of the important features of BIND-9 are:

- DNS Security
- IP version 6
- DNS Protocol Enhancements
- Views
- Multiprocessor Support
- Improved Portability Architecture
- Full NSEC3 support
- Automatic zone re-signing
- New update-policy methods tcp-self and 6to4-self

This package contains the BIND 9.11 release.

- Catalog Zones, a new method for provisioning servers
- "dnstap", a fast and flexible method of capturing and logging
DNS traffic.
- "dyndb", a new API for loading zone data from an external database
- dnssec-keymgr, a new key mainenance utility
- mdig, an alternate version of dig utility
- And more...


Required to build:
[pkgtools/cwrappers]

Package options: inet6, readline, threads

Master sites:

SHA1: 1a142cc9af68f7205bc0ea942458e6a044244422
RMD160: 7024ba26f218015ebd99f54988f78148ae789cf7
Filesize: 7912.345 KB

Version history: (Expand)

CVS history: (Expand)


   2019-05-12 22:44:15 by S.P.Zeidler | Files touched by this commit (9) | Package updated
Log message:
Pullup ticket #5958 - requested by taca
net/bind911: security update

Revisions pulled up:
- net/bind911/MESSAGE                                           1.2
- net/bind911/Makefile                                          1.8
- net/bind911/distinfo                                          1.7
- net/bind911/options.mk                                        1.3
- net/bind911/patches/patch-bin_named_server.c                  1.1
- net/bind911/patches/patch-bin_pkcs11_pkcs11-keygen.c          1.1
- net/bind911/patches/patch-lib_dns_view.c                      1.1
- net/bind911/patches/patch-lib_isc_unix_socket.c               1.3
- net/bind911/patches/patch-lib_lwres_getnameinfo.c             1.2

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Apr 30 02:51:38 UTC 2019

   Modified Files:
   	pkgsrc/net/bind911: MESSAGE Makefile distinfo options.mk
   	pkgsrc/net/bind911/patches: patch-lib_isc_unix_socket.c
   	    patch-lib_lwres_getnameinfo.c
   Added Files:
   	pkgsrc/net/bind911/patches: patch-bin_named_server.c
   	    patch-bin_pkcs11_pkcs11-keygen.c patch-lib_dns_view.c

   Log message:
   net/bind911: update to 9.11.6pl1

   Update bind911 to 9.11.5pl4 (BIND 9.11.5-P4).

   Fix security problem CVE-2018-5743 and overhaul pkgsrc.  Now no need
   to change namedb is permission under NetBSD.

   * Update note about required directories.
   * Drop pkg-config from USE_TOOLS.
   * Drop none existing configure arguments and PKG_OPTIONS:
   	- fetchlimit
   	- sit

   	--- 9.11.6-P1 released ---

   5200.	[security]	tcp-clients settings could be exceeded in some cases,
   			which could lead to exhaustion of file descriptors.
   			(CVE-2018-5743) [GL #615]

   To generate a diff of this commit:
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/bind911/MESSAGE
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/net/bind911/Makefile
   cvs rdiff -u -r1.6 -r1.7 pkgsrc/net/bind911/distinfo
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/bind911/options.mk
   cvs rdiff -u -r0 -r1.1 pkgsrc/net/bind911/patches/patch-bin_named_server.c \
       pkgsrc/net/bind911/patches/patch-bin_pkcs11_pkcs11-keygen.c \
       pkgsrc/net/bind911/patches/patch-lib_dns_view.c
   cvs rdiff -u -r1.2 -r1.3 \
       pkgsrc/net/bind911/patches/patch-lib_isc_unix_socket.c
   cvs rdiff -u -r1.1 -r1.2 \
       pkgsrc/net/bind911/patches/patch-lib_lwres_getnameinfo.c