pkgsrc.se | The NetBSD package collection

./net/bind911, Berkeley Internet Name Daemon implementation of DNS, version 9.11

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2020Q1, Version: 9.11.16, Package name: bind-9.11.16, Maintainer: pkgsrc-users

BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture. Some
of the important features of BIND-9 are:

- DNS Security
- IP version 6
- DNS Protocol Enhancements
- Views
- Multiprocessor Support
- Improved Portability Architecture
- Full NSEC3 support
- Automatic zone re-signing
- New update-policy methods tcp-self and 6to4-self

This package contains the BIND 9.11 release.

- Catalog Zones, a new method for provisioning servers
- "dnstap", a fast and flexible method of capturing and logging
DNS traffic.
- "dyndb", a new API for loading zone data from an external database
- dnssec-keymgr, a new key mainenance utility
- mdig, an alternate version of dig utility
- And more...

MESSAGE.rcd [+/-]

Package options: inet6, readline, threads

Master sites:

ftp://ftp.isc.org/isc/bind9/9.11.16/ (Download)

SHA1: 0317a5e610bdb4ececb08acd8ec347a206c5aa6a
RMD160: 90d657d41995db409d093a510012127897e4ec4e
Filesize: 8014.009 KB

Version history: (Expand)

(2020-04-20) Package has been reborn
(2020-04-19) Package added to pkgsrc.se, version bind-9.11.16 (created)

CVS history: (Expand)

2020-05-20 21:35:46 by Benny Siegert | Files touched by this commit (3) | Package updated

Log message:
Pullup ticket #6208 - requested by taca
net/bind911: security fix

Revisions pulled up:
- net/bind911/Makefile                                          1.23-1.24
- net/bind911/PLIST                                             1.3
- net/bind911/distinfo                                          1.17-1.18

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Apr 18 06:12:28 UTC 2020

   Modified Files:
   	pkgsrc/net/bind911: Makefile PLIST distinfo

   Log message:
   net/bind911: update to 9.11.18

   Update bind911 to 9.11.18 (BIND 9.11.18).

   	--- 9.11.18 released ---

   5380.	[contrib]	Fix building MySQL DLZ modules against MySQL 8
   			libraries. [GL #1678]

   5379.	[doc]		Clean up serve-stale related options that leaked into
   			the BIND 9.11 release. [GL !3265]

   5378.	[bug]		Receiving invalid DNS data was triggering an assertion
   			failure in nslookup. [GL #1652]

   5377.	[feature]	Detect atomic operations support on ppc64le. Thanks to
   			Petr Men=A8=EDk. [GL !3295]

   5376.	[bug]		Fix ineffective DNS rebinding protection when BIND is
   			configured as a forwarding DNS server. Thanks to Tobias
   			Klein. [GL #1574]

   5368.	[bug]		Named failed to restart if 'rndc addzone' names
   			contained special characters (e.g. '/'). [GL #1655]

   	--- 9.11.17 released ---

   5358.	[bug]		Inline master zones whose master files were touched
   			but otherwise unchanged and were subsequently reloaded
   			may have stopped re-signing. [GL !3135]

   5357.	[bug]		Newly added RRSIG records with expiry times before
   			the previous earliest expiry times might not be
   			re-signed in time.  The was a side effect of 5315.
   			[GL !3137]

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 10:21:25 UTC 2020

   Modified Files:
   	pkgsrc/net/bind911: Makefile distinfo

   Log message:
   net/bind911: update to 9.11.19

   Update bind911 to 9.11.19 (BIND 9.11.19).

   	--- 9.11.19 released ---

   5404.	[bug]		'named-checkconf -z' could incorrectly indicate
   			success if errors were found in one view but not in a
   			subsequent one. [GL #1807]

   5398.	[bug]		Named could fail to restart if a zone with a double
   			quote (") in its name was added with 'rndc addzone'.
   			[GL #1695]

   5395.	[security]	Further limit the number of queries that can be
   			triggered from a request.  Root and TLD servers
   			are no longer exempt from max-recursion-queries.
   			Fetches for missing name server address records
   			are limited to 4 for any domain. (CVE-2020-8616)
   			[GL #1388]

   5394.	[cleanup]	Named formerly attempted to change the effective UID an=
   d
   			GID in named_os_openfile(), which could trigger a
   			spurious log message if they were already set to the
   			desired values. This has been fixed. [GL #1042]
   			[GL #1090]

   5390.	[security]	Replaying a TSIG BADTIME response as a request could
   			trigger an assertion failure. (CVE-2020-8617)
   			[GL #1703]

   5387.	[func]		Warn about AXFR streams with inconsistent message IDs.
   			[GL #1674]