Navigation:
Browse pkgsrc
(this page) 2010-01-21 22:11:20 by Matthias Scheler | Files touched by this commit (2) |  |
Log message: Pullup ticket #2965 - requested by spz bind95: security update Revisions pulled up: - net/bind95/Makefile 1.16 via patch - net/bind95/distinfo 1.12 --- Module Name: pkgsrc Committed By: spz Date: Thu Jan 21 19:42:16 UTC 2010 Modified Files: pkgsrc/net/bind95: Makefile distinfo Log message: security update: BIND 9.5.2-P2 is a SECURITY PATCH for BIND 9.5.2. It addresses two potential cache poisoning vulnerabilities, both of which could allow a validating recursive nameserver to cache data which had not been authenticated or was invalid. CVE identifiers: CVE-2009-4022, CVE-2010-0097 CERT advisories: VU#418861, VU#360341 Changes since 9.5.2-P1: 2831. [security] Do not attempt to validate or cache out-of-bailiwick data returned with a secure answer; it must be re-fetched from its original source and validated in that context. [RT #20819] 2828. [security] Cached CNAME or DNAME RR could be returned to clients without DNSSEC validation. [RT #20737] 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712] |
New packages: