Path to this page:
Next | Query returned 1 messages, browsing 1 to 10 | previous
CVS Commit History:
2012-10-10 14:54:07 by Matthias Scheler | Files touched by this commit (2) | |
Log message:
Pullup ticket #3942 - requested by taca
net/bind97: security update
Revisions pulled up:
- net/bind97/Makefile 1.20-1.21
- net/bind97/distinfo 1.17
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Oct 3 21:59:10 UTC 2012
Modified Files:
pkgsrc/net/bind97: Makefile
Log message:
Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.
I hope that's all of them.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Oct 10 03:05:52 UTC 2012
Modified Files:
pkgsrc/net/bind97: Makefile distinfo
Log message:
Update bind97 to 9.7.7 (BIND 9.7.7).
Here are change changes from release note. Note security fixes except
CVE-2012-5166 should be already fixed in previous version of bind97 package.
Please refer https://kb.isc.org/article/AA-00796 for list of full bug fixes.
Security Fixes
* A deliberately constructed combination of records could cause named to hang
while populating the additional section of a response. [CVE-2012-5166] [RT
#31090]
* Prevents a named assert (crash) when queried for a record whose RDATA
exceeds 65535 bytes [CVE-2012-4244] [RT #30416]
* Prevents a named assert (crash) when validating caused by using "Bad \
cache"
data before it has been initialized. [CVE-2012-3817] [RT #30025]
* A condition has been corrected where improper handling of zero-length RDATA
could cause undesirable behavior, including termination of the named
process. [CVE-2012-1667] [RT #29644]
New Features
None
Feature Changes
* Improves OpenSSL error logging [RT #29932]
* nslookup now returns a nonzero exit code when it is unable to get an answer.
[RT #29492]
|
Next | Query returned 1 messages, browsing 1 to 10 | previous