Log message:
Update bind97 to bind-9.7.6pl3.

	--- 9.7.6-P3 released ---

3364.	[security]	Named could die on specially crafted record.
			[RT #30416]

Log message:
Make it clearer which package contains exactly which bind version.
Patch from Bug Hunting.

Log message:
patch release with fix for CVE-2012-3817:

           --- 9.7.6-P2 released ---

   3346.   [security]      Bad-cache data could be used before it was
                           initialized, causing an assert. [RT #30025]

   3342.   [bug]           Change #3314 broke saving of stub zones to disk
                           resulting in excessive cpu usage in some cases.
                           [RT #29952]

Log message:
Recursive PKGREVISION bump for libxml2 buildlink addition.

Log message:
Update bind97 to 9.7.6pl1 (BIND 9.7.6-P1).
Security release for CVE-2012-1667.

	--- 9.7.6-P1 released ---

3331.	[security]	dns_rdataslab_fromrdataset could produce bad
			rdataslabs. [RT #29644]

Log message:
Update bind97 package to 9.7.6.

New Features

*  None

Feature Changes

*  BIND now recognizes the TLSA resource record type, created to
   support IETF DANE (DNS-based Authentication of Named Entities)
   [RT #28989]

Bug Fixes

*  The locking strategy around the handling of iterative queries
   has been tuned to reduce unnecessary contention in a multi-threaded
   environment.  (Note that this may not provide a measurable
   improvement over previous versions of BIND, but it corrects the
   performance impact of change 3309 / RT #27995) [RT #29239]

*  Addresses a race condition that can cause named to to crash when
   the masters list for a zone is updated via rndc reload/reconfig
   [RT #26732]

*  Fixes a race condition in zone.c that can cause named to crash
   during the processing of rndc delzone [RT #29028]

*  Prevents a named segfault from resolver.c due to procedure
   fctx_finddone() not being thread-safe.  [RT #27995]

*  Uses hmctx, not mctx when freeing rbtdb->heaps to avoid triggering
   an assertion when flushing cache data. [RT #28571]

*  A new flag -R  has been added to queryperf for running tests
   using non-recursive queries.  It also now builds correctly on
   MacOS version 10.7 (darwin)  [RT #28565]

*  Named no longer crashes if gssapi is enabled in named.conf but
   was not compiled into the binary [RT #28338]

*  SDB now handles unexpected errors from back-end database drivers
   gracefully instead of exiting on an assert. [RT #28534]

Log message:
Add fix to a race condition in the resolver code that can cause a recursive
nameserver: <https://kb.isc.org/article/AA-00664>.

Bump PKGREVISION.

Log message:
Update bind97 package to 9.7.5.

Security Fixes

  + BIND 9 nameservers performing recursive queries could cache an
    invalid record and subsequent queries for that record could
    crash the resolvers with an assertion failure. [RT #26590]
    [CVE-2011-4313]

Feature Changes

  + It is now possible to explicitly disable DLV in named.conf by
    specifying "dnssec-lookaside no;". This is the default, but the
    ability to configure it makes it clearly visible to administrators.
    [RT #24858]

  + --enable-developer, a new composite argument to the configure
    script, enables a set of build options normally disabled but
    frequently selected in test or development builds, specifically:
    enable_fixed_rrset, with_atf, enable_filter_aaaa, enable_rpz_nsip,
    enable_rpz_nsdname, and with_dlz_filesystem (and on Linux and
    Darwin, also enable_exportlib) [RT #27103]

Log message:
Don't install doc/arm HTML files twice.

Log message:
BIND 9.7.4-P1 is a security patch for BIND 9.7.4.

* BIND 9 nameservers performing recursive queries could cache an invalid
  record and subsequent queries for that record could crash the resolvers
  with an assertion failure. [RT #26590]