Subject: CVS commit: [pkgsrc-2012Q1] pkgsrc/net/bind98
From: Matthias Scheler
Date: 2012-05-22 11:29:13
Message id:

Log Message:
Pullup ticket #3798 - requested by taca
net/bind98: security update

Revisions pulled up:
- net/bind98/Makefile                                           1.10-1.11
- net/bind98/distinfo                                           1.10-1.11
- net/bind98/files/                                    1.2
- net/bind98/patches/         1.1-1.2
- net/bind98/patches/patch-lib_dns_resolver.c                   deleted

   Module Name:    pkgsrc
   Committed By:   marino
   Date:           Sun May 20 13:22:40 UTC 2012

   Modified Files:
           pkgsrc/net/bind98: distinfo
   Added Files:

   Log Message:
   net/bind98: Fix undefined reference to 'main'

   Bind98 needs the same fix bind99 received on 23 Mar 2012 to fix the
   linking of

   Module Name:	pkgsrc
   Committed By:	marino
   Date:		Sun May 20 09:10:44 UTC 2012

   Modified Files:
   	pkgsrc/net/bind98: Makefile

   Log Message:
   PR#45780 net/bind98: Fix chroot operation

   Implemented per PR.

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 22 03:32:31 UTC 2012

   Modified Files:
   	pkgsrc/net/bind98: Makefile distinfo
   Removed Files:
   	pkgsrc/net/bind98/patches: patch-lib_dns_resolver.c

   Log Message:
   Update bind98 to 9.8.3.

   pkgsrc change: add an comment to patches/

   Changes from release announce:

   Security Fixes

   *  Windows binary packages distributed by ISC are now built and linked
      against OpenSSL 1.0.0i

   New Features

   *  None

   Feature Changes

   *  BIND now recognizes the TLSA resource record type, created to
      support IETF DANE (DNS-based Authentication of Named Entities)
      [RT #28989]

   Bug Fixes

   *  The locking strategy around the handling of iterative queries
      has been tuned to reduce unnecessary contention in a multi-threaded
      environment.  (Note that this may not provide a measurable
      improvement over previous versions of BIND, but it corrects the
      performance impact of change 3309 / RT #27995) [RT #29239]

   *  Addresses a race condition that can cause named to to crash when
      the masters list for a zone is updated via rndc reload/reconfig
      [RT #26732]

   *  named-checkconf now correctly validates dns64 clients acl
      definitions. [RT #27631]

   *  Fixes a race condition in zone.c that can cause named to crash
      during the processing of rndc delzone [RT #29028]

   *  Prevents a named segfault from resolver.c due to procedure
      fctx_finddone() not being thread-safe.  [RT #27995]

   *  Improves DNS64 reverse zone performance. [RT #28563]

   *  Adds wire format lookup method to sdb. [RT #28563]

   *  Uses hmctx, not mctx when freeing rbtdb->heaps to avoid triggering
      an assertion when flushing cache data. [RT #28571]

   *  Resolves inconsistencies in locating DNSSEC keys where zone names
      contain characters that require special mappings [RT #28600]

   *  A new flag -R  has been added to queryperf for running tests
      using non-recursive queries.  It also now builds correctly on
      MacOS version 10.7 (darwin)  [RT #28565]

   *  Named no longer crashes if gssapi is enabled in named.conf but
      was not compiled into the binary [RT #28338]

   *  SDB now handles unexpected errors from back-end database drivers
      gracefully instead of exiting on an assert. [RT #28534]