Subject: CVS commit: pkgsrc/net/bind98
From: Takahiro Kambe
Date: 2012-10-10 05:06:37
Message id: 20121010030638.06FF5175DD@cvs.netbsd.org

Log Message:
Update bind98 package to 9.8.4.

Here are change changes from release note.  Note security fixes except
CVE-2012-5166 should be already fixed in previous version of bind98 package.

Please refer https://kb.isc.org/article/AA-00797 for list of full bug fixes.

Security Fixes

* A deliberately constructed combination of records could cause named to hang
  while populating the additional section of a response. [CVE-2012-5166] [RT
  #31090]
* Prevents a named assert (crash) when queried for a record whose RDATA
  exceeds 65535 bytes [CVE-2012-4244] [RT #30416]
* Prevents a named assert (crash) when validating caused by using "Bad \ 
cache"
  data before it has been initialized. [CVE-2012-3817] [RT #30025]
* A condition has been corrected where improper handling of zero-length RDATA
  could cause undesirable behavior, including termination of the named
  process. [CVE-2012-1667] [RT #29644]

New Features

* Elliptic Curve Digital Signature Algorithm keys and signatures in DNSSEC are
  now supported per RFC 6605. [RT #21918]

Feature Changes

* Improves OpenSSL error logging [RT #29932]
* nslookup now returns a nonzero exit code when it is unable to get an answer.
  [RT #29492]

Files:
RevisionActionfile
1.18modifypkgsrc/net/bind98/Makefile
1.15modifypkgsrc/net/bind98/distinfo