Subject: CVS commit: pkgsrc/net/bind916
From: Takahiro Kambe
Date: 2021-03-21 05:16:17
Message id: 20210321041617.DF5E6FA95@cvs.NetBSD.org
Log Message:
net/bind916: update to 9.16.13

9.16.13 (2022-03-17)

New Features

* A new purge-keys option has been added to dnssec-policy. It sets the
  period of time that key files are retained after becoming obsolete
  due to a key rollover; the default is 90 days. This feature can be
  disabled by setting purge-keys to 0. [GL #2408]

Feature Changes

* When serve-stale is enabled and stale data is available, named now
  returns stale answers upon encountering any unexpected error in the
  query resolution process. This may happen, for example, if the
  fetches-per-server or fetches-per-zone limits are reached. In this
  case, named attempts to answer DNS requests with stale data, but
  does not start the stale-refresh-time window. [GL #2434]

Bug Fixes

* Zone journal (.jnl) files created by versions of named prior to
  9.16.12 were no longer compatible; this could cause problems when
  upgrading if journal files were not synchronized first. This has
  been corrected: older journal files can now be read when starting
  up. When an old-style journal file is detected, it is updated to the
  new format immediately after loading.

  Note that journals created by the current version of named are not
  usable by versions prior to 9.16.12. Before downgrading to a prior
  release, users are advised to ensure that all dynamic zones have
  been synchronized using rndc sync -clean.

  A journal file's format can be changed manually by running
  named-journalprint -d (downgrade) or named-journalprint -u
  (upgrade). Note that this must not be done while named is
  running. [GL #2505]

* named crashed when it was allowed to serve stale answers and
  stale-answer-client-timeout was triggered without any (stale) data
  available in the cache to answer the query. [GL #2503]

* If an outgoing packet exceeded max-udp-size, named dropped it
  instead of sending back a proper response. To prevent this problem,
  the IP_DONTFRAG option is no longer set on UDP sockets, which has
  been happening since BIND 9.16.11. [GL #2466]

* NSEC3 records were not immediately created when signing a dynamic
  zone using dnssec-policy with nsec3param. This has been fixed. [GL
  #2498]

* A memory leak occurred when named was reconfigured after adding an
  inline-signed zone with auto-dnssec maintain enabled. This has been
  fixed. [GL #2041]

* An invalid direction field (not one of N, S, E, W) in a LOC record
  resulted in an INSIST failure when a zone file containing such a
  record was loaded. [GL #2499]
Files:
RevisionActionfile
1.11modifypkgsrc/net/bind916/Makefile
1.4modifypkgsrc/net/bind916/PLIST
1.11modifypkgsrc/net/bind916/distinfo
1.4modifypkgsrc/net/bind916/patches/patch-config.h.in
1.2modifypkgsrc/net/bind916/patches/patch-lib_dns_zone.c
1.3modifypkgsrc/net/bind916/patches/patch-lib_isc_include_isc_netmgr.h
1.1removepkgsrc/net/bind916/patches/patch-lib_isc_hp.c