./net/bind914, Berkeley Internet Name Daemon implementation of DNS, version 9.14

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 9.14.12nb1, Package name: bind-9.14.12nb1, Maintainer: pkgsrc-users

BIND, the Berkeley Internet Name Daemon. This package contains the BIND
9.14 release.

* A new "plugin" mechanism has been added to allow query functionality
to be extended using dynamically loadable libraries. The "filter-aaaa"
feature has been removed from named and is now implemented as a
plugin.
* QNAME minimization, as described in RFC 7816, is now supported.
* Socket and task code has been refactored to improve performance on
most modern machines.
* "Root key sentinel" support, enabling validating resolvers to indicate
via a special query which trust anchors are configured for the root
zone.
* Secondary zones can now be configured as "mirror" zones; their
contents are transferred in as with traditional slave zones, but are
subject to DNSSEC validation and are not treated as authoritative data
when answering. This makes it easier to configure a local copy of the
root zone as described in RFC 7706.
* The "validate-except" option allows configuration of domains below
which DNSSEC validation should not be performed.
* The default value of "dnssec-validation" is now "auto".
* IDNA2008 is now supported when linking with libidn2.
* "named -V" now outputs the default paths for files used by named and
other tools.

MESSAGE.rcd [+/-]

Required to run:
[security/openssl]

Required to build:
[pkgtools/cwrappers]

Package options: blacklist, readline, threads

Master sites:

SHA1: 20fd9f09f251dcd367b6221a954ef68ac501de51
RMD160: 82ac9214698eee669f658e3d833727b431b8579a
Filesize: 6170.813 KB

Version history: (Expand)


CVS history: (Expand)


   2020-06-30 19:27:06 by Matthias Scheler | Files touched by this commit (1)
Log message:
net/bind914: Fix build under NetBSD-current

This package automatically enabled the "blacklist" option under recent
enough versions of NetBSD. However in NetBSD-current the "blacklist"
library has been replaced by the "blocklist" library which BIND currently
doesn't support. And as result the build failed with the default option
because the "blacklist" could not be found.

Change the option check to only enable this option under NetBSD if the
"blacklist" header file can be found. This fixes the build under
NetBSD-current with the default options.

The correct long term fixed would be:
* Wait for a BIND version which supports "blocklist" instead of \ 
"blacklist"
* Add "blocklist" as a package in "pkgsrc" with an \ 
appropriate "builtin.mk"
   2020-06-02 10:25:05 by Adam Ciarcinski | Files touched by this commit (1689)
Log message:
Revbump for icu
   2020-05-30 16:21:32 by Takahiro Kambe | Files touched by this commit (3)
Log message:
net/bind914: fix build problem if PKG_DEVELOPER is enabled

There was build problem after pkg-config was aded to USE_TOOLS if
PKG_DEVELOPER is enabled, causing WRKDIR reference.

Fix method is dirty (or quick) hack.
   2020-05-21 14:45:47 by Jonathan Perkin | Files touched by this commit (2)
Log message:
bind*: Require pkg-config.
   2020-05-19 12:23:04 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
net/bind914: update to 9.14.12

Update bind914 to 9.14.12 (BIND 9.14.12).

Note from release announce:

BIND 9.14.12 is the final planned release in the now End-of-Life (EOL)
9.14 branch.

	--- 9.14.12 released ---

5395.	[security]	Further limit the number of queries that can be
			triggered from a request.  Root and TLD servers
			are no longer exempt from max-recursion-queries.
			Fetches for missing name server address records
			are limited to 4 for any domain. (CVE-2020-8616)
			[GL #1388]

5390.	[security]	Replaying a TSIG BADTIME response as a request could
			trigger an assertion failure. (CVE-2020-8617)
			[GL #1703]

5376.	[bug]		Fix ineffective DNS rebinding protection when BIND is
			configured as a forwarding DNS server. Thanks to Tobias
			Klein. [GL #1574]

5358.	[bug]		Inline master zones whose master files were touched
			but otherwise unchanged and were subsequently reloaded
			may have stopped re-signing. [GL !3135]

5357.	[bug]		Newly added RRSIG records with expiry times before
			the previous earliest expiry times might not be
			re-signed in time.  This was a side effect of 5315.
			[GL !3137]
   2020-05-10 16:25:42 by Roland Illig | Files touched by this commit (1)
Log message:
net/bind914: remove unknown configure option
   2020-03-26 14:54:35 by Nia Alarie | Files touched by this commit (1)
Log message:
bind914: Disable Linux capabilities if there's no sys/capability.h
   2020-02-20 17:37:06 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
net/bind914: update to 9.14.11

Update bind914 to 9.14.11 (BIND 9.14.11).

	--- 9.14.11 released ---

5353.	[doc]		Document port and dscp parameters in forwarders
			configuration option. [GL #914]

5352.	[bug]		Correctly handle catalog zone entries containing
			characters that aren't legal in filenames. [GL #1592]

5351.	[bug]		CDS / CDNSKEY consistency checks failed to handle
			removal records. [GL #1554]

5350.	[bug]		When a view was configured with class CHAOS, the
			server could crash while processing a query for a
			non-existent record. [GL #1540]

5348.	[bug]		dnssec-settime -Psync was not being honoured.
			[GL !2925]