Path to this page:
./
net/bind916,
Berkeley Internet Name Daemon implementation of DNS, version 9.14
Branch: CURRENT,
Version: 9.16.10,
Package name: bind-9.16.10,
Maintainer: pkgsrc-usersBIND, the Berkeley Internet Name Daemon. This package contains the BIND
9.16 release.
* New dnssec-policy statement to configure a key and signing policy for
zones, enabling automatic key regeneration and rollover.
* New network manager based on libuv.
* Added support for the new GeoIP2 geolocation API, libmaxminddb.
* Improved DNSSEC trust anchor configuration using the trust-anchors
statement, permitting configuration of trust anchors in DS as well as
DNSKEY format.
* YAML output for dig, mdig, and delv.
MESSAGE.rcd [+/-]===========================================================================
$NetBSD: MESSAGE.rcd,v 1.1 2020/08/09 15:20:21 taca Exp $
Please consider running BIND under the pseudo user account "${BIND_USER}"
in a chroot environment for security reasons.
To achieve this, set the variable "named_chrootdir" in /etc/rc.conf to
the directory with the chroot environment e.g. "${BIND_DIR}".
Note: named(8) requires writable directories under "/etc/namedb" which
specified by "directory" in "options" statement:
cache
keys
nta
Make sure to these directories exists with writable by "${BIND_USER}" user.
===========================================================================
Package options: blacklist, readline, threads
Master sites:
SHA1: 016dc93596272d607a88439b247eacecd3eeca03
RMD160: 78897fd2473e0ba2b4ce54cc2382c3defd50af1a
Filesize: 3193.063 KB
Version history: (Expand)
- (2020-12-19) Updated to version: bind-9.16.10
- (2020-11-26) Updated to version: bind-9.16.9
- (2020-11-05) Updated to version: bind-9.16.7nb1
- (2020-09-19) Updated to version: bind-9.16.7
- (2020-09-01) Updated to version: bind-9.16.6nb1
- (2020-08-23) Updated to version: bind-9.16.6
CVS history: (Expand)
2021-01-13 10:34:30 by Nia Alarie | Files touched by this commit (2) |
Log message:
bind: Disable atomic operations on i386 too.
|
2020-12-19 17:41:36 by Takahiro Kambe | Files touched by this commit (14) |  |
Log message:
net/bind916: update to 9.16.10
Update bind916 to 9.16.10 (BIND 9.16.10).
pkgsrc changes:
* Make blocklist/blacklist support really compiled in.
* Fix build problem with pkcs11 PKG_OPTIONS and allow to use it.
--- 9.16.10 released ---
5544. [func] Restore the default value of "nocookie-udp-size" to 4096
bytes. [GL #2250]
5541. [func] Adjust the "max-recursion-queries" default from 75 to
100. [GL #2305]
5540. [port] Fix building with native PKCS#11 support for AEP Keyper.
[GL #2315]
5539. [bug] Tighten handling of missing DNS COOKIE responses over
UDP by falling back to TCP. [GL #2275]
5538. [func] Add NSEC3 support to KASP. A new option for
"dnssec-policy", "nsec3param", can be used to set the
desired NSEC3 parameters. NSEC3 salt collisions are
automatically prevented during resalting. Salt
generation is now logged with zone context. [GL #1620]
5534. [bug] The CNAME synthesized from a DNAME was incorrectly
followed when the QTYPE was CNAME or ANY. [GL #2280]
|
2020-11-26 14:21:51 by Takahiro Kambe | Files touched by this commit (10) |  |
Log message:
net/bind916: update to 9.16.9
--- 9.16.9 released ---
5533. [func] Add the "stale-refresh-time" option, a time window that
starts after a failed lookup, during which a stale RRset
is served directly from cache before a new attempt to
refresh it is made. [GL #2066]
5530. [bug] dnstap did not capture responses to forwarded UPDATE
requests. [GL #2252]
5527. [bug] A NULL pointer dereference occurred when creating an NTA
recheck query failed. [GL #2244]
5525. [bug] Change 5503 inadvertently broke cross-compilation by
replacing a call to AC_LINK_IFELSE() with a call to
AC_RUN_IFELSE() in configure.ac. This has been fixed,
making cross-compilation possible again. [GL #2237]
5523. [bug] The initial lookup in a zone transitioning to/from a
signed state could fail if the DNSKEY RRset was not
found. [GL #2236]
5522. [bug] Fixed a race/NULL dereference in TCPDNS send. [GL #2227]
5520. [bug] Fixed a number of shutdown races, reference counting
errors, and spurious log messages that could occur
in the network manager. [GL #2221]
5518. [bug] Stub zones now work correctly with primary servers using
"minimal-responses yes". [GL #1736]
5517. [bug] Do not treat UV_EOF as a TCP4RecvErr or a TCP6RecvErr.
[GL #2208]
--- 9.16.8 released ---
5516. [func] The default EDNS buffer size has been changed from 4096
to 1232 bytes. [GL #2183]
5515. [func] Add 'rndc dnssec -rollover' command to trigger a manual
rollover for a specific key. [GL #1749]
5514. [bug] Fix KASP expected key size for Ed25519 and Ed448.
[GL #2171]
5513. [doc] The ARM section describing the "rrset-order" statement
was rewritten to make it unambiguous and up-to-date with
the source code. [GL #2139]
5512. [bug] "rrset-order" rules using "order none" were causing
named to crash despite named-checkconf treating them as
valid. [GL #2139]
5511. [bug] 'dig -u +yaml' failed to display timestamps to the
microsecond. [GL #2190]
5510. [bug] Implement the attach/detach semantics for dns_message_t
to fix a data race in accessing an already-destroyed
fctx->rmessage. [GL #2124]
5509. [bug] filter-aaaa: named crashed upon shutdown if it was in
the process of recursing for A RRsets. [GL #1040]
5508. [func] Added new parameter "-expired" for "rndc \
dumpdb" that
also prints expired RRsets (awaiting cleanup) to the
dump file. [GL #1870]
5507. [bug] Named could compute incorrect SIG(0) responses.
[GL #2109]
5506. [bug] Properly handle failed sysconf() calls, so we don't
report invalid memory size. [GL #2166]
5505. [bug] Updating contents of a mixed-case RPZ could cause some
rules to be ignored. [GL #2169]
5503. [bug] Cleaned up reference counting of network manager
handles, now using isc_nmhandle_attach() and _detach()
instead of _ref() and _unref(). [GL #2122]
|
2020-11-07 15:28:31 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
net/bind916: Correct typo in previous commit
|
2020-11-07 15:26:21 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
net/bind916: fix build problem
Fix build problem on platform which supports epoll(2).
|
2020-11-05 10:09:30 by Ryo ONODERA | Files touched by this commit (1814) |
Log message:
*: Recursive revbump from textproc/icu-68.1
|
2020-09-19 15:09:27 by Takahiro Kambe | Files touched by this commit (5) |  |
Log message:
net/bind916: update to 9.16.7
Update bind916 pacakge to 9.16.7.
--- 9.16.7 released ---
5501. [func] Log CDS/CDNSKEY publication. [GL #1748]
5500. [bug] Fix (non-)publication of CDS and CDNSKEY records.
[GL #2103]
5499. [func] Add '-P ds' and '-D ds' arguments to dnssec-settime.
[GL #1748]
5497. [bug] 'dig +bufsize=0' failed to disable EDNS. [GL #2054]
5496. [bug] Address a TSAN report by ensuring each rate limiter
object holds a reference to its task. [GL #2081]
5495. [bug] With query minimization enabled, named failed to
resolve ip6.arpa. names that had extra labels to the
left of the IPv6 part. [GL #1847]
5494. [bug] Silence the EPROTO syslog message on older systems.
[GL #1928]
5493. [bug] Fix off-by-one error when calculating new hash table
size. [GL #2104]
5492. [bug] Tighten LOC parsing to reject a period (".") and/or \
"m"
as a value. Fix handling of negative altitudes which are
not whole meters. [GL #2074]
5491. [bug] rbtversion->glue_table_size could be read without the
appropriate lock being held. [GL #2080]
5489. [bug] Named erroneously accepted certain invalid resource
records that were incorrectly processed after
subsequently being written to disk and loaded back, as
the wire format differed. Such records include: CERT,
IPSECKEY, NSEC3, NSEC3PARAM, NXT, SIG, TLSA, WKS, and
X25. [GL !3953]
5488. [bug] NTA code needed to have a weak reference on its
associated view to prevent the latter from being deleted
while NTA tests were being performed. [GL #2067]
5486. [func] Add 'rndc dnssec -checkds' command, which signals to
named that the DS record for a given zone or key has
been updated in the parent zone. [GL #1613]
|
2020-09-03 22:35:17 by Juraj Lutter | Files touched by this commit (1) |
Log message:
net/bind916: Explicitly disable lmdb with lmdb option unset
Disable lmdb explicitly to instruct configure to not look for lmdb at all.
|