Path to this page:
./
net/bind916,
Berkeley Internet Name Daemon implementation of DNS, version 9.16
Branch: CURRENT,
Version: 9.16.50nb5,
Package name: bind-9.16.50nb5,
Maintainer: pkgsrc-usersBIND, the Berkeley Internet Name Daemon.
This package contains the BIND 9.16 release. Upstream labels it as
receiving security fixes only.
MESSAGE.rcd [+/-]===========================================================================
$NetBSD: MESSAGE.rcd,v 1.1 2020/08/09 15:20:21 taca Exp $
Please consider running BIND under the pseudo user account "${BIND_USER}"
in a chroot environment for security reasons.
To achieve this, set the variable "named_chrootdir" in /etc/rc.conf to
the directory with the chroot environment e.g. "${BIND_DIR}".
Note: named(8) requires writable directories under "/etc/namedb" which
specified by "directory" in "options" statement:
cache
keys
nta
Make sure to these directories exists with writable by "${BIND_USER}" user.
===========================================================================
Package options: blacklist, readline, threads
Master sites:
Filesize: 5014.277 KB
Version history: (Expand)
- (2024-11-01) Updated to version: bind-9.16.50nb5
- (2024-11-01) Updated to version: bind-9.16.50nb4
- (2024-09-21) Updated to version: bind-9.16.50nb3
- (2024-05-29) Updated to version: bind-9.16.50nb2
- (2024-04-20) Updated to version: bind-9.16.50nb1
- (2024-04-18) Updated to version: bind-9.16.50
CVS history: (Expand)
2024-04-20 16:01:08 by Takahiro Kambe | Files touched by this commit (3) |
Log message:
net/bind916: fix blocklist handling
Apply change of revision 1.21 in NetBSD base which fixed PR bin/58170.
Bump PKGREVISION.
|
2024-04-18 15:39:53 by Takahiro Kambe | Files touched by this commit (2) | |
Log message:
net/bind916: update to 9.16.50
9.16.50 (2024-04-17)
This release marks the end of maintenance for the BIND 9.16 branch.
6364. [protocol] Add RESOLVER.ARPA to the built in empty zones.
[GL #4580]
6338. [func] Optimize slabheader placement, so the infrastructure
records are put in the beginning of the slabheader
linked list. [GL !8675]
|
2024-04-05 16:01:01 by Thomas Klausner | Files touched by this commit (49) |
Log message:
*: recursive bump for protobuf 26.1
|
2024-03-20 15:57:54 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
net/bind916: update to 9.16.49
9.16.49 (2024-03-20)
6356. [bug] Create the pruning task in the dns_cache_flush(), so
the cache pruning still works after the flush.
[GL #4621]
6353. [bug] Improve the TTL-based cleaning by removing the expired
headers from the heap, so they don't block the next
cleaning round and clean more than a single item for
each new addition to the RBTDB. [GL #4591]
6352. [bug] Decrease lock contention during RBTDB tree pruning
introduced in change 6319 by making the prunenodes list
bucketed and not cleaning up nodes recursively within a
single prune_tree() call. [GL #4596]
6350. [bug] Address use after free in expire_lru_headers. [GL #4495]
|
2024-02-13 16:25:33 by Takahiro Kambe | Files touched by this commit (4) | |
Log message:
net/bind916: update to 9.16.48
--- 9.16.48 released ---
6343. [bug] Fix case insensitive setting for isc_ht hashtable.
[GL #4568]
--- 9.16.47 released ---
6322. [security] Specific DNS answers could cause a denial-of-service
condition due to DNS validation taking a long time.
(CVE-2023-50387) [GL #4424]
6321. [security] Change 6315 inadvertently introduced regressions that
could cause named to crash. [GL #4234]
--- 9.16.46 released ---
6319. [security] Query patterns that continuously triggered cache
database maintenance could exhaust all available memory
on the host running named. (CVE-2023-6516) [GL #4383]
6317. [security] Restore DNS64 state when handling a serve-stale timeout.
(CVE-2023-5679) [GL #4334]
6316. [security] Specific queries could trigger an assertion check with
nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281]
6315. [security] Speed up parsing of DNS messages with many different
names. (CVE-2023-4408) [GL #4234]
6314. [bug] Address race conditions in dns_tsigkey_find().
[GL #4182]
6304. [bug] The wrong time was being used to determine what RRSIGs
where to be generated when dnssec-policy was in use.
[GL #4494]
6282. [func] Deprecate AES-based DNS cookies. [GL #4421]
|
2024-01-30 19:29:21 by Adam Ciarcinski | Files touched by this commit (47) |
Log message:
revbump for devel/abseil
|
2024-01-13 21:08:25 by Taylor R Campbell | Files touched by this commit (8) |
Log message:
*/builtin.mk: Disable for cross-build if executes target program.
We can't run target programs during cross-build, so we either need to
disable builtin detection or find another way to detect the target
program's version.
No change to native builds because this just makes some existing
logic conditional on native builds.
|
2023-11-18 05:05:50 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
net/bind916: updte to 9.16.45
Note: B.ROOT-SERVERS.NET's addresses will be changed November 27, 2023.
9.16.45 (2023-11-15)
6269. [maint] B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and
2801:1b8:10::b. [GL #4101]
6254. [cleanup] Add semantic patch to do an explicit cast from char
to unsigned char in ctype.h class of functions.
[GL #4327]
6250. [bug] The wrong covered value was being set by
dns_ncache_current for RRSIG records in the returned
rdataset structure. This resulted in TYPE0 being
reported as the covered value of the RRSIG when dumping
the cache contents. [GL #4314]
|