Navigation:
Browse pkgsrc
(this page)
net bind916
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2021-08-02 20:45:35 by John Klos | Files touched by this commit (1) |
Log message: Fixed COMMENT because package is at 9.16. |
2021-07-22 15:30:24 by Havard Eidnes | Files touched by this commit (2) |  |
Log message:
Upgrade net/bind916 to version 9.16.19.
Upstream changes:
--- 9.16.19 released ---
5671. [bug] A race condition could occur where two threads were
competing for the same set of key file locks, leading to
a deadlock. This has been fixed. [GL #2786]
5670. [bug] create_keydata() created an invalid placeholder keydata
record upon a refresh failure, which prevented the
database of managed keys from subsequently being read
back. This has been fixed. [GL #2686]
5669. [func] KASP support was extended with the "check DS" \
feature.
Zones with "dnssec-policy" and \
"parental-agents"
configured now check for DS presence and can perform
automatic KSK rollovers. [GL #1126]
5668. [bug] Rescheduling a setnsec3param() task when a zone failed
to load on startup caused a hang on shutdown. This has
been fixed. [GL #2791]
5667. [bug] The configuration-checking code failed to account for
the inheritance rules of the "dnssec-policy" \
option.
This has been fixed. [GL #2780]
5666. [doc] The safe "edns-udp-size" value was tweaked to \
match the
probing value from BIND 9.16 for better compatibility.
[GL #2183]
5665. [bug] If nsupdate sends an SOA request and receives a REFUSED
response, it now fails over to the next available
server. [GL #2758]
5664. [func] For UDP messages larger than the path MTU, named now
sends an empty response with the TC (TrunCated) bit set.
In addition, setting the DF (Don't Fragment) flag on
outgoing UDP sockets was re-enabled. [GL #2790]
5662. [bug] Views with recursion disabled are now configured with a
default cache size of 2 MB unless \
"max-cache-size" is
explicitly set. This prevents cache RBT hash tables from
being needlessly preallocated for such views. [GL #2777]
5661. [bug] Change 5644 inadvertently introduced a deadlock: when
locking the key file mutex for each zone structure in a
different view, the "in-view" logic was not \
considered.
This has been fixed. [GL #2783]
5658. [bug] Increasing "max-cache-size" for a running \
named instance
(using "rndc reconfig") did not cause the hash \
tables
used by cache databases to be grown accordingly. This
has been fixed. [GL #2770]
5655. [bug] Signed, insecure delegation responses prepared by named
either lacked the necessary NSEC records or contained
duplicate NSEC records when both wildcard expansion and
CNAME chaining were required to prepare the response.
This has been fixed. [GL #2759]
5653. [bug] A bug that caused the NSEC3 salt to be changed on every
restart for zones using KASP has been fixed. [GL #2725]
|
| 2021-07-20 09:23:04 by Rin Okuyama | Files touched by this commit (2) |
Log message: net/bind916: Oops, fix reversed ``#if'' |
| 2021-07-20 08:41:46 by Rin Okuyama | Files touched by this commit (1) |
Log message: net/bind916 --disable-atomic is no longer supported |
| 2021-07-20 08:39:45 by Rin Okuyama | Files touched by this commit (8) |
Log message: net/bind916 Use atomic 32-bit integers where appropriate, revision++ Mostly taken from NetBSD base: - For counters, make sure to use 32-bit integers for !_LP64 platforms. In the previous revisions, this is partially done, i.e., incomplete. - For flags fit within 32-bit width, use 32-bit integers for everyone. In the previous, this is incomplete, and restricted for __NetBSD__. Fix and generalize to everyone. - Make comments in patches more helpful. Fix build for ILP32 platforms as reported in PR pkg/56315. Thanks jklos@ for testing. |
| 2021-06-23 22:33:18 by Nia Alarie | Files touched by this commit (103) |
Log message: Revbump for MySQL default change |
| 2021-06-19 15:18:21 by Juraj Lutter | Files touched by this commit (2) | |
Log message: net/bind916: Update to 9.6.18 This is a bugfix release. - Fixed a bug that caused the NSEC salt to be changed for KASP zones on every startup. - Signed, insecure delegation responses prepared by named either lacked the necessary NSEC records or contained duplicate NSEC records when both wildcard expansion and CNAME chaining were required to prepare the response. This has been fixed. - Queries where the wildcard match contained the letter W failed to return the correct response as the W was mapped to \000. - Checking of key-directory and dnssec-policy was broken. The checks failed to account for key-directory inheritance. Full release notes: https://bind9.readthedocs.io/en/v9_16/n … nd-9-16-18 |
2021-06-17 11:04:45 by Juraj Lutter | Files touched by this commit (7) |  |
Log message: net/bind916: Update to 9.16.17 Feature Changes: - After the network manager was introduced to named to handle incoming traffic, it was discovered that recursive performance had degraded compared to previous BIND 9 versions. This has now been fixed by processing internal tasks inside network manager worker threads, preventing resource contention among two sets of threads. - Zone dumping tasks are now run on separate asynchronous thread pools. This change prevents zone dumping from blocking network I/O. - inline-signing was incorrectly described as being inherited from the options/view levels and was incorrectly accepted at those levels without effect. This has been fixed; named.conf files with inline-signing at those levels no longer load. Full changelog: https://bind9.readthedocs.io/en/v9_16/n … nd-9-16-17 |
New packages: