./net/bind916, Berkeley Internet Name Daemon implementation of DNS, version 9.16

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 9.16.31, Package name: bind-9.16.31, Maintainer: pkgsrc-users

BIND, the Berkeley Internet Name Daemon. This package contains the BIND
9.16 release.

* New dnssec-policy statement to configure a key and signing policy for
zones, enabling automatic key regeneration and rollover.
* New network manager based on libuv.
* Added support for the new GeoIP2 geolocation API, libmaxminddb.
* Improved DNSSEC trust anchor configuration using the trust-anchors
statement, permitting configuration of trust anchors in DS as well as
DNSKEY format.
* YAML output for dig, mdig, and delv.

MESSAGE.rcd [+/-]

Package options: blacklist, readline, threads

Master sites:

Filesize: 4968.188 KB

Version history: (Expand)

CVS history: (Expand)

   2022-07-20 17:14:14 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
net/bind916: update to 9.16.31

9.6.31 (2022-07-20)

5917.	[bug]		Update ifconfig.sh script as is miscomputed interface
			identifiers when destroying interfaces. [GL #3061]

5915.	[bug]		Detect missing closing brace (}) and computational
			overflows in $GENERATE directives. [GL #3429]

5913.	[bug]		Fix a race between resolver query timeout and
			validation in resolver.c:validated(). Remove
			resolver.c:maybe_destroy() as it is no loger needed.
			[GL #3398]

5909.	[bug]		The server-side destination port was missing from dnstap
			captures of client traffic. [GL #3309]

5905.	[bug]		When the TCP connection would be closed/reset between
			the connect/accept and the read, the uv_read_start()
			return value would be unexpected and cause an assertion
			failure. [GL #3400]

5903.	[bug]		When named checks that the OPCODE in a response matches
			that of the request, if there is a mismatch named logs
			an error.  Some of those error messages incorrectly
			used RCODE instead of OPCODE to lookup the nemonic.
			This has been corrected. [GL !6420]
   2022-07-19 13:56:01 by Jonathan Perkin | Files touched by this commit (2)
Log message:
bind916: Fix SMF method script.  Bump PKGREVISION.
   2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952)
Log message:
*: recursive bump for perl 5.36
   2022-06-15 16:02:36 by Takahiro Kambe | Files touched by this commit (4) | Package updated
Log message:
net/bind916: update to 9.16.30

	--- 9.16.30 released ---

5899.	[func]		Don't try to process DNSSEC-related and ZONEMD records
			in catz. [GL #3380]

5890.	[bug]		When the fetches-per-server quota was adjusted
			because of an authoritative server timing out more
			or less frequently, it was incorrectly set to 1
			rather than the intended value.  This has been
			fixed. [GL #3327]

5888.	[bug]		Only write key files if the dnssec-policy keymgr has
			changed the metadata. [GL #3302]

5823.	[func]		Replace hazard pointers based lock-free list with
			locked-list based queue that's simpler and has no or
			little performance impact. [GL #3180]
   2022-05-18 17:05:08 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
net/bind916: update to 9.16.29

This release contains a fix for CVE-2022-1183.

	--- 9.16.29 released ---

5885.	[bug]		RPZ NSIP and NSDNAME rule processing didn't handle stub
			and static-stub zones at or above the query name.  This
			has now been addressed. [GL #3232]

5881.	[bug]		dig +nssearch could hang in rare cases when recv_done()
			callback was being called earlier than send_done().
			[GL #3278]

5880.	[func]		Add new named command-line option -C to print built-in
			defaults. [GL #1326]

5879.	[contrib]	dlz: Add FALLTHROUGH and UNREACHABLE macros. [GL #3306]

5874.	[bug]		keymgr didn't work with python 3.11. [GL !6157]

5866.	[bug]		Work around a jemalloc quirk which could trigger an
			out-of-memory condition in named over time. [GL #3287]

5863.	[bug]		If there was a pending negative cache DS entry,
			validations depending upon it could fail. [GL #3279]

5858.	[bug]		Don't remove CDS/CDNSKEY DELETE records on zone sign
			when using 'auto-dnssec maintain;'. [GL #2931]
   2022-04-21 16:14:46 by Takahiro Kambe | Files touched by this commit (7) | Package updated
Log message:
net/bind916: update to 9.16.28

	--- 9.16.28 released ---

5856.	[bug]		The "starting maxtime timer" message related to outgoing
			zone transfers was incorrectly logged at the ERROR level
			instead of DEBUG(1). [GL #3208]

5852.	[func]		Add new "reuseport" option to enable/disable load
			balancing of sockets. [GL #3249]

5843.	[bug]		When an UPDATE targets a zone that is not configured,
			the requested zone name is now logged in the "not
			authoritative" error message, so that it is easier to
			track down problematic update clients. [GL #3209]

5836.	[bug]		Quote the dns64 prefix in error messages that complain
			about problems with it, to avoid confusion with the
			following dns64 ACLs. [GL #3210]

5834.	[cleanup]	C99 variable-length arrays are difficult to use safely,
			so avoid them except in test code. [GL #3201]

5828.	[bug]		Replace single TCP write timer with per-TCP write
			timers. [GL #3200]

5824.	[bug]		Invalid dnssec-policy definitions were being accepted
			where the defined keys did not cover both KSK and ZSK
			roles for a given algorithm.  This is now checked for
			and the dnssec-policy is rejected if both roles are
			not present for all algorithms in use. [GL #3142]
   2022-04-18 21:12:27 by Adam Ciarcinski | Files touched by this commit (1798) | Package updated
Log message:
revbump for textproc/icu update
   2022-04-03 20:50:21 by Adam Ciarcinski | Files touched by this commit (51)
Log message:
revbump for devel/protobuf