Path to this page:
Subject: CVS commit: [pkgsrc-2011Q2] pkgsrc/net/bind96
From: Matthias Scheler
Date: 2011-08-22 23:39:00
Message id: 20110822213900.8952E175DD@cvs.netbsd.org
Log Message:
Pullup ticket #3508 - requested by taca
net/bind96: security update
Revisions pulled up:
- net/bind96/Makefile 1.20
- net/bind96/PLIST 1.8
- net/bind96/distinfo 1.13
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 10 15:24:51 UTC 2011
Modified Files:
pkgsrc/net/bind96: Makefile PLIST distinfo
Log Message:
Update bind96 pacakge to 9.6.3.1.ESV.5 (9.6-ESV-R5).
For full changes, please refer:
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5/RELEASE-NOTES-BIND-9.6-ESV.html
New Features
9.6-ESV-R5
* Added a tool able to generate malformed packets to allow testing of
how named handles them. [RT #24096]
Security Fixes
9.6-ESV-R5
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 populated the message section in replies to UPDATE
requests, which some Windows clients wanted. This exposed a latent
bug that allowed the response message to crash named. With this
fix, change 2912 has been reduced to copy only the zone section to
the reply. A more complete fix for the latent bug will be released
later. [RT #24777]
Feature Changes
9.6-ESV-R5
* Merged in the NetBSD ATF test framework (currently version 0.12)
for development of future unit tests. Use configure --with-atf to
build ATF internally or configure --with-atf=prefix to use an
external copy. [RT #23209]
* Added more verbose error reporting from DLZ LDAP. [RT #23402]
* Replaced compile time constant with STDTIME_ON_32BITS. [RT #23587]
Files: