Subject: CVS commit: [pkgsrc-2012Q3] pkgsrc/net/bind96
From: Matthias Scheler
Date: 2012-10-10 14:33:06
Message id: 20121010123306.AF349175DD@cvs.netbsd.org

Log Message:
Pullup ticket #3941 - requested by taca
net/bind96: security update

Revisions pulled up:
- net/bind96/Makefile                                           1.31-1.32
- net/bind96/distinfo                                           1.21

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Oct  3 21:59:10 UTC 2012

   Modified Files:
   	pkgsrc/net/bind96: Makefile

   Log Message:
   Bump all packages that use perl, or depend on a p5-* package, or
   are called p5-*.

   I hope that's all of them.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Oct 10 03:04:57 UTC 2012

   Modified Files:
   	pkgsrc/net/bind96: Makefile distinfo

   Log Message:
   Update bind96 to 9.6.3.1.ESV.7pl4 (BIND 9.6-ESV-R7-P4).

   Here are change changes from release note.  Note security fixes except
   CVE-2012-5166 should be already fixed in previous version of bind96 package.

   Please refer https://kb.isc.org/article/AA-00795 for list of full bug fixes.

   Security Fixes

   * A deliberately constructed combination of records could cause named to hang
     while populating the additional section of a response. [CVE-2012-5166] [RT
     #31090]
   * Prevents a named assert (crash) when queried for a record whose RDATA
     exceeds 65535 bytes [CVE-2012-4244] [RT #30416]
   * Prevents a named assert (crash) when validating caused by using "Bad \ 
cache"
     data before it has been initialized. [CVE-2012-3817] [RT #30025]
   * A condition has been corrected where improper handling of zero-length RDATA
     could cause undesirable behavior, including termination of the named
     process. [CVE-2012-1667] [RT #29644]

   New Features

     None

   Feature Changes

   * Improves OpenSSL error logging [RT #29932]
   * nslookup now returns a nonzero exit code when it is unable to get an answer.
     [RT #29492]

Files:
RevisionActionfile
1.30.2.1modifypkgsrc/net/bind96/Makefile
1.20.2.1modifypkgsrc/net/bind96/distinfo