Subject: CVS commit: pkgsrc/net/bind99
From: Takahiro Kambe
Date: 2017-04-13 03:53:35
Message id: 20170413015335.F1809FBE4@cvs.NetBSD.org

Log Message:
Update bind99 to 9.9.9pl8 (BIND 9.9.9-P8).

Quote from release announce:

   BIND 9.9.9-P8 addresses the security issues described in CVE-2017-3136,
   CVE-2017-3137, and CVE-2017-3138, and updates the built-in trusted keys
   for the root zone.

Quote from CHANGELOG:

	--- 9.9.9-P8 released ---

4582.	[security]	'rndc ""' could trigger a assertion failure in named.
			(CVE-2017-3138) [RT #44924]

4580.	[bug]		4578 introduced a regression when handling CNAME to
			referral below the current domain. [RT #44850]

	--- 9.9.9-P7 released ---

4578.	[security]	Some chaining (CNAME or DNAME) responses to upstream
			queries could trigger assertion failures.
			(CVE-2017-3137) [RT #44734]

4575.	[security]	DNS64 with "break-dnssec yes;" can result in an
			assertion failure. (CVE-2017-3136) [RT #44653]

4564.	[maint]		Update the built in managed keys to include the
			upcoming root KSK. [RT #44579]

Files:
RevisionActionfile
1.66modifypkgsrc/net/bind99/Makefile
1.44modifypkgsrc/net/bind99/distinfo