From owner-cvs-src-old@FreeBSD.ORG Wed Jul 6 00:51:07 2011 Return-Path: Delivered-To: cvs-src-old@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B301E106564A for ; Wed, 6 Jul 2011 00:51:07 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 856148FC20 for ; Wed, 6 Jul 2011 00:51:07 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.4/8.14.4) with ESMTP id p660p74n048484 for ; Wed, 6 Jul 2011 00:51:07 GMT (envelope-from dougb@repoman.freebsd.org) Received: (from svn2cvs@localhost) by repoman.freebsd.org (8.14.4/8.14.4/Submit) id p660p7Xm048483 for cvs-src-old@freebsd.org; Wed, 6 Jul 2011 00:51:07 GMT (envelope-from dougb@repoman.freebsd.org) Message-Id: <201107060051.p660p7Xm048483@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to dougb@repoman.freebsd.org using -f From: Doug Barton Date: Wed, 6 Jul 2011 00:50:54 +0000 (UTC) To: cvs-src-old@freebsd.org X-FreeBSD-CVS-Branch: RELENG_8 Subject: cvs commit: src/contrib/bind9 CHANGES version src/contrib/bind9/bin/named bind9.xsl.h src/contrib/bind9/lib/dns api masterdump.c message.c ncache.c rbtdb.c rdataset.c resolver.c validator.c src/contrib/bind9/lib/dns/include/dns masterdump.h ... X-BeenThere: cvs-src-old@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: **OBSOLETE** CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2011 00:51:07 -0000 dougb 2011-07-06 00:50:54 UTC FreeBSD src repository Modified files: (Branch: RELENG_8) contrib/bind9 CHANGES version contrib/bind9/bin/named bind9.xsl.h contrib/bind9/lib/dns api masterdump.c message.c ncache.c rbtdb.c rdataset.c resolver.c validator.c contrib/bind9/lib/dns/include/dns masterdump.h rdataset.h Log: SVN rev 223815 on 2011-07-06 00:50:54Z by dougb Update to version 9.6-ESV-R4-P3 ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY This update addresses the following vulnerability: CVE-2011-2464 ============= Severity: High Exploitable: Remotely Description: A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 https://www.isc.org/software/bind/advisories/cve-2011-2464 Revision Changes Path 1.9.2.9 +13 -0 src/contrib/bind9/CHANGES 1.1.2.1 +3 -3 src/contrib/bind9/bin/named/bind9.xsl.h 1.7.2.8 +1 -1 src/contrib/bind9/lib/dns/api 1.2.2.2 +2 -2 src/contrib/bind9/lib/dns/include/dns/masterdump.h 1.2.2.5 +3 -2 src/contrib/bind9/lib/dns/include/dns/rdataset.h 1.3.2.4 +15 -17 src/contrib/bind9/lib/dns/masterdump.c 1.3.2.3 +7 -7 src/contrib/bind9/lib/dns/message.c 1.2.2.5 +7 -2 src/contrib/bind9/lib/dns/ncache.c 1.3.2.7 +26 -14 src/contrib/bind9/lib/dns/rbtdb.c 1.2.2.5 +3 -3 src/contrib/bind9/lib/dns/rdataset.c 1.6.2.6 +8 -7 src/contrib/bind9/lib/dns/resolver.c 1.4.2.9 +6 -4 src/contrib/bind9/lib/dns/validator.c 1.9.2.9 +2 -2 src/contrib/bind9/version