From owner-freebsd-ports@freebsd.org  Sun Oct 20 10:07:52 2019
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 662B915A712
 for <freebsd-ports@mailman.nyi.freebsd.org>;
 Sun, 20 Oct 2019 10:07:52 +0000 (UTC)
 (envelope-from koobs.freebsd@gmail.com)
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com
 [IPv6:2607:f8b0:4864:20::62c])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46wwSR2XScz4Zsp
 for <freebsd-ports@freebsd.org>; Sun, 20 Oct 2019 10:07:51 +0000 (UTC)
 (envelope-from koobs.freebsd@gmail.com)
Received: by mail-pl1-x62c.google.com with SMTP id s17so5058946plp.6
 for <freebsd-ports@freebsd.org>; Sun, 20 Oct 2019 03:07:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=sender:reply-to:subject:to:cc:references:from:message-id:date
 :user-agent:mime-version:in-reply-to:content-language
 :content-transfer-encoding;
 bh=Eya3KPQAdywuwYLr9BsBC8Av66tLx65uTrYuYWG/BDM=;
 b=NQPjLoUYQ5IypDYmUvdC/euM/q9P/llfvrMe0PudYH0WeMOKkEYCjlkcTFmgk9Qh6B
 xl0WoMpSlrVL0CRFy83aPDacF9fwSaR1MeSfWNeDKgNorcNg+Hwk1/7BJd0N/Kdafla7
 lQ1Ol/EmAxTATh3eLXgS2JIRJawRG9V3DS/8C6s+NapI2X77DpCpjpcHN8gLXwEvFNpN
 9drnz5DSEuiV2a032D4bNMcmbJ7JEGcBMlcYSt57LX2aQ8FsHgG8Jc970SGaO2+vzGa8
 YxewJSP5d/eYLv3GLpESdX3MgFdBiUbfclRvWtEiaPTW1hLuEz6vq/fBnaDguYKU+FsM
 GzAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:sender:reply-to:subject:to:cc:references:from
 :message-id:date:user-agent:mime-version:in-reply-to
 :content-language:content-transfer-encoding;
 bh=Eya3KPQAdywuwYLr9BsBC8Av66tLx65uTrYuYWG/BDM=;
 b=e+fJ5d320jAHIzHv0DiyyJXM4/AloOB3b6wlZg6RXEKoDrITPxUHlVlkCs+cBWDSdv
 eoovw7eRZnewbjx+1KtsqIXq6janKfDpxAsx57H/eQmAtunkZZT3wzEDIwNc4bcH+R3T
 Fyh1Fo0z8uM3Nl4+qjsDy1fYS/1eIl74+4RdKSXwsnojJif5GqE/xmHFVlf0Ujfan+yY
 eE7MK4GVNgBxEB9xCMwfJUXj3mZBa8jTyViWZ/DYtoGBoBaZYBhCyiNAU/mBG83+ECmV
 TJMtL5h6HJSTQOCjTUKaBDbyTd75Uw33UvBcv7GI+SCOdBuvivIPdzXO5C07LZPU+6Aq
 pGrg==
X-Gm-Message-State: APjAAAXVgOrPunLCD3evgwQlkF3ZenpR3PzBI1ZwloRM87P+57OR3+PX
 +JNFktW9H6OKrdVeOYhgpIX5HNEI
X-Google-Smtp-Source: APXvYqwvqd3XKEbXrFfjUs/pafYWXl2bcxE4ed12hDeNwjtOTb64jscMtoZsVilLSiqyKvOA9dff6Q==
X-Received: by 2002:a17:902:5a06:: with SMTP id
 q6mr2160411pli.246.1571566069288; 
 Sun, 20 Oct 2019 03:07:49 -0700 (PDT)
Received: from [192.168.1.110] (180-150-68-130.b49644.syd.nbn.aussiebb.net.
 [180.150.68.130])
 by smtp.gmail.com with ESMTPSA id j128sm13323456pfg.51.2019.10.20.03.07.47
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Sun, 20 Oct 2019 03:07:48 -0700 (PDT)
Sender: Kubilay Kocak <koobs.freebsd@gmail.com>
Reply-To: koobs@FreeBSD.org
Subject: Re: dns/bind911 and 2019Q4 branch
To: Andrea Venturoli <ml@netfence.it>
Cc: freebsd-ports@freebsd.org
References: <0397b89c-284a-2407-3b39-f4be96286475@netfence.it>
 <20191020092616.uz2y44snsbbzu44q@atuin.in.mat.cc>
 <b99be952-640d-797b-a3c3-4139914c9b0d@netfence.it>
From: Kubilay Kocak <koobs@FreeBSD.org>
Message-ID: <72f8a61f-94a1-3b9d-e2f3-8b6863eeaec6@FreeBSD.org>
Date: Sun, 20 Oct 2019 21:07:44 +1100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101
 Thunderbird/70.0
MIME-Version: 1.0
In-Reply-To: <b99be952-640d-797b-a3c3-4139914c9b0d@netfence.it>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 46wwSR2XScz4Zsp
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=gmail.com header.s=20161025 header.b=NQPjLoUY;
 dmarc=none;
 spf=pass (mx1.freebsd.org: domain of koobsfreebsd@gmail.com designates
 2607:f8b0:4864:20::62c as permitted sender)
 smtp.mailfrom=koobsfreebsd@gmail.com
X-Spamd-Result: default: False [-4.90 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 HAS_REPLYTO(0.00)[koobs@FreeBSD.org]; TO_DN_SOME(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c];
 REPLYTO_ADDR_EQ_FROM(0.00)[]; RCVD_COUNT_THREE(0.00)[3];
 DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2];
 FORGED_SENDER(0.30)[koobs@FreeBSD.org,koobsfreebsd@gmail.com];
 IP_SCORE(-2.70)[ip: (-8.89), ipnet: 2607:f8b0::/32(-2.45), asn: 15169(-2.08),
 country: US(-0.05)]; MIME_TRACE(0.00)[0:+];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 FROM_NEQ_ENVFROM(0.00)[koobs@FreeBSD.org,koobsfreebsd@gmail.com];
 MID_RHS_MATCH_FROM(0.00)[];
 ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
 ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; TAGGED_FROM(0.00)[];
 FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-ports@freebsd.org];
 DMARC_NA(0.00)[FreeBSD.org]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[c.2.6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org
 : 127.0.5.0]; RCVD_TLS_ALL(0.00)[]
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Oct 2019 10:07:52 -0000

On 20/10/2019 8:50 pm, Andrea Venturoli wrote:
> On 2019-10-20 11:26, Mathieu Arnold wrote:
> 
>> The ISC was very clear in that this update[1] is not a security related
>> release, so I have absolutely no plan to merge it.
>>
>> 1: https://lists.isc.org/pipermail/bind-announce/2019-October/001139.html
>>
> 
> Sorry, I had already opened the bug as Kubilay suggested; fell free to 
> close it, then.
> 
> 
> 
> I'm confused though, since the link you posted says:
>> To clarify, BIND 9.11.12 is not a security release, but BIND 9.14.7 and
>> 9.15.5 are.
>>
>> The two CVEs disclosed today affect only BIND 9.14 and 9.15; the BIND
>> 9.11 branch is not vulnerable.
> 
> But on the release notes for 9.14 there are *3* CVEs and one 
> (CVE-2019-6471) is also listed in the release notes for 9.11.
> 
> ???
> 
>   bye & Thanks
>      av.


All done (issue closed).

Thank you for raising the question and asking though Andrea, many 
security updates are in fact missed, and don't end up in quarterly branches.

Users can help us by identify things that slip through the cracks and 
reporting those issues, and requesting merges where they are necessary