From owner-cvs-all@FreeBSD.ORG Fri Jan 28 20:47:45 2005 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3413D16A4CE; Fri, 28 Jan 2005 20:47:45 +0000 (GMT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2044543D2F; Fri, 28 Jan 2005 20:47:45 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j0SKlju2056579; Fri, 28 Jan 2005 20:47:45 GMT (envelope-from dougb@repoman.freebsd.org) Received: (from dougb@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j0SKljjP056578; Fri, 28 Jan 2005 20:47:45 GMT (envelope-from dougb) Message-Id: <200501282047.j0SKljjP056578@repoman.freebsd.org> From: Doug Barton Date: Fri, 28 Jan 2005 20:47:44 +0000 (UTC) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Subject: cvs commit: ports/dns/bind9 Makefile distinfo X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jan 2005 20:47:45 -0000 dougb 2005-01-28 20:47:44 UTC FreeBSD ports repository Modified files: dns/bind9 Makefile distinfo Log: Include a patch from ISC to deal with the following vulnerability: Name: BIND: Self Check Failing [Added 2005.25.01] Versions affected: BIND 9.3.0 Severity: LOW Exploitable: Remotely Type: Denial of Service Description: An incorrect assumption in the validator (authvalidated) can result in a REQUIRE (internal consistancy) test failing and named exiting. Workarounds: Turn off dnssec validation (off by default) at the options/view level. dnssec-enable no; Active Exploits: None known Bump PORTREVISION accordingly. It should be noted that the vast majority of users would not have DNSSEC enabled, and therefore are not vulnerable to this bug. Revision Changes Path 1.61 +9 -1 ports/dns/bind9/Makefile 1.34 +4 -0 ports/dns/bind9/distinfo