Date: Thu, 9 Dec 2010 21:11:53 +0000 (UTC) From: Doug Barton <dougb@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/contrib/bind9 CHANGES RELEASE-NOTES-BIND-9.4-ESV.html RELEASE-NOTES-BIND-9.4-ESV.pdf RELEASE-NOTES-BIND-9.4-ESV.txt release-notes.css version src/contrib/bind9/bin/named query.c src/contrib/bind9/doc/draft draft-ietf-behave-dns64-10.txt draft-ietf-behave-dns64-11.txt ... Message-ID: <201012092112.oB9LC6X5051216@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
dougb 2010-12-09 21:11:53 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_7)
contrib/bind9 CHANGES version
contrib/bind9/bin/named query.c
contrib/bind9/lib/dns api rbtdb.c validator.c
contrib/bind9/lib/dns/include/dns db.h
contrib/bind9/lib/isc api print.c
Added files: (Branch: RELENG_7)
contrib/bind9 RELEASE-NOTES-BIND-9.4-ESV.html
RELEASE-NOTES-BIND-9.4-ESV.pdf
RELEASE-NOTES-BIND-9.4-ESV.txt
release-notes.css
contrib/bind9/doc/draft draft-ietf-behave-dns64-11.txt
draft-ietf-dnsext-dnssec-bis-updates-12.txt
Removed files: (Branch: RELENG_7)
contrib/bind9/doc/draft draft-ietf-behave-dns64-10.txt
draft-ietf-dnsext-dnssec-bis-updates-10.txt
Log:
SVN rev 216336 on 2010-12-09 21:11:53Z by dougb
MFV: vendor/bind9/dist-9.4
Update to version 9.4-ESV-R4, the latest from ISC, which addresses
the following security vulnerabilities.
For more information regarding these issues please see:
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
1. Cache incorrectly allows ncache and rrsig for the same type
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613
Affects resolver operators whose servers are open to potential
attackers. Triggering the bug will cause the server to crash.
This bug applies even if you do not have DNSSEC enabled.
2. Key algorithm rollover
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614
Affects resolver operators who are validating with DNSSEC, and
querying zones which are in a key rollover period. The bug will
cause answers to incorrectly be marked as insecure.
Approved by: re (kib)
Revision Changes Path
1.1.1.10.2.12 +27 -0 src/contrib/bind9/CHANGES
1.1.2.1 +123 -0 src/contrib/bind9/RELEASE-NOTES-BIND-9.4-ESV.html (new)
1.1.2.1 +232 -0 src/contrib/bind9/RELEASE-NOTES-BIND-9.4-ESV.pdf (new)
1.1.2.1 +70 -0 src/contrib/bind9/RELEASE-NOTES-BIND-9.4-ESV.txt (new)
1.1.1.6.2.6 +5 -3 src/contrib/bind9/bin/named/query.c
1.1.2.2 +0 -1736 src/contrib/bind9/doc/draft/draft-ietf-behave-dns64-10.txt (dead)
1.1.2.1 +1792 -0 src/contrib/bind9/doc/draft/draft-ietf-behave-dns64-11.txt (new)
1.1.2.2 +0 -785 src/contrib/bind9/doc/draft/draft-ietf-dnsext-dnssec-bis-updates-10.txt (dead)
1.1.2.1 +785 -0 src/contrib/bind9/doc/draft/draft-ietf-dnsext-dnssec-bis-updates-12.txt (new)
1.1.1.6.2.8 +1 -1 src/contrib/bind9/lib/dns/api
1.1.1.2.2.3 +15 -9 src/contrib/bind9/lib/dns/include/dns/db.h
1.1.1.4.2.6 +28 -12 src/contrib/bind9/lib/dns/rbtdb.c
1.1.1.6.2.9 +47 -11 src/contrib/bind9/lib/dns/validator.c
1.1.1.5.2.5 +1 -1 src/contrib/bind9/lib/isc/api
1.1.1.3.2.2 +3 -3 src/contrib/bind9/lib/isc/print.c
1.1.4.2 +60 -0 src/contrib/bind9/release-notes.css (new)
1.1.1.10.2.12 +2 -2 src/contrib/bind9/version
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201012092112.oB9LC6X5051216>