FreeBSD Mail Archives

Date:      Sun, 7 Feb 2010 20:28:24 +0000 (UTC)
From:      Doug Barton <dougb@FreeBSD.org>
To:        cvs-src-old@freebsd.org
Subject:   cvs commit: src/contrib/bind9 CHANGES FAQ FAQ.xml version src/contrib/bind9/bin/dnssec dnssec-signzone.8 dnssec-signzone.html src/contrib/bind9/bin/named query.c src/contrib/bind9/doc/arm Bv9ARM.pdf man.dnssec-signzone.html man.named-checkconf.html ...
Message-ID:  <201002072028.o17KSuLL077289@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help


dougb       2010-02-07 20:28:24 UTC

  FreeBSD src repository

  Modified files:        (Branch: RELENG_8)
    contrib/bind9        CHANGES FAQ FAQ.xml version 
    contrib/bind9/bin/dnssec dnssec-signzone.8 
                             dnssec-signzone.html 
    contrib/bind9/bin/named query.c 
    contrib/bind9/doc/arm Bv9ARM.pdf man.dnssec-signzone.html 
                          man.named-checkconf.html 
                          man.named-checkzone.html man.named.html 
                          man.nsupdate.html man.rndc-confgen.html 
                          man.rndc.conf.html man.rndc.html 
    contrib/bind9/lib/dns rbtdb.c resolver.c validator.c 
    contrib/bind9/lib/dns/include/dns db.h ncache.h types.h 
    contrib/bind9/lib/lwres/man lwres.html lwres_buffer.html 
                                lwres_config.html 
                                lwres_context.html lwres_gabn.html 
                                lwres_gai_strerror.html 
                                lwres_getaddrinfo.html 
                                lwres_gethostent.html 
                                lwres_getipnode.html 
                                lwres_getnameinfo.html 
                                lwres_getrrsetbyname.html 
                                lwres_gnba.html 
                                lwres_hstrerror.html 
                                lwres_inetntop.html 
                                lwres_noop.html lwres_packet.html 
                                lwres_resutil.html 
  Log:
  SVN rev 203635 on 2010-02-07 20:28:24Z by dougb
  
  MFC 202961:
  
  Upgrade to BIND 9.6.1-P3.
  
  This version address the following vulnerabilities:
  
  BIND 9 Cache Update from Additional Section
  https://www.isc.org/advisories/CVE-2009-4022v6
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
  A nameserver with DNSSEC validation enabled may incorrectly add
  unauthenticated records to its cache that are received during the
  resolution of a recursive client query
  
  BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
  https://www.isc.org/advisories/CVE-2010-0097
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
  There was an error in the DNSSEC NSEC/NSEC3 validation code that could
  cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records
  proven by NSEC or NSEC3 to exist) to be cached as if they had validated
  correctly
  
  These issues only affect systems with DNSSEC validation enabled.
  
  Revision  Changes      Path
  1.9.2.2   +12 -0       src/contrib/bind9/CHANGES
  1.3.2.1   +17 -12      src/contrib/bind9/FAQ
  1.3.2.1   +18 -13      src/contrib/bind9/FAQ.xml
  1.4.2.1   +229 -105    src/contrib/bind9/bin/dnssec/dnssec-signzone.8
  1.4.2.1   +8 -8        src/contrib/bind9/bin/dnssec/dnssec-signzone.html
  1.3.2.2   +7 -47       src/contrib/bind9/bin/named/query.c
  1.4.2.1   +7344 -7152  src/contrib/bind9/doc/arm/Bv9ARM.pdf
  1.4.2.1   +8 -8        src/contrib/bind9/doc/arm/man.dnssec-signzone.html
  1.4.2.1   +6 -6        src/contrib/bind9/doc/arm/man.named-checkconf.html
  1.4.2.1   +6 -6        src/contrib/bind9/doc/arm/man.named-checkzone.html
  1.4.2.1   +8 -8        src/contrib/bind9/doc/arm/man.named.html
  1.2.2.1   +7 -7        src/contrib/bind9/doc/arm/man.nsupdate.html
  1.4.2.1   +6 -6        src/contrib/bind9/doc/arm/man.rndc-confgen.html
  1.4.2.1   +6 -6        src/contrib/bind9/doc/arm/man.rndc.conf.html
  1.4.2.1   +6 -6        src/contrib/bind9/doc/arm/man.rndc.html
  1.2.2.1   +10 -9       src/contrib/bind9/lib/dns/include/dns/db.h
  1.2.2.1   +2 -2        src/contrib/bind9/lib/dns/include/dns/ncache.h
  1.2.2.2   +3 -1        src/contrib/bind9/lib/dns/include/dns/types.h
  1.3.2.2   +3 -1        src/contrib/bind9/lib/dns/rbtdb.c
  1.6.2.2   +13 -23      src/contrib/bind9/lib/dns/resolver.c
  1.4.2.2   +7 -7        src/contrib/bind9/lib/dns/validator.c
  1.2.2.1   +7 -7        src/contrib/bind9/lib/lwres/man/lwres.html
  1.2.2.1   +3 -3        src/contrib/bind9/lib/lwres/man/lwres_buffer.html
  1.2.2.1   +6 -6        src/contrib/bind9/lib/lwres/man/lwres_config.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_context.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_gabn.html
  1.2.2.1   +4 -4        src/contrib/bind9/lib/lwres/man/lwres_gai_strerror.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_getaddrinfo.html
  1.2.2.1   +6 -6        src/contrib/bind9/lib/lwres/man/lwres_gethostent.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_getipnode.html
  1.2.2.1   +6 -6        src/contrib/bind9/lib/lwres/man/lwres_getnameinfo.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_getrrsetbyname.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_gnba.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_hstrerror.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_inetntop.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_noop.html
  1.2.2.1   +4 -4        src/contrib/bind9/lib/lwres/man/lwres_packet.html
  1.2.2.1   +5 -5        src/contrib/bind9/lib/lwres/man/lwres_resutil.html
  1.9.2.2   +2 -2        src/contrib/bind9/version

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201002072028.o17KSuLL077289>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation