From owner-cvs-all@FreeBSD.ORG  Tue Jul 24 22:02:17 2007
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 291A216A418;
	Tue, 24 Jul 2007 22:02:17 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 1C50213C48E;
	Tue, 24 Jul 2007 22:02:17 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id l6OM2GKw003944;
	Tue, 24 Jul 2007 22:02:16 GMT
	(envelope-from dougb@repoman.freebsd.org)
Received: (from dougb@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id l6OM2GIb003943;
	Tue, 24 Jul 2007 22:02:16 GMT (envelope-from dougb)
Message-Id: <200707242202.l6OM2GIb003943@repoman.freebsd.org>
From: Doug Barton <dougb@FreeBSD.org>
Date: Tue, 24 Jul 2007 22:02:16 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/dns/bind94 Makefile distinfo
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jul 2007 22:02:17 -0000

dougb       2007-07-24 22:02:16 UTC

  FreeBSD ports repository

  Modified files:
    dns/bind94           Makefile distinfo 
  Log:
  Update to 9.4.1-P1, which has fixes for the following:
  
  1. The default access control lists (acls) are not being
  correctly set. If not set anyone can make recursive queries
  and/or query the cache contents.
  
  See also:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925
  
  2. The DNS query id generation is vulnerable to cryptographic
  analysis which provides a 1 in 8 chance of guessing the next
  query id for 50% of the query ids. This can be used to perform
  cache poisoning by an attacker.
  
  This bug only affects outgoing queries, generated by BIND 9 to
  answer questions as a resolver, or when it is looking up data
  for internal uses, such as when sending NOTIFYs to slave name
  servers.
  
  All users are encouraged to upgrade.
  
  See also:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
  
  Revision  Changes    Path
  1.80      +2 -2      ports/dns/bind94/Makefile
  1.45      +6 -6      ports/dns/bind94/distinfo