From owner-cvs-ports@FreeBSD.ORG  Sat Jul 17 07:54:40 2010
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
Delivered-To: cvs-ports@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7FBD6106564A;
	Sat, 17 Jul 2010 07:54:40 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 70A708FC18;
	Sat, 17 Jul 2010 07:54:40 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o6H7seeO005882;
	Sat, 17 Jul 2010 07:54:40 GMT
	(envelope-from dougb@repoman.freebsd.org)
Received: (from dougb@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o6H7seaA005881;
	Sat, 17 Jul 2010 07:54:40 GMT (envelope-from dougb)
Message-Id: <201007170754.o6H7seaA005881@repoman.freebsd.org>
From: Doug Barton <dougb@FreeBSD.org>
Date: Sat, 17 Jul 2010 07:54:40 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/dns/bind97 Makefile distinfo
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Jul 2010 07:54:40 -0000

dougb       2010-07-17 07:54:40 UTC

  FreeBSD ports repository

  Modified files:
    dns/bind97           Makefile distinfo 
  Log:
  Updgrade to version 9.7.1-P2 which addresses a DNSSEC-related bug.
  
  If a query is made explicitly for a record of type 'RRSIG' to a validating
  recursive server running BIND 9.7.1 or 9.7.1-P1, and the server has one or
  more trust anchors configured statically and/or via DLV, then if the answer
  is not already in cache, the server enters a loop which repeatedly generates
  queries for RRSIGs to the authoritative servers for the zone containing the
  queried name.
  
  CVE:    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0213
  CERT:   http://www.kb.cert.org/vuls/id/211905
  
  Versions affected:      9.7.1, 9.7.1-P1
  Severity:               High
  Exploitable:            remotely
  
  http://www.isc.org/software/bind/advisories/cve-2010-0213
  
  Revision  Changes    Path
  1.10      +2 -2      ports/dns/bind97/Makefile
  1.8       +6 -6      ports/dns/bind97/distinfo