From owner-cvs-ports@FreeBSD.ORG  Fri May 27 23:47:39 2011
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
Delivered-To: cvs-ports@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id AA0F91065676;
	Fri, 27 May 2011 23:47:39 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 991588FC1E;
	Fri, 27 May 2011 23:47:39 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.4/8.14.4) with ESMTP id p4RNldRI036813;
	Fri, 27 May 2011 23:47:39 GMT
	(envelope-from dougb@repoman.freebsd.org)
Received: (from dougb@localhost)
	by repoman.freebsd.org (8.14.4/8.14.4/Submit) id p4RNldR0036812;
	Fri, 27 May 2011 23:47:39 GMT (envelope-from dougb)
Message-Id: <201105272347.p4RNldR0036812@repoman.freebsd.org>
From: Doug Barton <dougb@FreeBSD.org>
Date: Fri, 27 May 2011 23:47:39 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/dns/bind96 Makefile distinfo
 ports/dns/bind96/files patch-bin__nsupdate__nsupdate.c ports/dns/bind97
 Makefile distinfo ports/dns/bind97/files
 patch-bin__nsupdate__nsupdate.c
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 May 2011 23:47:39 -0000

dougb       2011-05-27 23:47:39 UTC

  FreeBSD ports repository

  Modified files:
    dns/bind96           Makefile distinfo 
    dns/bind97           Makefile distinfo 
  Added files:
    dns/bind96/files     patch-bin__nsupdate__nsupdate.c 
    dns/bind97/files     patch-bin__nsupdate__nsupdate.c 
  Log:
  Upgrade to 9.6-ESV-R4-P1 and 9.7.3-P1, which address the following issues:
  
  1. Very large RRSIG RRsets included in a negative cache can trigger
  an assertion failure that will crash named (BIND 9 DNS) due to an
  off-by-one error in a buffer size check.
  
  This bug affects all resolving name servers, whether DNSSEC validation
  is enabled or not, on all BIND versions prior to today. There is a
  possibility of malicious exploitation of this bug by remote users.
  
  2. Named could fail to validate zones listed in a DLV that validated
  insecure without using DLV and had DS records in the parent zone.
  
  Add a patch provided by ru@ and confirmed by ISC to fix a crash at
  shutdown time when a SIG(0) key is being used.
  
  Revision  Changes    Path
  1.115     +2 -2      ports/dns/bind96/Makefile
  1.67      +4 -4      ports/dns/bind96/distinfo
  1.1       +14 -0     ports/dns/bind96/files/patch-bin__nsupdate__nsupdate.c (new)
  1.16      +1 -1      ports/dns/bind97/Makefile
  1.13      +4 -4      ports/dns/bind97/distinfo
  1.1       +14 -0     ports/dns/bind97/files/patch-bin__nsupdate__nsupdate.c (new)