cvs commit: ports/dns/bind97 Makefile distinfo pkg-install
dougb at FreeBSD.org
Fri Dec 3 22:39:45 UTC 2010
dougb 2010-12-03 22:39:44 UTC
FreeBSD ports repository
dns/bind97 Makefile distinfo
Update to version 9.7.2-P3, the latest from ISC, which addresses
the following security vulnerabilities.
For more information regarding these issues please see:
1. Cache incorrectly allows ncache and rrsig for the same type
Affects resolver operators whose servers are open to potential
attackers. Triggering the bug will cause the server to crash.
This bug applies even if you do not have DNSSEC enabled.
2. Using "allow-query" in the "options" or "view" statements to
restrict access to authoritative zones has no effect.
Affects authoritative server operators who wish to generally
restrict queries to their authoritative zones, and are running
9.6.2-P2 or any version of 9.7.x. The bug will allow unauthorized
end users to receive answers to queries they should not.
3. Key algorithm rollover
Affects resolver operators who have 9.7.2-P2 installed,
are validating with DNSSEC, and querying zones which are
in a key rollover period. The bug will cause answers to
incorrectly be marked as insecure.
For the port:
1. Add CONFLICT for the ../bind-tools port
2. Switch to pkg-install to create the symlinks to /etc/namedb/ as
requested in 
PR: ports/151635 
Submitted by: Benjamin Lee <ben at b1c1l1.com> 
Revision Changes Path
1.13 +4 -8 ports/dns/bind97/Makefile
1.11 +4 -4 ports/dns/bind97/distinfo
1.1 +13 -0 ports/dns/bind97/pkg-install (new)
More information about the cvs-all