cvs commit: ports/dns/bind97 Makefile distinfo pkg-install

Doug Barton dougb at
Fri Dec 3 22:39:45 UTC 2010

dougb       2010-12-03 22:39:44 UTC

  FreeBSD ports repository

  Modified files:
    dns/bind97           Makefile distinfo 
  Added files:
    dns/bind97           pkg-install 
  Update to version 9.7.2-P3, the latest from ISC, which addresses
  the following security vulnerabilities.
  For more information regarding these issues please see:
  1. Cache incorrectly allows ncache and rrsig for the same type
     Affects resolver operators whose servers are open to potential
     attackers. Triggering the bug will cause the server to crash.
     This bug applies even if you do not have DNSSEC enabled.
  2. Using "allow-query" in the "options" or "view" statements to
     restrict access to authoritative zones has no effect.
     Affects authoritative server operators who wish to generally
     restrict queries to their authoritative zones, and are running
     9.6.2-P2 or any version of 9.7.x. The bug will allow unauthorized
     end users to receive answers to queries they should not.
  3. Key algorithm rollover
     Affects resolver operators who have 9.7.2-P2 installed,
     are validating with DNSSEC, and querying zones which are
     in a key rollover period. The bug will cause answers to
     incorrectly be marked as insecure.
  For the port:
  1. Add CONFLICT for the ../bind-tools port
  2. Switch to pkg-install to create the symlinks to /etc/namedb/ as
     requested in [1]
  PR:             ports/151635 [1]
  Submitted by:   Benjamin Lee <ben at> [1]
  Revision  Changes    Path
  1.13      +4 -8      ports/dns/bind97/Makefile
  1.11      +4 -4      ports/dns/bind97/distinfo
  1.1       +13 -0     ports/dns/bind97/pkg-install (new)

More information about the cvs-all mailing list