cvs commit: ports/dns/bind94 Makefile distinfo ports/dns/bind95 Makefile distinfo ports/dns/bind96 Makefile distinfo

Doug Barton dougb at
Mon Jan 25 00:25:09 UTC 2010

dougb       2010-01-25 00:25:08 UTC

  FreeBSD ports repository

  Modified files:
    dns/bind94           Makefile distinfo 
    dns/bind95           Makefile distinfo 
    dns/bind96           Makefile distinfo 
  Upgrade to BIND 9.4.3-P5, 9.5.2-P2, and 9.6.1-P3. These versions address
  the following vulnerabilities:
  BIND 9 Cache Update from Additional Section
  A nameserver with DNSSEC validation enabled may incorrectly add
  unauthenticated records to its cache that are received during the
  resolution of a recursive client query
  BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
  There was an error in the DNSSEC NSEC/NSEC3 validation code that could
  cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records
  proven by NSEC or NSEC3 to exist) to be cached as if they had validated
  These issues only affect systems with DNSSEC validation enabled.
  Revision  Changes    Path
  1.103     +2 -2      ports/dns/bind94/Makefile
  1.58      +6 -9      ports/dns/bind94/distinfo
  1.107     +2 -2      ports/dns/bind95/Makefile
  1.59      +6 -6      ports/dns/bind95/distinfo
  1.107     +2 -2      ports/dns/bind96/Makefile
  1.60      +6 -6      ports/dns/bind96/distinfo

More information about the cvs-all mailing list