git: 073246403c21 - 2026Q1 - dns/bind9-devel: update to 9.21.20

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Mathieu Arnold <mat_at_FreeBSD.org>
Date: Wed, 25 Mar 2026 16:53:07 UTC
The branch 2026Q1 has been updated by mat:

URL: https://cgit.FreeBSD.org/ports/commit/?id=073246403c21c3e45572ff9606857e6da6df9dfb

commit 073246403c21c3e45572ff9606857e6da6df9dfb
Author:     Mathieu Arnold <mat@FreeBSD.org>
AuthorDate: 2026-03-25 14:21:45 +0000
Commit:     Mathieu Arnold <mat@FreeBSD.org>
CommitDate: 2026-03-25 16:52:40 +0000

    dns/bind9-devel: update to 9.21.20
    
    Changes:        https://downloads.isc.org/isc/bind9/9.21.20/doc/arm/html/notes.html#notes-for-bind-9-21-20
    Security:       CVE-2026-1519, CVE-2026-3104, CVE-2026-3119, CVE-2026-3591
    (cherry picked from commit 073923504740520d94fbcdd571d111f177112cbd)
---
 dns/bind-tools/pkg-plist-devel                     | 10 ++++-----
 dns/bind9-devel/Makefile                           |  2 +-
 dns/bind9-devel/distinfo                           |  6 ++---
 .../files/extrapatch-bind-min-override-ttl         | 26 +++++++++++-----------
 dns/bind9-devel/pkg-plist                          | 10 ++++-----
 5 files changed, 27 insertions(+), 27 deletions(-)

diff --git a/dns/bind-tools/pkg-plist-devel b/dns/bind-tools/pkg-plist-devel
index 0ef0a97af521..514546c60b3b 100644
--- a/dns/bind-tools/pkg-plist-devel
+++ b/dns/bind-tools/pkg-plist-devel
@@ -18,11 +18,11 @@ bin/named-rrchecker
 bin/nsec3hash
 bin/nslookup
 bin/nsupdate
-lib/bind-tools/libdns-9.21.19.so
-lib/bind-tools/libisc-9.21.19.so
-lib/bind-tools/libisccc-9.21.19.so
-lib/bind-tools/libisccfg-9.21.19.so
-lib/bind-tools/libns-9.21.19.so
+lib/bind-tools/libdns-9.21.20.so
+lib/bind-tools/libisc-9.21.20.so
+lib/bind-tools/libisccc-9.21.20.so
+lib/bind-tools/libisccfg-9.21.20.so
+lib/bind-tools/libns-9.21.20.so
 share/man/man1/arpaname.1.gz
 share/man/man1/delv.1.gz
 share/man/man1/dig.1.gz
diff --git a/dns/bind9-devel/Makefile b/dns/bind9-devel/Makefile
index a82ca70dd6ea..61ee48d1039f 100644
--- a/dns/bind9-devel/Makefile
+++ b/dns/bind9-devel/Makefile
@@ -1,7 +1,7 @@
 # pkg-help formatted with fmt 59 63
 
 PORTNAME=	bind
-DISTVERSION=	9.21.19
+DISTVERSION=	9.21.20
 .if defined(BIND_TOOLS_SLAVE)
 # dns/bind-tools here
 PORTREVISION=	0
diff --git a/dns/bind9-devel/distinfo b/dns/bind9-devel/distinfo
index 3e823806d386..f5cbfd7cff18 100644
--- a/dns/bind9-devel/distinfo
+++ b/dns/bind9-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1772304413
-SHA256 (bind-9.21.19.tar.xz) = dcc94c5f5baf1214fee11c578bf37edf314e7761d3bff5ed5f4b439d56dd56dc
-SIZE (bind-9.21.19.tar.xz) = 5320236
+TIMESTAMP = 1774448037
+SHA256 (bind-9.21.20.tar.xz) = a812f70cf537017176e361e0459c5e92f0fa9627a336edf153c30801326f7f6b
+SIZE (bind-9.21.20.tar.xz) = 5328196
diff --git a/dns/bind9-devel/files/extrapatch-bind-min-override-ttl b/dns/bind9-devel/files/extrapatch-bind-min-override-ttl
index b2a6b5517238..54cea44e6716 100644
--- a/dns/bind9-devel/files/extrapatch-bind-min-override-ttl
+++ b/dns/bind9-devel/files/extrapatch-bind-min-override-ttl
@@ -1,8 +1,8 @@
 Add the override-cache-ttl feature.
 
---- bin/include/defaultconfig.h.orig	2026-02-26 20:52:53 UTC
+--- bin/include/defaultconfig.h.orig	2026-03-13 21:37:44 UTC
 +++ bin/include/defaultconfig.h
-@@ -159,6 +159,7 @@ options {\n\
+@@ -160,6 +160,7 @@ options {\n\
  	notify-source *;\n\
  	notify-source-v6 *;\n\
  	nsec3-test-zone no;\n\
@@ -10,9 +10,9 @@ Add the override-cache-ttl feature.
  	parental-source *;\n\
  	parental-source-v6 *;\n\
  	provide-ixfr true;\n\
---- bin/named/server.c.orig	2026-02-26 20:52:53 UTC
+--- bin/named/server.c.orig	2026-03-13 21:37:44 UTC
 +++ bin/named/server.c
-@@ -4081,6 +4081,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
+@@ -4085,6 +4085,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
  	}
  
  	obj = NULL;
@@ -24,9 +24,9 @@ Add the override-cache-ttl feature.
  	result = named_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asduration(obj);
---- doc/arm/reference.rst.orig	2026-02-26 20:52:53 UTC
+--- doc/arm/reference.rst.orig	2026-03-13 21:37:44 UTC
 +++ doc/arm/reference.rst
-@@ -4188,6 +4188,10 @@ Tuning
+@@ -4231,6 +4231,10 @@ Tuning
     cannot exceed 7 days and is silently truncated to 7 days if set to a
     greater value.
  
@@ -37,7 +37,7 @@ Add the override-cache-ttl feature.
  .. namedconf:statement:: max-cache-ttl
     :tags: server
     :short: Specifies the maximum time (in seconds) that the server caches ordinary (positive) answers.
---- doc/misc/options.orig	2026-02-26 20:52:53 UTC
+--- doc/misc/options.orig	2026-03-13 21:37:44 UTC
 +++ doc/misc/options
 @@ -171,6 +171,7 @@ options {
  	masterfile-style ( full | relative );
@@ -46,8 +46,8 @@ Add the override-cache-ttl feature.
 +	override-cache-ttl <duration>;
  	max-cache-ttl <duration>;
  	max-clients-per-query <integer>;
- 	max-ixfr-ratio ( unlimited | <percentage> );
---- lib/dns/include/dns/view.h.orig	2026-02-26 20:52:53 UTC
+ 	max-delegation-servers <integer>; // experimental
+--- lib/dns/include/dns/view.h.orig	2026-03-13 21:37:44 UTC
 +++ lib/dns/include/dns/view.h
 @@ -155,6 +155,7 @@ struct dns_view {
  	bool		      requestzoneversion;
@@ -57,9 +57,9 @@ Add the override-cache-ttl feature.
  	dns_ttl_t	      maxncachettl;
  	dns_ttl_t	      mincachettl;
  	dns_ttl_t	      minncachettl;
---- lib/dns/resolver.c.orig	2026-02-26 20:52:53 UTC
+--- lib/dns/resolver.c.orig	2026-03-13 21:37:44 UTC
 +++ lib/dns/resolver.c
-@@ -5979,6 +5979,12 @@ fixttls(dns_view_t *view, dns_rdataset_t *rdataset,
+@@ -5969,6 +5969,12 @@ fixttls(dns_view_t *view, dns_rdataset_t *rdataset,
  fixttls(dns_view_t *view, dns_rdataset_t *rdataset,
  	dns_rdataset_t *sigrdataset) {
  	/*
@@ -72,9 +72,9 @@ Add the override-cache-ttl feature.
  	 * Enforce the configured maximum and minimum cache TTL.
  	 */
  	if (rdataset->ttl > view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2026-02-26 20:52:53 UTC
+--- lib/isccfg/namedconf.c.orig	2026-03-13 21:37:44 UTC
 +++ lib/isccfg/namedconf.c
-@@ -2422,6 +2422,7 @@ static cfg_clausedef_t view_clauses[] = {
+@@ -2424,6 +2424,7 @@ static cfg_clausedef_t view_clauses[] = {
  	{ "nta-lifetime", &cfg_type_duration, 0, NULL },
  	{ "nta-recheck", &cfg_type_duration, 0, NULL },
  	{ "nxdomain-redirect", &cfg_type_astring, 0, NULL },
diff --git a/dns/bind9-devel/pkg-plist b/dns/bind9-devel/pkg-plist
index 7f0c24456f90..88d44eabf842 100644
--- a/dns/bind9-devel/pkg-plist
+++ b/dns/bind9-devel/pkg-plist
@@ -240,11 +240,11 @@ include/ns/xfrout.h
 lib/bind/filter-a.so
 lib/bind/filter-aaaa.so
 lib/bind/synthrecord.so
-lib/libdns-9.21.19.so
-lib/libisc-9.21.19.so
-lib/libisccc-9.21.19.so
-lib/libisccfg-9.21.19.so
-lib/libns-9.21.19.so
+lib/libdns-9.21.20.so
+lib/libisc-9.21.20.so
+lib/libisccc-9.21.20.so
+lib/libisccfg-9.21.20.so
+lib/libns-9.21.20.so
 @comment share/man/man1/arpaname.1.gz
 @comment share/man/man1/delv.1.gz
 @comment share/man/man1/dig.1.gz