From nobody Tue Oct 12 11:09:08 2021 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id AB0EE17EACC2 for ; Tue, 12 Oct 2021 11:09:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HTCbS4Gflz4rcK for ; Tue, 12 Oct 2021 11:09:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6825C13559 for ; Tue, 12 Oct 2021 11:09:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 19CB98YF013226 for ; Tue, 12 Oct 2021 11:09:08 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 19CB989r013225 for ports-bugs@FreeBSD.org; Tue, 12 Oct 2021 11:09:08 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 259098] dns/nsd: Update to version 4.3.8 Date: Tue, 12 Oct 2021 11:09:08 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: jaap@NLnetLabs.nl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform bug_file_loc op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D259098 Bug ID: 259098 Summary: dns/nsd: Update to version 4.3.8 Product: Ports & Packages Version: Latest Hardware: Any URL: https://www.nlnetlabs.nl/news/2021/Oct/12/nsd-4.3.8-re leased/ OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: jaap@NLnetLabs.nl Attachment #228622 maintainer-approval+ Flags: Created attachment 228622 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D228622&action= =3Dedit Patch to upgrade This release fixes a crash bug in delegation answers, and fixes in NSEC3 answers. Also compile fixes for OpenSSL. The OpenSSL 3.0 API is supported. The Mutual TLS feature allows for client authentication for XFR-over-TLS connections, use the client-cert, client-key and client-key-pw options to set up the certificate that NSD then uses to connect to the upstream server to download the zone with. 4.3.8 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D FEATURES: - Merge #185 by cesarkuroiwa: Mutual TLS. BUG FIXES: - Fix to compile with OpenSSL 3.0.0beta2. - Fix configure detection of SSL_CTX_set_security_level. - Fix deprecated functions use from openssl 3.0.0beta2. - For #184: Note that all zones can be targeted by some nsd-control commands in the man page. - Fixes for #185: Document client-cert, client-key and client-key-pw in the man page. Fix yacc semicolon. Fix unused variable warning. Use strlcpy instead of strncpy. Fix spelling error in error printout. - Merge #187: Support using system-wide crypto policies. - Fix #188: NSD fails to build against openssl 1.1 on CentOS 7. - Fix sed script in ssldir split handling. - Fix #189: nsd 4.3.7 crash answer_delegation: Assertion `query->delegation_rrset' failed. - Fix #190: NSD returns 3 NSEC3 records for NODATA response. - Fix compile failure with openssl 1.0.2. - Fix #194: Incorrect NSEC3 response for SOA query below delegation point. The port's Makefile had some reordering to satisfy portfmt(1) --=20 You are receiving this mail because: You are the assignee for the bug.=