pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2009Q4]: pkgsrc/net/bind95 Pullup ticket #2965 - requested by spz
details: https://anonhg.NetBSD.org/pkgsrc/rev/ca2fc040af77
branches: pkgsrc-2009Q4
changeset: 569203:ca2fc040af77
user: tron <tron%pkgsrc.org@localhost>
date: Thu Jan 21 21:11:20 2010 +0000
description:
Pullup ticket #2965 - requested by spz
bind95: security update
Revisions pulled up:
- net/bind95/Makefile 1.16 via patch
- net/bind95/distinfo 1.12
---
Module Name: pkgsrc
Committed By: spz
Date: Thu Jan 21 19:42:16 UTC 2010
Modified Files:
pkgsrc/net/bind95: Makefile distinfo
Log Message:
security update:
BIND 9.5.2-P2 is a SECURITY PATCH for BIND 9.5.2. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.5.2-P1:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
diffstat:
net/bind95/Makefile | 5 ++---
net/bind95/distinfo | 8 ++++----
2 files changed, 6 insertions(+), 7 deletions(-)
diffs (38 lines):
diff -r c334800219a1 -r ca2fc040af77 net/bind95/Makefile
--- a/net/bind95/Makefile Thu Jan 21 19:04:34 2010 +0000
+++ b/net/bind95/Makefile Thu Jan 21 21:11:20 2010 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.14 2009/12/11 16:22:08 taca Exp $
+# $NetBSD: Makefile,v 1.14.2.1 2010/01/21 21:11:20 tron Exp $
DISTNAME= bind-${BIND_VERSION}
PKGNAME= ${DISTNAME:S/-P/pl/}
-PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ \
http://ftp.belnet.be/pub/mirror/ftp.isc.org/isc/bind9/${BIND_VERSION}/
@@ -17,7 +16,7 @@
PKG_DESTDIR_SUPPORT= user-destdir
MAKE_JOBS_SAFE= no
-BIND_VERSION= 9.5.2-P1
+BIND_VERSION= 9.5.2-P2
# IPv6 ready, automatically detected
.include "../../mk/bsd.prefs.mk"
diff -r c334800219a1 -r ca2fc040af77 net/bind95/distinfo
--- a/net/bind95/distinfo Thu Jan 21 19:04:34 2010 +0000
+++ b/net/bind95/distinfo Thu Jan 21 21:11:20 2010 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.11 2009/11/30 11:58:30 tron Exp $
+$NetBSD: distinfo,v 1.11.2.1 2010/01/21 21:11:20 tron Exp $
-SHA1 (bind-9.5.2-P1.tar.gz) = 532d448554601cec13a645df812638d46fd41743
-RMD160 (bind-9.5.2-P1.tar.gz) = 2e2872a06fc1d97e4bcecaea3fb4f009f83cdb2b
-Size (bind-9.5.2-P1.tar.gz) = 6799718 bytes
+SHA1 (bind-9.5.2-P2.tar.gz) = ffa6df6752976e6bdd05508c5cc5131ef9a097f1
+RMD160 (bind-9.5.2-P2.tar.gz) = a0864dadb1af7268a0c54fed3bc178bd17abb55c
+Size (bind-9.5.2-P2.tar.gz) = 6674868 bytes
SHA1 (patch-ab) = dd12c457791a75a8b43d9dfd0c0b236dcdbe31a5
SHA1 (patch-ac) = a2c24198044f8cf29198e08a1a10b7e4ea739c40
SHA1 (patch-ad) = 5c8af5a826e4f6891dfdf949b8a541ee33e16c3e
Home |
Main Index |
Thread Index |
Old Index