CVS commit: [pkgsrc-2015Q4] pkgsrc/net/bind910

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2015Q4] pkgsrc/net/bind910
From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
Date: Wed, 20 Jan 2016 19:32:01 +0000

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Wed Jan 20 19:32:01 UTC 2016

Modified Files:
        pkgsrc/net/bind910 [pkgsrc-2015Q4]: Makefile distinfo

Log Message:
Pullup ticket #4901 - requested by taca
net/bind910: security fix

Revisions pulled up:
- net/bind910/Makefile                                          1.15
- net/bind910/distinfo                                          1.14

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Wed Jan 20 02:15:58 UTC 2016

   Modified Files:
           pkgsrc/net/bind910: Makefile distinfo

   Log Message:
   Update bind910 to 9.10.3pl3 (BIND 9.10.3-P3).

   Security Fixes

        * Specific APL data could trigger an INSIST. This flaw was discovered
          by Brian Mitchell and is disclosed in CVE-2015-8704. [RT #41396]
        * Certain errors that could be encountered when printing out or
          logging an OPT record containing a CLIENT-SUBNET option could be
          mishandled, resulting in an assertion failure. This flaw was
          discovered by Brian Mitchell and is disclosed in CVE-2015-8705. [RT
          #41397]
        * Named is potentially vulnerable to the OpenSSL vulnerabilty
          described in CVE-2015-3193.
        * Insufficient testing when parsing a message allowed records with an
          incorrect class to be be accepted, triggering a REQUIRE failure
          when those records were subsequently cached. This flaw is disclosed
          in CVE-2015-8000. [RT #40987]
        * Incorrect reference counting could result in an INSIST failure if a
          socket error occurred while performing a lookup. This flaw is
          disclosed in CVE-2015-8461. [RT#40945]

   New Features

        * None.

   Feature Changes

        * Updated the compiled in addresses for H.ROOT-SERVERS.NET.

   Bug Fixes

        * Authoritative servers that were marked as bogus (e.g. blackholed in
          configuration or with invalid addresses) were being queried anyway.
          [RT #41321]


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.14.2.1 pkgsrc/net/bind910/Makefile
cvs rdiff -u -r1.13 -r1.13.2.1 pkgsrc/net/bind910/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/net/dhcpcd/files
Next by Date: CVS commit: [pkgsrc-2015Q4] pkgsrc/net/bind99
Previous by Thread: CVS commit: pkgsrc/net/dhcpcd/files
Next by Thread: CVS commit: [pkgsrc-2015Q4] pkgsrc/net/bind99
Indexes:

Home | Main Index | Thread Index | Old Index