dougb 2010-01-25 00:25:08 UTC FreeBSD ports repository
Modified files: dns/bind94 Makefile distinfo dns/bind95 Makefile distinfo dns/bind96 Makefile distinfo Log: Upgrade to BIND 9.4.3-P5, 9.5.2-P2, and 9.6.1-P3. These versions address the following vulnerabilities: BIND 9 Cache Update from Additional Section https://www.isc.org/advisories/CVE-2009-4022v6 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 A nameserver with DNSSEC validation enabled may incorrectly add unauthenticated records to its cache that are received during the resolution of a recursive client query BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses https://www.isc.org/advisories/CVE-2010-0097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 There was an error in the DNSSEC NSEC/NSEC3 validation code that could cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records proven by NSEC or NSEC3 to exist) to be cached as if they had validated correctly These issues only affect systems with DNSSEC validation enabled. Revision Changes Path 1.103 +2 -2 ports/dns/bind94/Makefile 1.58 +6 -9 ports/dns/bind94/distinfo 1.107 +2 -2 ports/dns/bind95/Makefile 1.59 +6 -6 ports/dns/bind95/distinfo 1.107 +2 -2 ports/dns/bind96/Makefile 1.60 +6 -6 ports/dns/bind96/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscr...@freebsd.org"