CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2017/02/08 17:05:52
Modified files: net/isc-bind : Tag: OPENBSD_6_0 Makefile distinfo Added files: net/isc-bind/patches: Tag: OPENBSD_6_0 patch-bin_dig_dig_c patch-bin_dig_host_c patch-bin_dig_nslookup_c patch-lib_isc_unix_net_c patch-lib_isc_unix_socket_c Log message: update to BIND 9.10.4-P6 * If a server is configured with a response policy zone (RPZ) that rewrites an answer with local data, and is also configured for DNS64 address mapping, a NULL pointer can be read triggering a server crash. This flaw is disclosed in CVE-2017-3135. [RT #44434] * A synthesized CNAME record appearing in a response before the associated DNAME could be cached, when it should not have been. This was a regression introduced while addressing CVE-2016-8864. [RT #44318]