CVSROOT: /cvs
Module name: ports
Changes by: st...@cvs.openbsd.org 2017/02/08 17:05:52
Modified files:
net/isc-bind : Tag: OPENBSD_6_0 Makefile distinfo
Added files:
net/isc-bind/patches: Tag: OPENBSD_6_0 patch-bin_dig_dig_c
patch-bin_dig_host_c
patch-bin_dig_nslookup_c
patch-lib_isc_unix_net_c
patch-lib_isc_unix_socket_c
Log message:
update to BIND 9.10.4-P6
* If a server is configured with a response policy zone (RPZ) that
rewrites an answer with local data, and is also configured for DNS64
address mapping, a NULL pointer can be read triggering a server crash.
This flaw is disclosed in CVE-2017-3135. [RT #44434]
* A synthesized CNAME record appearing in a response before the associated
DNAME could be cached, when it should not have been. This was a
regression introduced while addressing CVE-2016-8864. [RT #44318]
