kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Security update:

Browse source 
dns/bind99:  9.9.9-P3  -> 9.9.9-P4
dns/bind910: 9.10.4-P3 -> 9.10.4-P4
dns/bind911: 9.11.0    -> 9.11.0-P1

Security:	CVE-2016-8864
Submitted by:	mat
MFH:		2016Q4
This commit is contained in:
Xin LI 2016-11-02 06:38:48 +00:00
parent 9cd2b2e2b3
commit 442cd7309b
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=425115
9 changed files with 33 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
dns/bind910/Makefile
View file

@ -29,7 +29,7 @@ COMMENT= BIND DNS suite with updated DNSSEC and DNS64
LICENSE= ISCL LICENSE= ISCL
# ISC releases things like 9.8.0-P1, which our versioning doesn't like # ISC releases things like 9.8.0-P1, which our versioning doesn't like
ISCVERSION= 9.10.4-P3 ISCVERSION= 9.10.4-P4
USES= cpe libedit USES= cpe libedit

6
dns/bind910/distinfo
View file

@ -1,3 +1,3 @@
TIMESTAMP = 1474631813 TIMESTAMP = 1477663379
SHA256 (bind-9.10.4-P3.tar.gz) = a075e5ce89fddccb0e64d1777d59161387dd5151cf4e7d1a93875a487812baef SHA256 (bind-9.10.4-P4.tar.gz) = a41ce7518e1d0faa40312cc89f4ca42246906b2718099d992e87a5d3ce9a9d86
SIZE (bind-9.10.4-P3.tar.gz) = 9299078 SIZE (bind-9.10.4-P4.tar.gz) = 9299638

12
dns/bind910/files/extrapatch-bind-min-override-ttl
View file

@ -1,4 +1,4 @@
--- bin/named/config.c.orig 2016-04-20 20:11:20 UTC --- bin/named/config.c.orig 2016-10-21 05:10:54 UTC
+++ bin/named/config.c +++ bin/named/config.c
@@ -151,6 +151,8 @@ options {\n\ @@ -151,6 +151,8 @@ options {\n\
min-roots 2;\n\ min-roots 2;\n\
@ -9,7 +9,7 @@
max-cache-ttl 604800; /* 1 week */\n\ max-cache-ttl 604800; /* 1 week */\n\
transfer-format many-answers;\n\ transfer-format many-answers;\n\
max-cache-size 0;\n\ max-cache-size 0;\n\
--- bin/named/server.c.orig 2016-04-20 20:11:20 UTC --- bin/named/server.c.orig 2016-10-21 05:10:54 UTC
+++ bin/named/server.c +++ bin/named/server.c
@@ -2802,6 +2802,16 @@ configure_view(dns_view_t *view, dns_vie @@ -2802,6 +2802,16 @@ configure_view(dns_view_t *view, dns_vie
} }
@ -28,7 +28,7 @@
result = ns_config_get(maps, "max-cache-ttl", &obj); result = ns_config_get(maps, "max-cache-ttl", &obj);
INSIST(result == ISC_R_SUCCESS); INSIST(result == ISC_R_SUCCESS);
view->maxcachettl = cfg_obj_asuint32(obj); view->maxcachettl = cfg_obj_asuint32(obj);
--- lib/dns/include/dns/view.h.orig 2016-04-20 20:11:20 UTC --- lib/dns/include/dns/view.h.orig 2016-10-21 05:10:54 UTC
+++ lib/dns/include/dns/view.h +++ lib/dns/include/dns/view.h
@@ -150,6 +150,8 @@ struct dns_view { @@ -150,6 +150,8 @@ struct dns_view {
isc_boolean_t requestnsid; isc_boolean_t requestnsid;
@ -39,9 +39,9 @@
dns_ttl_t maxncachettl; dns_ttl_t maxncachettl;
dns_ttl_t prefetch_trigger; dns_ttl_t prefetch_trigger;
dns_ttl_t prefetch_eligible; dns_ttl_t prefetch_eligible;
--- lib/dns/resolver.c.orig 2016-04-20 20:11:20 UTC --- lib/dns/resolver.c.orig 2016-10-21 05:10:54 UTC
+++ lib/dns/resolver.c +++ lib/dns/resolver.c
@@ -5371,6 +5371,18 @@ cache_name(fetchctx_t *fctx, dns_name_t @@ -5373,6 +5373,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
} }
/* /*
@ -60,7 +60,7 @@
* Enforce the configure maximum cache TTL. * Enforce the configure maximum cache TTL.
*/ */
if (rdataset->ttl > res->view->maxcachettl) if (rdataset->ttl > res->view->maxcachettl)
--- lib/isccfg/namedconf.c.orig 2016-04-20 20:11:20 UTC --- lib/isccfg/namedconf.c.orig 2016-10-21 05:10:54 UTC
+++ lib/isccfg/namedconf.c +++ lib/isccfg/namedconf.c
@@ -1572,6 +1572,8 @@ view_clauses[] = { @@ -1572,6 +1572,8 @@ view_clauses[] = {
#endif #endif

2
dns/bind911/Makefile
View file

@ -29,7 +29,7 @@ COMMENT= BIND DNS suite with updated DNSSEC and DNS64
LICENSE= MPL LICENSE= MPL
# ISC releases things like 9.8.0-P1, which our versioning doesn't like # ISC releases things like 9.8.0-P1, which our versioning doesn't like
ISCVERSION= 9.11.0 ISCVERSION= 9.11.0-P1
USES= cpe libedit USES= cpe libedit

6
dns/bind911/distinfo
View file

@ -1,3 +1,3 @@
TIMESTAMP = 1475620351 TIMESTAMP = 1477663452
SHA256 (bind-9.11.0.tar.gz) = 6f0b403036e0281b272a0fbdd0dc3417f3050b625cb059c5409432611418058b SHA256 (bind-9.11.0-P1.tar.gz) = 094cd3134ba1b44f0910de1334f05a7dca68d583da038de40a8ad7a0cb1592c6
SIZE (bind-9.11.0.tar.gz) = 9789272 SIZE (bind-9.11.0-P1.tar.gz) = 9673074

14
dns/bind911/files/extrapatch-bind-min-override-ttl
View file

@ -1,4 +1,4 @@
--- bin/named/config.c.orig 2016-08-30 11:01:49 UTC --- bin/named/config.c.orig 2016-10-21 05:13:38 UTC
+++ bin/named/config.c +++ bin/named/config.c
@@ -154,6 +154,8 @@ options {\n\ @@ -154,6 +154,8 @@ options {\n\
lame-ttl 600;\n\ lame-ttl 600;\n\
@ -9,9 +9,9 @@
max-cache-ttl 604800; /* 1 week */\n\ max-cache-ttl 604800; /* 1 week */\n\
transfer-format many-answers;\n\ transfer-format many-answers;\n\
max-cache-size 90%;\n\ max-cache-size 90%;\n\
--- bin/named/server.c.orig 2016-08-30 11:01:49 UTC --- bin/named/server.c.orig 2016-10-21 05:13:38 UTC
+++ bin/named/server.c +++ bin/named/server.c
@@ -3637,6 +3637,16 @@ configure_view(dns_view_t *view, dns_vie @@ -3638,6 +3638,16 @@ configure_view(dns_view_t *view, dns_vie
} }
obj = NULL; obj = NULL;
@ -28,7 +28,7 @@
result = ns_config_get(maps, "max-cache-ttl", &obj); result = ns_config_get(maps, "max-cache-ttl", &obj);
INSIST(result == ISC_R_SUCCESS); INSIST(result == ISC_R_SUCCESS);
view->maxcachettl = cfg_obj_asuint32(obj); view->maxcachettl = cfg_obj_asuint32(obj);
--- lib/dns/include/dns/view.h.orig 2016-08-30 11:01:49 UTC --- lib/dns/include/dns/view.h.orig 2016-10-21 05:13:38 UTC
+++ lib/dns/include/dns/view.h +++ lib/dns/include/dns/view.h
@@ -146,6 +146,8 @@ struct dns_view { @@ -146,6 +146,8 @@ struct dns_view {
isc_boolean_t requestnsid; isc_boolean_t requestnsid;
@ -39,9 +39,9 @@
dns_ttl_t maxncachettl; dns_ttl_t maxncachettl;
isc_uint32_t nta_lifetime; isc_uint32_t nta_lifetime;
isc_uint32_t nta_recheck; isc_uint32_t nta_recheck;
--- lib/dns/resolver.c.orig 2016-08-30 11:01:49 UTC --- lib/dns/resolver.c.orig 2016-10-21 05:13:38 UTC
+++ lib/dns/resolver.c +++ lib/dns/resolver.c
@@ -5431,6 +5431,18 @@ cache_name(fetchctx_t *fctx, dns_name_t @@ -5433,6 +5433,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
} }
/* /*
@ -60,7 +60,7 @@
* Enforce the configure maximum cache TTL. * Enforce the configure maximum cache TTL.
*/ */
if (rdataset->ttl > res->view->maxcachettl) if (rdataset->ttl > res->view->maxcachettl)
--- lib/isccfg/namedconf.c.orig 2016-08-30 11:01:49 UTC --- lib/isccfg/namedconf.c.orig 2016-10-21 05:13:38 UTC
+++ lib/isccfg/namedconf.c +++ lib/isccfg/namedconf.c
@@ -1735,6 +1735,8 @@ view_clauses[] = { @@ -1735,6 +1735,8 @@ view_clauses[] = {
{ "nosit-udp-size", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE }, { "nosit-udp-size", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE },

2
dns/bind99/Makefile
View file

@ -15,7 +15,7 @@ COMMENT= BIND DNS suite with updated DNSSEC and DNS64
LICENSE= ISCL LICENSE= ISCL
# ISC releases things like 9.8.0-P1, which our versioning doesn't like # ISC releases things like 9.8.0-P1, which our versioning doesn't like
ISCVERSION= 9.9.9-P3 ISCVERSION= 9.9.9-P4
USES= cpe libedit USES= cpe libedit

10
dns/bind99/distinfo
View file

@ -1,5 +1,5 @@
TIMESTAMP = 1474632756 TIMESTAMP = 1477663203
SHA256 (bind-9.9.9-P3.tar.gz) = d63befc221e305bc5cadf9018535e533ebb5a99dd8df69acf42191ecb58991e2 SHA256 (bind-9.9.9-P4.tar.gz) = fdd5120aea9bf5147c350fb2460bfe79c3f1bcc36baa863aee4e1a9de910f1e2
SIZE (bind-9.9.9-P3.tar.gz) = 8764358 SIZE (bind-9.9.9-P4.tar.gz) = 8764378
SHA256 (9.9.9-P3-rpz2+rl.14038.05.patch.xz) = fffc64517aeabd0a9d51243e98b2fad725f98641cfa19e469c0a7b46e6bbc3c0 SHA256 (9.9.9-P4-rpz2+rl.14038.05.patch.xz) = 6cc256dfc7895c9e3eac72465b43deaaba0a01e9f97c492eefc4fe4d80fac4aa
SIZE (9.9.9-P3-rpz2+rl.14038.05.patch.xz) = 39308 SIZE (9.9.9-P4-rpz2+rl.14038.05.patch.xz) = 39308

12
dns/bind99/files/extrapatch-bind-min-override-ttl
View file

@ -1,4 +1,4 @@
--- bin/named/config.c.orig 2016-04-20 20:11:30 UTC --- bin/named/config.c.orig 2016-10-21 05:12:02 UTC
+++ bin/named/config.c +++ bin/named/config.c
@@ -141,6 +141,8 @@ options {\n\ @@ -141,6 +141,8 @@ options {\n\
min-roots 2;\n\ min-roots 2;\n\
@ -9,7 +9,7 @@
max-cache-ttl 604800; /* 1 week */\n\ max-cache-ttl 604800; /* 1 week */\n\
transfer-format many-answers;\n\ transfer-format many-answers;\n\
max-cache-size 0;\n\ max-cache-size 0;\n\
--- bin/named/server.c.orig 2016-04-20 20:11:30 UTC --- bin/named/server.c.orig 2016-10-21 05:12:02 UTC
+++ bin/named/server.c +++ bin/named/server.c
@@ -2559,6 +2559,16 @@ configure_view(dns_view_t *view, cfg_obj @@ -2559,6 +2559,16 @@ configure_view(dns_view_t *view, cfg_obj
} }
@ -28,7 +28,7 @@
result = ns_config_get(maps, "max-cache-ttl", &obj); result = ns_config_get(maps, "max-cache-ttl", &obj);
INSIST(result == ISC_R_SUCCESS); INSIST(result == ISC_R_SUCCESS);
view->maxcachettl = cfg_obj_asuint32(obj); view->maxcachettl = cfg_obj_asuint32(obj);
--- lib/dns/include/dns/view.h.orig 2016-04-20 20:11:30 UTC --- lib/dns/include/dns/view.h.orig 2016-10-21 05:12:02 UTC
+++ lib/dns/include/dns/view.h +++ lib/dns/include/dns/view.h
@@ -148,6 +148,8 @@ struct dns_view { @@ -148,6 +148,8 @@ struct dns_view {
isc_boolean_t provideixfr; isc_boolean_t provideixfr;
@ -39,9 +39,9 @@
dns_ttl_t maxncachettl; dns_ttl_t maxncachettl;
in_port_t dstport; in_port_t dstport;
dns_aclenv_t aclenv; dns_aclenv_t aclenv;
--- lib/dns/resolver.c.orig 2016-04-20 20:11:30 UTC --- lib/dns/resolver.c.orig 2016-10-21 05:12:02 UTC
+++ lib/dns/resolver.c +++ lib/dns/resolver.c
@@ -5114,6 +5114,18 @@ cache_name(fetchctx_t *fctx, dns_name_t @@ -5116,6 +5116,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
} }
/* /*
@ -60,7 +60,7 @@
* Enforce the configure maximum cache TTL. * Enforce the configure maximum cache TTL.
*/ */
if (rdataset->ttl > res->view->maxcachettl) if (rdataset->ttl > res->view->maxcachettl)
--- lib/isccfg/namedconf.c.orig 2016-04-20 20:11:30 UTC --- lib/isccfg/namedconf.c.orig 2016-10-21 05:12:02 UTC
+++ lib/isccfg/namedconf.c +++ lib/isccfg/namedconf.c
@@ -1459,6 +1459,8 @@ view_clauses[] = { @@ -1459,6 +1459,8 @@ view_clauses[] = {
{ "lame-ttl", &cfg_type_uint32, 0 }, { "lame-ttl", &cfg_type_uint32, 0 },