http://www.isc.org/index.pl?/sw/bind/bind8-eol.php
Therefore, per the previous announcement, remove the ports for BIND 8.
This includes the chinese/bind8 slave port, and mail/smc-milter which
has a dependency on libbind_r.a from BIND 8.x. The latter has been
unmaintained since 2005, and is 3 versions behind.
Approved by: portmgr (linimon)
perl unconditonally, or conditionally. To be able to conditionalize the
inclusion of bsd.perl.mk, they now need to be defined before the inclusion
of bsd.port.pre.mk.
Hat: portmgr
I don't think this port has any specific to do with gcc-3.4
compiler; building with the gcc-4.2.0 (and the latest 4.2.1)
is fine here.
I also have added a few patch files, for hard-coded
/etc/inadyn.conf, although a sample config
/usr/local/etc/inadyn.conf.sample and an rc script to
automate daemonization also need to added. But are not
mandatory.
PR: ports/115699
Submitted by: Balwinder S Dheeman <bdheeman@yahoo.com>
- Bump PORTREVISION
[1] Notes:
powerdns-recursor 3.1.4 doesn't support multiline txt records, which
are used by various dns information systems. 3.1.5 does have support
for this. A backport of the code changes is relatively risk-free, and has been
requested by users and port maintainers.
http://www.nabble.com/recursor-unable-to-resolve-asn.routeviews.org-data-t4252567.html
PR: 116029
Submitted by: Sten Spans <sten@blinkenlights.nl> (Maintainer)
in the tooth BIND 8. As of today (27 August 2007) ISC has announced
that BIND 8 is officially End of Life (EOL) and therefore it's time
to say good-bye.
Please see http://www.isc.org/sw/bind/bind8-eol.php for details on the
reasoning behind the EOL status, the latest security issues, and a
migration guide to help you move toward BIND 9.4.x.
bind8 (BIND 8.3.7) is marked FORBIDDEN due to the predictable query ID
bug (see above) which will not be fixed for this version.
bind84 is marked DEPRECATED, and will be upgraded to 8.4.7-P1 when it
is available.
daemon.
multi_dnsbl is a DNS emulator daemon that increases the efficacy of DNSBL
look-ups in a mail system. multi_dnsbl may be used as a stand-alone DNSBL or as
a plug-in for a standard BIND 9 installation. multi_dnsbl shares a common
configuration file format with the Mail::SpamCannibal sc_BLcheck.pl script so
that DNSBL's can be maintained in a common configuration file for an entire
mail installation.
Because DNSBL usefulness is dependent on the nature and source of spam sent to
a specific site and because sometimes DNSBL's may provide intermittant service,
multi_dnsbl interrogates them sorted in the order of greatest successful hits.
DNSBL's that do not respond within the configured timeout period are not
interrogated at all after 6 consecutive failures, and thereafter will be
retried not more often than once every hour until they come back online. This
eliminates the need to place DNSBL's in a particular order in your MTA's config
file or periodically monitor the DNSBL statistics and/or update the MTA config
file.
WWW: http://search.cpan.org/~miker/Net-DNSBL-MultiDaemon-0.18/MultiDaemon.pm
PR: ports/115639
Submitted by: Andrew Greenwood <greenwood.andy at gmail.com>
- Add significantly better support in bsd.python.mk for working with
Python Eggs and the easy_install system
Tested by: pointyhat runs
Approved by: pav (portmgr)
Most work by: perky
Thanks to: pav
1. The default access control lists (acls) are not being
correctly set. If not set anyone can make recursive queries
and/or query the cache contents.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925
2. The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.
This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.
All users are encouraged to upgrade.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.
This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.
All users are encouraged to upgrade.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
