freebsd-ports/dns/bind96
Doug Barton 9b77b5a942 Upgrade to BIND 9.4.3-P5, 9.5.2-P2, and 9.6.1-P3. These versions address
the following vulnerabilities:

BIND 9 Cache Update from Additional Section
https://www.isc.org/advisories/CVE-2009-4022v6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
A nameserver with DNSSEC validation enabled may incorrectly add
unauthenticated records to its cache that are received during the
resolution of a recursive client query

BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
https://www.isc.org/advisories/CVE-2010-0097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
There was an error in the DNSSEC NSEC/NSEC3 validation code that could
cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records
proven by NSEC or NSEC3 to exist) to be cached as if they had validated
correctly

These issues only affect systems with DNSSEC validation enabled.
2010-01-25 00:25:08 +00:00
..
files Wrap some query socket handling in dig with a socket != NULL bow 2009-11-07 19:23:17 +00:00
distinfo Upgrade to BIND 9.4.3-P5, 9.5.2-P2, and 9.6.1-P3. These versions address 2010-01-25 00:25:08 +00:00
Makefile Upgrade to BIND 9.4.3-P5, 9.5.2-P2, and 9.6.1-P3. These versions address 2010-01-25 00:25:08 +00:00
pkg-descr Update after repo-copy for BIND 9.6.0 2009-01-04 07:15:46 +00:00
pkg-message Update the pkg-message to be even less version-specific, and tell the user 2008-06-02 04:18:45 +00:00
pkg-plist For all: 2009-08-29 23:15:57 +00:00