[ On Friday, November 10, 2000 at 16:50:49 (+0900), itojun@iijlab.net wrote: ]
> Subject: Re: security/11459: possible fix for remote DoS attack in BIND-8.2.2-P5
>
> 	do you have any preference in importing 822P7?  is it okay if I import
> 	it into src/dist/bind today, or should i wait a little bit?

Well it's passing all my tests without any local changes so I'd say it's
good to import.  I'm going to build it and deploy it a little wider
tomorrow but there should be no harm in importing even if a new release
is made available in a day or two (other than the extra effort, of
course, though having the full history in the repo isn't a bad thing).

The pkgsrc/net/bind8 module should be updated ASAP too I think.  It
shouldn't need any other changes (other updating than the version ID) as
far I can see.  Perhaps something like this (I'm not 100% sure my
makefile is up to date, but the changes are of course rather obvious):

Index: Makefile
===================================================================
RCS file: /cvs/NetBSD/pkgsrc/net/bind8/Makefile,v
retrieving revision 1.1.1.2
diff -c -u -r1.1.1.2 Makefile
--- Makefile	2000/01/07 19:37:18	1.1.1.2
+++ Makefile	2000/11/10 08:11:48
@@ -5,10 +5,10 @@
 #
 
 DISTNAME=	bind
-PKGNAME=	bind-8.2.2p5
+PKGNAME=	bind-8.2.2p7
 WRKSRC=		${WRKDIR}/src
 CATEGORIES=	net
-MASTER_SITES=	ftp://ftp.isc.org/isc/bind/src/8.2.2-P5/
+MASTER_SITES=	ftp://ftp.isc.org/isc/bind/src/8.2.2-P7/
 DISTFILES=	${DISTNAME}-src.tar.gz ${DISTNAME}-doc.tar.gz
 
 MAINTAINER=	packages@NetBSD.org
@@ -16,7 +16,7 @@
 
 Y2K=		http://www.isc.org/ISC/y2k.html
 
-DIST_SUBDIR=	bind/8.2.2-P5
+DIST_SUBDIR=	bind/8.2.2-P7
 EXTRACT_ONLY=	${DISTNAME}-src.tar.gz ${DISTNAME}-doc.tar.gz
 
 post-build:

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>