CVS commit: pkgsrc/net/bind910

["Takahiro Kambe" <taca%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   taca
Date:           Wed Jan 20 02:15:58 UTC 2016

Modified Files:
        pkgsrc/net/bind910: Makefile distinfo

Log Message:
Update bind910 to 9.10.3pl3 (BIND 9.10.3-P3).

Security Fixes

     * Specific APL data could trigger an INSIST. This flaw was discovered
       by Brian Mitchell and is disclosed in CVE-2015-8704. [RT #41396]
     * Certain errors that could be encountered when printing out or
       logging an OPT record containing a CLIENT-SUBNET option could be
       mishandled, resulting in an assertion failure. This flaw was
       discovered by Brian Mitchell and is disclosed in CVE-2015-8705. [RT
       #41397]
     * Named is potentially vulnerable to the OpenSSL vulnerabilty
       described in CVE-2015-3193.
     * Insufficient testing when parsing a message allowed records with an
       incorrect class to be be accepted, triggering a REQUIRE failure
       when those records were subsequently cached. This flaw is disclosed
       in CVE-2015-8000. [RT #40987]
     * Incorrect reference counting could result in an INSIST failure if a
       socket error occurred while performing a lookup. This flaw is
       disclosed in CVE-2015-8461. [RT#40945]

New Features

     * None.

Feature Changes

     * Updated the compiled in addresses for H.ROOT-SERVERS.NET.

Bug Fixes

     * Authoritative servers that were marked as bogus (e.g. blackholed in
       configuration or with invalid addresses) were being queried anyway.
       [RT #41321]


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/net/bind910/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/bind910/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.