Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2020Q2]: pkgsrc/net/bind911 Pullup ticket #6311 - requested by...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/c953e44d8f10
branches:  pkgsrc-2020Q2
changeset: 437628:c953e44d8f10
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Fri Aug 28 15:57:47 2020 +0000

description:
Pullup ticket #6311 - requested by taca
net/bind911: security fix

Revisions pulled up:
- net/bind911/Makefile                                          1.29
- net/bind911/distinfo                                          1.21

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Fri Aug 21 16:09:44 UTC 2020

   Modified Files:
        pkgsrc/net/bind911: Makefile distinfo

   Log Message:
   net/bind911: update to 9.11.22

   Update bind911 to 9.11.22 (BIND 9.11.22).

        --- 9.11.22 released ---

   5481.        [security]      "update-policy" rules of type "subdomain" were
                        incorrectly treated as "zonesub" rules, which allowed
                        keys used in "subdomain" rules to update names outside
                        of the specified subdomains. The problem was fixed by
                        making sure "subdomain" rules are again processed as
                        described in the ARM. (CVE-2020-8624) [GL #2055]

   5480.        [security]      When BIND 9 was compiled with native PKCS#11 support, it
                        was possible to trigger an assertion failure in code
                        determining the number of bits in the PKCS#11 RSA public
                        key with a specially crafted packet. (CVE-2020-8623)
                        [GL #2037]

   5476.        [security]      It was possible to trigger an assertion failure when
                        verifying the response to a TSIG-signed request.
                        (CVE-2020-8622) [GL #2028]

   5475.        [bug]           Wildcard RPZ passthru rules could incorrectly be
                        overridden by other rules that were loaded from RPZ
                        zones which appeared later in the "response-policy"
                        statement. This has been fixed. [GL #1619]

   5474.        [bug]           dns_rdata_hip_next() failed to return ISC_R_NOMORE
                        when it should have. [GL !3880]

   5465.        [func]          Added fallback to built-in trust-anchors, managed-keys,
                        or trusted-keys if the bindkeys-file (bind.keys) cannot
                        be parsed. [GL #1235]

   5463.        [bug]           Address a potential NULL pointer dereference when out of
                        memory in dnstap.c. [GL #2010]

   5462.        [bug]           Move LMDB locking from LMDB itself to named. [GL #1976]

diffstat:

 net/bind911/Makefile |   4 ++--
 net/bind911/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (36 lines):

diff -r d9f6d2a91d72 -r c953e44d8f10 net/bind911/Makefile
--- a/net/bind911/Makefile      Fri Aug 28 15:44:32 2020 +0000
+++ b/net/bind911/Makefile      Fri Aug 28 15:57:47 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.28 2020/06/18 14:06:21 taca Exp $
+# $NetBSD: Makefile,v 1.28.2.1 2020/08/28 15:57:47 bsiegert Exp $
 
 DISTNAME=      bind-${BIND_VERSION}
 PKGNAME=       ${DISTNAME:S/-P/pl/}
@@ -14,7 +14,7 @@
 
 MAKE_JOBS_SAFE=        no
 
-BIND_VERSION=  9.11.20
+BIND_VERSION=  9.11.22
 
 .include "../../mk/bsd.prefs.mk"
 
diff -r d9f6d2a91d72 -r c953e44d8f10 net/bind911/distinfo
--- a/net/bind911/distinfo      Fri Aug 28 15:44:32 2020 +0000
+++ b/net/bind911/distinfo      Fri Aug 28 15:57:47 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.20 2020/06/18 14:06:21 taca Exp $
+$NetBSD: distinfo,v 1.20.2.1 2020/08/28 15:57:47 bsiegert Exp $
 
-SHA1 (bind-9.11.20.tar.gz) = ff6ad0d3f9282a77786e93eb889154008ef1ccdf
-RMD160 (bind-9.11.20.tar.gz) = ce7f8bb446d63c1b4dbdccf7e6294b87fdba6101
-SHA512 (bind-9.11.20.tar.gz) = 249710a35dfd340abf8d07c526fb9dd05ab3ed186641f33b697f9a59a866965f43d77e6d0c77b3690698eb6d451a15506cedc5da18aff666c9d95a864268dd25
-Size (bind-9.11.20.tar.gz) = 8244703 bytes
+SHA1 (bind-9.11.22.tar.gz) = 10104100e265bc9e4b8975b3dc6266cd2d40b597
+RMD160 (bind-9.11.22.tar.gz) = 142024c9808b981544048676ce57cfbf47170f48
+SHA512 (bind-9.11.22.tar.gz) = 8ed2ed661b87705bbb7ddde3076a132b4e53971d669600997abfa104404e0c8b4bf04cc04c6be1c2c701123db5e0d4645ab797e5a985a18f5a1d68824a3df3ed
+Size (bind-9.11.22.tar.gz) = 8248081 bytes
 SHA1 (patch-bin_named_Makefile.in) = 3e5b98e3e0bdb701be679d3580d6d2d7609d655b
 SHA1 (patch-bin_named_server.c) = 0294d74eb3039049c4672a3de6eb371407bb382d
 SHA1 (patch-bin_pkcs11_pkcs11-keygen.c) = ca2671a5e3216a08a212cf893e070b01705ef9ee



Home | Main Index | Thread Index | Old Index