aboutsummaryrefslogtreecommitdiff
path: root/dns/bind94
Commit message (Collapse)AuthorAgeFilesLines
* Fix pkg-plist by including a new file.Doug Barton2007-12-052-0/+2
| | | | | | | | Pointy hat number N:M (where M = many) goes to: dougb Approved by: portmgr (erwin) Notes: svn path=/head/; revision=202908
* ISC recently announced that BIND 8 has been End-of-Life'd:Doug Barton2007-12-031-1/+1
| | | | | | | | | | | | | | http://www.isc.org/index.pl?/sw/bind/bind8-eol.php Therefore, per the previous announcement, remove the ports for BIND 8. This includes the chinese/bind8 slave port, and mail/smc-milter which has a dependency on libbind_r.a from BIND 8.x. The latter has been unmaintained since 2005, and is 3 versions behind. Approved by: portmgr (linimon) Notes: svn path=/head/; revision=202883
* Update to BIND 9.4.2. Many bugs are fixed, please see the CHANGESDoug Barton2007-12-014-17/+14
| | | | | | | | | file for more details. Approved by: portmgr (erwin) Notes: svn path=/head/; revision=202873
* Update to 9.4.1-P1, which has fixes for the following:Doug Barton2007-07-242-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | 1. The default access control lists (acls) are not being correctly set. If not set anyone can make recursive queries and/or query the cache contents. See also: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 2. The DNS query id generation is vulnerable to cryptographic analysis which provides a 1 in 8 chance of guessing the next query id for 50% of the query ids. This can be used to perform cache poisoning by an attacker. This bug only affects outgoing queries, generated by BIND 9 to answer questions as a resolver, or when it is looking up data for internal uses, such as when sending NOTIFYs to slave name servers. All users are encouraged to upgrade. See also: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 Notes: svn path=/head/; revision=196229
* - Set --mandir and --infodir in CONFIGURE_ARGS if the configure scriptRong-En Fan2007-07-231-2/+1
| | | | | | | | | | | | | | | | | | | | | supports them. This is determined by running ``configure --help'' in do-configure target and set the shell variable _LATE_CONFIGURE_ARGS which is then passed to CONFIGURE_ARGS. - Remove --mandir and --infodir in ports' Makefile where applicable Few ports use REINPLACE_CMD to achieve the same effect, remove them too. - Correct some manual pages location from PREFIX/man to MANPREFIX/man - Define INFO_PATH where necessary - Document that .info files are installed in a subdirectory relative to PREFIX/INFO_PATH and slightly change add-plist-info to use INFO_PATH and subdirectory detection. PR: ports/111470 Approved by: portmgr Discussed with: stas (Mk/*), gerald (info related stuffs) Tested by: pointyhat exp run Notes: svn path=/head/; revision=196111
* Update to version 9.4.1, a security update from ISC:Doug Barton2007-05-012-8/+8
| | | | | | | | | | | 2172. [bug] query_addsoa() was being called with a non zone db. [RT #16834] If you are running BIND 9.4.0 (either pre-release or final), you are advised to upgrade as soon as possible to BIND 9.4.1. Notes: svn path=/head/; revision=191246
* Update to the release version of 9.4.0.Doug Barton2007-02-262-8/+8
| | | | Notes: svn path=/head/; revision=185961
* Complete the update for bind94 after the repocopy, and hook it up.Doug Barton2007-01-284-32/+49
| | | | Notes: svn path=/head/; revision=183578
* Upgrade to version 9.3.4, the latest from ISC, which addresses theDoug Barton2007-01-252-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | following security issues. All users of BIND are encouraged to upgrade to this version. 2126. [security] Serialise validation of type ANY responses. [RT #16555] 2124. [security] It was possible to dereference a freed fetch context. [RT #16584] 2089. [security] Raise the minimum safe OpenSSL versions to OpenSSL 0.9.7l and OpenSSL 0.9.8d. Versions prior to these have known security flaws which are (potentially) exploitable in named. [RT #16391] 2088. [security] Change the default RSA exponent from 3 to 65537. [RT #16391] 2066. [security] Handle SIG queries gracefully. [RT #16300] 1941. [bug] ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] Notes: svn path=/head/; revision=183229
* Apply the markup fixes from the base to the nsupdate.8 andDoug Barton2006-12-211-0/+8
| | | | | | | nslookup.1 man pages. Notes: svn path=/head/; revision=180313
* Upgrade to version 9.3.3, the latest from ISC. This isDoug Barton2006-12-092-8/+8
| | | | | | | | | | | a maintenance release, with the usual round of bug and security fixes. All users of BIND 9 are encouraged to upgrade to this version. Notes: svn path=/head/; revision=179339
* Update to version 9.3.2-P2, which addresses the vulnerabilityDoug Barton2006-11-032-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | announced by ISC dated 31 October (delivered via e-mail to the bind-announce@isc.org list today): Description: Because of OpenSSL's recently announced vulnerabilities (CAN-2006-4339, CVE-2006-2937 and CVE-2006-2940) which affect named, we are announcing this workaround and releasing patches. A proof of concept attack on OpenSSL has been demonstrated for CAN-2006-4339. OpenSSL is required to use DNSSEC with BIND. Fix for version 9.3.2-P1 and lower: Upgrade to BIND 9.2.3-P2, then generate new RSASHA1 and RSAMD5 keys for all old keys using the old default exponent and perform a key rollover to these new keys. These versions also change the default RSA exponent to be 65537 which is not vulnerable to the attacks described in CAN-2006-4339. Notes: svn path=/head/; revision=176257
* Upgrade to version 9.3.2-P1, which addresses the following securityDoug Barton2006-09-062-8/+8
| | | | | | | | | | | | | | | | vulnerabilities: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en 2066. [security] Handle SIG queries gracefully. [RT #16300] http://www.kb.cert.org/vuls/id/697164 1941. [bug] ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] All users of BIND 9 are encouraged to upgrade to this version. Notes: svn path=/head/; revision=172416
* Add OPTIONS to the rest of my ports that need them.Doug Barton2006-08-281-16/+10
| | | | | | | Add CONFLICTS to the bind* ports. Notes: svn path=/head/; revision=171498
* Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtryEdwin Groothuis2006-01-221-1/+1
| | | | | | | | Approved by: krion@ PR: ports/88711 (related) Notes: svn path=/head/; revision=154110
* Update to 9.3.2, the latest from ISCDoug Barton2005-12-284-31/+9
| | | | Notes: svn path=/head/; revision=152247
* Move the verify target after pre-fetch.Doug Barton2005-12-061-3/+3
| | | | Notes: svn path=/head/; revision=150511
* Committed the wrong version ... s#/usr/local#${LOCALBASE}#Doug Barton2005-11-271-1/+1
| | | | Notes: svn path=/head/; revision=149630
* Fix a long-standing problem that appears when users installDoug Barton2005-11-271-1/+7
| | | | | | | | | | | | | | openssl from ports, and do not use the option to have the port version overwrite the base version. Several folks have mentioned this problem in the past, but a good workaround (and more importantly, solid testing) were provided by the submitter. Submitted by: Uffe Vedenbrant <uffe@vedenbrant.se> Notes: svn path=/head/; revision=149628
* Add SHA256 checksums to my portsDoug Barton2005-11-241-0/+2
| | | | Notes: svn path=/head/; revision=149230
* For the ports that I maintain, do the following as appropriate:Doug Barton2005-10-291-1/+5
| | | | | | | | | | | | 1. Add myself as a backup master site (Sourceforge and CPAN ports already have good enough coverage, so skip them). 2. For all ports that have them, download the PGP signature files. 3. For ports in 2, add a verify target to the Makefile 4. For ports where I was already providing a master site, update the URL. 5. Pet portlint in a couple of places. Notes: svn path=/head/; revision=146646
* This issue was researched by glebius, and this patch wasDoug Barton2005-08-181-0/+23
| | | | | | | | | | | | | | | | | | incorporated by ISC into the next version of BIND. The patch addresses a problem with high-load resolvers which hit memory barriers. Without this patch, running the resolving name server out of memory would lead to "unpredictable results." Of course, the canonical answer to this problem is to put more memory into the system, however that is not always possible, and the code should be able to handle this situation gracefully in any case. Approved by: portmgr (krion) Notes: svn path=/head/; revision=140919
* ISC staff has informed me that in BIND 9.3.x, threads are always aDoug Barton2005-06-291-1/+3
| | | | | | | | bad idea, so disable them in all cases unless the user has affirmatively requested this through the define. Notes: svn path=/head/; revision=138160
* 1. The OPTIONS stuff isn't working the way it should according to reports,Doug Barton2005-03-171-4/+2
| | | | | | | | | so rip it out until I have a chance to debug it. 2. Improve the comment about deprecating an old knob. Notes: svn path=/head/; revision=131473
* Upgrade to 9.3.1, the latest version from ISC. This version containsDoug Barton2005-03-133-32/+23
| | | | | | | | | | | | | | | | | | | | | several important fixes, including a remote (although unlikely) exploit. See the CHANGES file for details. All users of BIND 9 are highly encouraged to upgrade to this version. Changes to the port include: 1. Remove ISC patch to 9.3.0 that addressed the remote exploit 2. Change to OPTIONS, and thereby 3. --enable-threads is now the default. Users report that the new thread code in 9.3.x works significantly better than the old on all versions of FreeBSD. 4. Add a temporary shim for the old PORT_REPLACES_BASE_BIND9 option. The OPTIONS framework requires knobs to start with WITH_ or WITHOUT_ 5. Remove patch that shoehorned named.conf.5 into the right place, it has been fixed in the code. Notes: svn path=/head/; revision=131083
* Include a patch from ISC to deal with the following vulnerability:Doug Barton2005-01-282-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | Name: BIND: Self Check Failing [Added 2005.25.01] Versions affected: BIND 9.3.0 Severity: LOW Exploitable: Remotely Type: Denial of Service Description: An incorrect assumption in the validator (authvalidated) can result in a REQUIRE (internal consistancy) test failing and named exiting. Workarounds: Turn off dnssec validation (off by default) at the options/view level. dnssec-enable no; Active Exploits: None known Bump PORTREVISION accordingly. It should be noted that the vast majority of users would not have DNSSEC enabled, and therefore are not vulnerable to this bug. Notes: svn path=/head/; revision=127562
* The parens around the OSVERSION test were fatal for < 4.9, and did notDoug Barton2004-09-271-1/+1
| | | | | | | | | | | provide anything useful for newer systems, so remove them. PR: ports/72118 Submitted by: Michel Lavondes <fox@vader.aacc.cc.md.us> Approved by: portmgr (eik) Notes: svn path=/head/; revision=118453
* Update to BIND 9.3.0, the latest from ISC. This version has severalDoug Barton2004-09-246-27/+59
| | | | | | | | | | | | | | | | | | | significant updates, not the least of which is the new and improved DNSSEC code based on the latest standards (including DS). Various updates to the port, including: 1. Download the PGP signature 2. If running on ${OSVERSION} >= 503000, configure with threads 3. Update pkg-descr re IPv6 RRs 4. Update pkg-message to reflect a world with 6-current There is also a patch to correct a man page installation error. This problem should be fixed in the next release. Approved by: portmgr (marcus) Notes: svn path=/head/; revision=118366
* The ringserver sites don't have the latest BIND 9.Doug Barton2004-04-041-2/+1
| | | | | | | Submitted by: fenner's distfile survey Notes: svn path=/head/; revision=106092
* DISTNAME is a slightly less painful way of dealing with wackyDoug Barton2004-03-141-2/+1
| | | | | | | version numbers. Notes: svn path=/head/; revision=104020
* Now that the SIZE thing has stabilized, add it to the ports I maintain.Doug Barton2004-03-141-0/+1
| | | | Notes: svn path=/head/; revision=103917
* I specifically stated that I did not want to bump portepoch for this port.Doug Barton2003-10-281-1/+0
| | | | | | | | | | | | | I realize that my error in version numbering previously caused some confusion about 9.2.3 being a more up to date version than 9.2.3.4, but this will quickly be resolved with the next version, and affected only a few users who installed the release candidate. The portepoch change is permanent, and perpetuates a silly kludge for no good reason. Please do not change this again without discussing it with me. Notes: svn path=/head/; revision=92446
* Fix removal of the last digit in the version number issue.Edwin Groothuis2003-10-281-0/+1
| | | | | | | | | | [~/cvs/ports/dns/bind9] edwin@k7>pkg_version -t 9.2.3.4 9.2.3 > [~/cvs/ports/dns/bind9] edwin@k7>pkg_version -t 9.2.3.4 9.2.3,1 < Notes: svn path=/head/; revision=92427
* Upgrade to the 9.2.3 release versionDoug Barton2003-10-242-3/+3
| | | | Notes: svn path=/head/; revision=92089
* Unbreak(?) USE_OPENSSL support for people that don't have it in the baseDoug Barton2003-10-021-7/+2
| | | | | | | Submitted by: A cast of thousands Notes: svn path=/head/; revision=90058
* Upgrade to version 9.2.3rc4.Doug Barton2003-09-252-4/+4
| | | | | | | | | | | The 9.2.3 code has many many bugs fixed from 9.2.2, check CHANGES for more information. The rc4 code has the delegation-only options. Check the ARM for information on how to enable it. Notes: svn path=/head/; revision=89298
* DOCSDIR'ifyDoug Barton2003-09-251-26/+26
| | | | Notes: svn path=/head/; revision=89297
* Chase repocopies towards ports/dnsEdwin Groothuis2003-09-051-1/+1
| | | | | | | | | PR: ports/56020 Submitted by: Kimura Fuyuki <fuyuki@nigredo.org> Approved by: portmgr Notes: svn path=/head/; revision=88581
* Massive repo-copies request: net->dns (partly devel->dns)Edwin Groothuis2003-09-051-1/+1
| | | | | | | | | PR: ports/56020 Submitted by: Kimura Fuyuki <fuyuki@nigredo.org> Approved by: portmgr Notes: svn path=/head/; revision=88573
* Display the new pkg-message after port build.Doug Barton2003-06-071-0/+2
| | | | Notes: svn path=/head/; revision=82483
* Add a message to explain how to configure randomness, and rndc.Doug Barton2003-06-071-0/+22
| | | | Notes: svn path=/head/; revision=82480
* * Update to version 9.2.2, the latest from ISC. This version contains noDoug Barton2003-03-042-3/+4
| | | | | | | | | | new features compared to 9.2.1, only bug fixes. Users of BIND 9 are highly encouraged to upgrade. * Switch to Makefile COMMENT Notes: svn path=/head/; revision=76841
* Switch to Makefile commentDoug Barton2003-03-041-1/+0
| | | | Notes: svn path=/head/; revision=76840
* Add my name and e-mailDoug Barton2003-03-041-0/+3
| | | | Notes: svn path=/head/; revision=76839
* Upgrade to 9.2.2rc1. This version has been available for several months, andDoug Barton2003-01-263-24/+28
| | | | | | | | | | | | is widely considered to be more stable than 9.2.1. I would have preferred a -REL version, but better is better. * Clean up the Makefile a little * Just say no to threads * Add the PORT_REPLACES_BASE magic, similar to the bind8 port Notes: svn path=/head/; revision=74024
* typoYing-Chieh Liao2002-08-011-1/+1
| | | | | | | Submitted by: Kimura Fuyuki <fuyuki@hadaly.org> Notes: svn path=/head/; revision=63837
* add MASTER_SITE_ISC (1) and apply themYing-Chieh Liao2002-08-011-4/+2
| | | | | | | | PR: 41218 Submitted by: Kimura Fuyuki <fuyuki@hadaly.org> (1) Notes: svn path=/head/; revision=63835
* Update to the latest release versionDoug Barton2002-05-222-4/+4
| | | | Notes: svn path=/head/; revision=59668
* Upgrade to 9.2.1rc2, the latest from ISC. Numerous bugs were fixed,Doug Barton2002-04-082-4/+4
| | | | | | | see /usr/local/share/doc/bind9/CHANGES after installation for details. Notes: svn path=/head/; revision=57425
* Fix PORTVERSION so that wacky things don't happen down the road.Doug Barton2002-03-171-7/+9
| | | | | | | | | In my previous commit I forgot to mention that 'pkg_add -r bind' is only half the rationale for changing PORTNAME. The other half is so that people who really want to can 'pkg_add -r bind9'. Notes: svn path=/head/; revision=56263