From 9b77b5a94274fd5adc704c1a800954fe17a1cc25 Mon Sep 17 00:00:00 2001 From: Doug Barton Date: Mon, 25 Jan 2010 00:25:08 +0000 Subject: Upgrade to BIND 9.4.3-P5, 9.5.2-P2, and 9.6.1-P3. These versions address the following vulnerabilities: BIND 9 Cache Update from Additional Section https://www.isc.org/advisories/CVE-2009-4022v6 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 A nameserver with DNSSEC validation enabled may incorrectly add unauthenticated records to its cache that are received during the resolution of a recursive client query BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses https://www.isc.org/advisories/CVE-2010-0097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 There was an error in the DNSSEC NSEC/NSEC3 validation code that could cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records proven by NSEC or NSEC3 to exist) to be cached as if they had validated correctly These issues only affect systems with DNSSEC validation enabled. --- dns/bind95/Makefile | 4 ++-- dns/bind95/distinfo | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) (limited to 'dns/bind95') diff --git a/dns/bind95/Makefile b/dns/bind95/Makefile index 9d10f141e703..38d1ac726b42 100644 --- a/dns/bind95/Makefile +++ b/dns/bind95/Makefile @@ -12,7 +12,7 @@ # release you can generally build it cleanly from the source - Doug PORTNAME= bind95 -PORTVERSION= 9.5.2.1 +PORTVERSION= 9.5.2.2 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} \ http://dougbarton.us/Downloads/%SUBDIR%/ @@ -25,7 +25,7 @@ MAINTAINER= dougb@FreeBSD.org COMMENT= The BIND DNS suite with updated DNSSEC and threads # ISC releases things like 9.4.0b3, which our versioning doesn't like -ISCVERSION= 9.5.2-P1 +ISCVERSION= 9.5.2-P2 MAKE_JOBS_UNSAFE= yes diff --git a/dns/bind95/distinfo b/dns/bind95/distinfo index b57139971528..f5d2eec258f9 100644 --- a/dns/bind95/distinfo +++ b/dns/bind95/distinfo @@ -1,6 +1,6 @@ -MD5 (bind-9.5.2-P1.tar.gz) = e3c691aa8d6b1a7ad4691fbb49f3cc58 -SHA256 (bind-9.5.2-P1.tar.gz) = ad892a8914fe6765621e0fa01b4acec5cf5487157ce93734f3f7d47ecccae5a0 -SIZE (bind-9.5.2-P1.tar.gz) = 6799718 -MD5 (bind-9.5.2-P1.tar.gz.asc) = 21382fa45433a2272171e8e718824335 -SHA256 (bind-9.5.2-P1.tar.gz.asc) = 3600ed113c6ebd95e0d72fcd5bce9c238e29a9be8579e9110079db5dc440f491 -SIZE (bind-9.5.2-P1.tar.gz.asc) = 481 +MD5 (bind-9.5.2-P2.tar.gz) = 67f228a9083de7509dacd87256060afb +SHA256 (bind-9.5.2-P2.tar.gz) = 8d980a864c83212e4ab68675dd2bda5c6828b3785e7111142a0a83a0a4b63100 +SIZE (bind-9.5.2-P2.tar.gz) = 6674868 +MD5 (bind-9.5.2-P2.tar.gz.asc) = 4335c30ed5514381db789612523b4adf +SHA256 (bind-9.5.2-P2.tar.gz.asc) = 860e68fd3d7089521c8c280cf4ad8461c24c2704d4f7a85314e18c5914f44e0a +SIZE (bind-9.5.2-P2.tar.gz.asc) = 481 -- cgit v1.2.3