src-test2/contrib/bind9/README, branch stable/6FreeBSD source treehttps://cgit-dev.freebsd.org/src-test2/atom?h=stable%2F62009-01-10T04:30:27ZMerge from vendor/bind9/dist-9.3 as of the 9.3.6-P1 import2009-01-10T04:30:27ZDoug Bartondougb@FreeBSD.org2009-01-10T04:30:27Zurn:sha1:c26f2738807f29834e091b2fb13a229011884161Update to version 9.3.5. It contains the latest bug fixes, updates2008-06-03T05:38:10ZDoug Bartondougb@FreeBSD.org2008-06-03T05:38:10Zurn:sha1:10e8d52e884dd8d7592baddbb08a4cf7547d5c1e
to root server addresses, and a fix for the vulnerability mentioned
here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122
Users of BIND 9.3.x are strongly encouraged to upgrade to this
version. Also, the 9.3.x branch is now in maintenance-only mode.
Users are encouraged to investigate BIND 9.4.x or perhaps 9.5.x.
http://www.isc.org/index.pl?/sw/bind/versions_and_support.php
This udpate is being done by updating the files directly in this
branch rather than an import + MFC because BIND in HEAD is 9.4.x.
Update to 9.3.4-P1, which fixes the following:2007-07-25T08:24:40ZDoug Bartondougb@FreeBSD.org2007-07-25T08:24:40Zurn:sha1:58a7459b817ff9c684f42fd811dc4d8ded9c3b45
The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.
This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.
All users are encouraged to upgrade.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
MFC the upgrade to BIND 9.3.42007-02-07T00:46:35ZDoug Bartondougb@FreeBSD.org2007-02-07T00:46:35Zurn:sha1:b5ffb43644045b7dad19856fa8439daef78f1e3fMFC upgrade to version 9.3.32006-12-13T09:47:02ZDoug Bartondougb@FreeBSD.org2006-12-13T09:47:02Zurn:sha1:74fd60d0b2333c395281acd70ef19a37a95dc2b1
Approved by: re (kensmith)
MFC import of BIND 9.3.22006-01-14T10:13:50ZDoug Bartondougb@FreeBSD.org2006-01-14T10:13:50Zurn:sha1:41ecb87b06112f5c5ec1c81deb735501a6e8133eVendor import of BIND 9.3.12005-03-17T08:04:02ZDoug Bartondougb@FreeBSD.org2005-03-17T08:04:02Zurn:sha1:6bc6438a36e1c5d65a4752b125d5fb5cf8015879Vender import of BIND 9.3.0rc4.2004-09-19T01:30:24ZTom Rhodestrhodes@FreeBSD.org2004-09-19T01:30:24Zurn:sha1:b1e4bd53e00e9694dd378a884abd3f2dd790190d