1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-24 00:45:52 +00:00
freebsd-ports/dns/bind97/distinfo
Doug Barton 8a993c4fbb Update to version 9.7.2-P3, the latest from ISC, which addresses
the following security vulnerabilities.

For more information regarding these issues please see:
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories

1. Cache incorrectly allows ncache and rrsig for the same type

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613

   Affects resolver operators whose servers are open to potential
   attackers. Triggering the bug will cause the server to crash.

   This bug applies even if you do not have DNSSEC enabled.

2. Using "allow-query" in the "options" or "view" statements to
   restrict access to authoritative zones has no effect.

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615

   Affects authoritative server operators who wish to generally
   restrict queries to their authoritative zones, and are running
   9.6.2-P2 or any version of 9.7.x. The bug will allow unauthorized
   end users to receive answers to queries they should not.

3. Key algorithm rollover

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614

   Affects resolver operators who have 9.7.2-P2 installed,
   are validating with DNSSEC, and querying zones which are
   in a key rollover period. The bug will cause answers to
   incorrectly be marked as insecure.

For the port:
1. Add CONFLICT for the ../bind-tools port
2. Switch to pkg-install to create the symlinks to /etc/namedb/ as
   requested in [1]

PR:		ports/151635 [1]
Submitted by:	Benjamin Lee <ben@b1c1l1.com> [1]
2010-12-03 22:39:44 +00:00

5 lines
274 B
Plaintext

SHA256 (bind-9.7.2-P3.tar.gz) = cd945f4766be664f4528ec065df626ad3624481695316ec8e13ad272f4abfb7e
SIZE (bind-9.7.2-P3.tar.gz) = 7643996
SHA256 (bind-9.7.2-P3.tar.gz.asc) = 3f9047dbd123f211b8f9d6b7cbb53f9d6db3cd713a6fc144644b0d87a75afe93
SIZE (bind-9.7.2-P3.tar.gz.asc) = 481