[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q2 2008-08-04T08:20:37Z 2008-08-04T08:20:37Z rtr rtr 2008-08-04T08:20:37Z urn:sha1:0ce1d921ee098eaf351002da5dd8f4ecbf4dec80 bind9: update package for fixes revisions pulled up: pkgsrc/net/bind9/Makefile 1.102 pkgsrc/net/bind9/distinfo 1.38 Module Name: pkgsrc Committed By: adrianp Date: Sun Aug 3 18:41:45 UTC 2008 Modified Files: pkgsrc/net/bind9: Makefile distinfo Log Message: Changes since 9.4.2-P1: --- 9.4.2-P2 released --- 2406. [bug] Some operating systems have FD_SETSIZE set to a low value by default, which can cause resource exhaustion when many simultaneous connections are open. Linux in particular makes it difficult to increase this value. To use more sockets with select(), set ISC_SOCKET_FDSETSIZE. Example: STD_CDEFINES="-DISC_SOCKET_FDSETSIZE=4096" ./configure (This should not be necessary in most cases, and never for an authoritative-only server.) [RT #18328] 2404. [port] hpux: files unlimited support. 2403. [bug] TSIG context leak. [RT #18341] 2402. [port] Support Solaris 2.11 and over. [RT #18362] 2401. [bug] Expect to get E[MN]FILE errno internal_accept() (from accept() or fcntl() system calls). [RT #18358] 2399. [bug] Abort timeout queries to reduce the number of open UDP sockets. [RT #18367] 2398. [bug] Improve file descriptor management. New, temporary, named.conf option reserved-sockets, default 512. [RT #18344] 2396. [bug] Don't set SO_REUSEADDR for randomized ports. [RT #18336] 2395. [port] Avoid warning and no effect from "files unlimited" on Linux when running as root. [RT #18335] 2394. [bug] Default configuration options set the limit for open files to 'unlimited' as described in the documentation. [RT #18331] 2392. [bug] remove 'grep -q' from acl test script, some platforms don't support it. [RT #18253] 2322. [port] MacOS: work around the limitation of setrlimit() for RLIMIT_NOFILE. [RT #17526] 2008-07-10T21:05:30Z adrianp adrianp 2008-07-10T21:05:30Z urn:sha1:95065f3242151a4d6304f64490cb974b67c9c557 Please see CHANGES for all the details but the driving factor of this update is: 2375. [security] Fully randomize UDP query ports to improve forgery resilience. [RT #17949] 2008-06-21T22:13:22Z adrianp adrianp 2008-06-21T22:13:22Z urn:sha1:fdf3e8dafc66e998b5a9e0e94216e8af9cf11f3a 2008-06-20T01:09:05Z joerg joerg 2008-06-20T01:09:05Z urn:sha1:d8368bbc25c90072a19b5e48f0fba26251b6877f 2008-05-26T02:13:14Z joerg joerg 2008-05-26T02:13:14Z urn:sha1:2374ca422f2eb8b46ed600c7bb21740b2865d899 many packages used to use ${PAX}. Use the common way of directly calling pax, it is created as tool after all. 2008-05-11T00:00:57Z tonnerre tonnerre 2008-05-11T00:00:57Z urn:sha1:fc7b514ec25e334623bcb6d9a74f9960dfe523b1 check can be abused for implementation specific exploitation: depending on the use of libbind, this can result in denial of service or even remote code execution. 2008-04-12T22:42:57Z jlam jlam 2008-04-12T22:42:57Z urn:sha1:84db467ec7c8386066718011f8d47775d5608811 through PLIST_SUBST to the plist module. 2008-01-18T05:06:18Z tnn tnn 2008-01-18T05:06:18Z urn:sha1:1c8e24b168b5909ecc586bdbb660570b490d92ef on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@ 2007-09-07T22:12:10Z jlam jlam 2007-09-07T22:12:10Z urn:sha1:2f517bc25c1dfd477877da169af65a161a689211 and to support the "inet6" option instead. Remaining usage of USE_INET6 was solely for the benefit of the scripts that generate the README.html files. Replace: BUILD_DEFS+= USE_INET6 with BUILD_DEFS+= IPV6_READY and teach the README-generation tools to look for that instead. This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code to continue to support USE_INET6 for pkgsrc-wip until it has been nuked from there as well. 2007-08-08T18:32:45Z reed reed 2007-08-08T18:32:45Z urn:sha1:c9f17310aeef9c56ce172f81789166e641ebdb72 "dragonfly" this may change the build.