diff options
| author | spz <spz@pkgsrc.org> | 2010-01-21 19:42:16 +0000 |
|---|---|---|
| committer | spz <spz@pkgsrc.org> | 2010-01-21 19:42:16 +0000 |
| commit | db2414ddb5c8a14b91cfaf151ae72fb0601dff78 (patch) | |
| tree | 111ac6d3318fb0d33cd5de53a868243f33f03462 /net | |
| parent | 9bd3f726fd61298a8f4e150dfee30cf185ede76c (diff) | |
| download | pkgsrc-db2414ddb5c8a14b91cfaf151ae72fb0601dff78.tar.gz | |
security update:
BIND 9.5.2-P2 is a SECURITY PATCH for BIND 9.5.2. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.5.2-P1:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
Diffstat (limited to 'net')
| -rw-r--r-- | net/bind95/Makefile | 5 | ||||
| -rw-r--r-- | net/bind95/distinfo | 8 |
2 files changed, 6 insertions, 7 deletions
diff --git a/net/bind95/Makefile b/net/bind95/Makefile index 5296c252044..bb97183697a 100644 --- a/net/bind95/Makefile +++ b/net/bind95/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.15 2010/01/17 12:02:30 wiz Exp $ +# $NetBSD: Makefile,v 1.16 2010/01/21 19:42:16 spz Exp $ DISTNAME= bind-${BIND_VERSION} PKGNAME= ${DISTNAME:S/-P/pl/} -PKGREVISION= 2 CATEGORIES= net MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ \ http://ftp.belnet.be/pub/mirror/ftp.isc.org/isc/bind9/${BIND_VERSION}/ @@ -17,7 +16,7 @@ CONFLICTS+= bind>=9.6.0 PKG_DESTDIR_SUPPORT= user-destdir MAKE_JOBS_SAFE= no -BIND_VERSION= 9.5.2-P1 +BIND_VERSION= 9.5.2-P2 # IPv6 ready, automatically detected .include "../../mk/bsd.prefs.mk" diff --git a/net/bind95/distinfo b/net/bind95/distinfo index 3f61f7857b8..866b2418704 100644 --- a/net/bind95/distinfo +++ b/net/bind95/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.11 2009/11/30 11:58:30 tron Exp $ +$NetBSD: distinfo,v 1.12 2010/01/21 19:42:16 spz Exp $ -SHA1 (bind-9.5.2-P1.tar.gz) = 532d448554601cec13a645df812638d46fd41743 -RMD160 (bind-9.5.2-P1.tar.gz) = 2e2872a06fc1d97e4bcecaea3fb4f009f83cdb2b -Size (bind-9.5.2-P1.tar.gz) = 6799718 bytes +SHA1 (bind-9.5.2-P2.tar.gz) = ffa6df6752976e6bdd05508c5cc5131ef9a097f1 +RMD160 (bind-9.5.2-P2.tar.gz) = a0864dadb1af7268a0c54fed3bc178bd17abb55c +Size (bind-9.5.2-P2.tar.gz) = 6674868 bytes SHA1 (patch-ab) = dd12c457791a75a8b43d9dfd0c0b236dcdbe31a5 SHA1 (patch-ac) = a2c24198044f8cf29198e08a1a10b7e4ea739c40 SHA1 (patch-ad) = 5c8af5a826e4f6891dfdf949b8a541ee33e16c3e |