From owner-cvs-ports@FreeBSD.ORG  Fri Jan 28 20:47:45 2005
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
Delivered-To: cvs-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3413D16A4CE; Fri, 28 Jan 2005 20:47:45 +0000 (GMT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 2044543D2F; Fri, 28 Jan 2005 20:47:45 +0000 (GMT)
	(envelope-from dougb@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j0SKlju2056579;
	Fri, 28 Jan 2005 20:47:45 GMT
	(envelope-from dougb@repoman.freebsd.org)
Received: (from dougb@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j0SKljjP056578;
	Fri, 28 Jan 2005 20:47:45 GMT
	(envelope-from dougb)
Message-Id: <200501282047.j0SKljjP056578@repoman.freebsd.org>
From: Doug Barton <dougb@FreeBSD.org>
Date: Fri, 28 Jan 2005 20:47:44 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org,
	cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: ports/dns/bind9 Makefile distinfo
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Jan 2005 20:47:45 -0000

dougb       2005-01-28 20:47:44 UTC

  FreeBSD ports repository

  Modified files:
    dns/bind9            Makefile distinfo 
  Log:
  Include a patch from ISC to deal with the following vulnerability:
  
  Name:                   BIND: Self Check Failing [Added 2005.25.01]
  Versions affected:      BIND 9.3.0
  Severity:               LOW
  Exploitable:            Remotely
  Type:                   Denial of Service
  Description:
  An incorrect assumption in the validator (authvalidated) can result in a
  REQUIRE (internal consistancy) test failing and named exiting.
  
  Workarounds:
  Turn off dnssec validation (off by default) at the options/view level.
  
          dnssec-enable no;
  
  Active Exploits:        None known
  
  Bump PORTREVISION accordingly.
  
  It should be noted that the vast majority of users would not have
  DNSSEC enabled, and therefore are not vulnerable to this bug.
  
  Revision  Changes    Path
  1.61      +9 -1      ports/dns/bind9/Makefile
  1.34      +4 -0      ports/dns/bind9/distinfo