From owner-svn-ports-all@freebsd.org  Wed Nov  2 06:38:50 2016
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id CBB9BC2B3D4;
 Wed,  2 Nov 2016 06:38:50 +0000 (UTC)
 (envelope-from delphij@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 880891C82;
 Wed,  2 Nov 2016 06:38:50 +0000 (UTC)
 (envelope-from delphij@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id uA26cnCF058855;
 Wed, 2 Nov 2016 06:38:49 GMT (envelope-from delphij@FreeBSD.org)
Received: (from delphij@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id uA26cmSO058846;
 Wed, 2 Nov 2016 06:38:48 GMT (envelope-from delphij@FreeBSD.org)
Message-Id: <201611020638.uA26cmSO058846@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: delphij set sender to
 delphij@FreeBSD.org using -f
From: Xin LI <delphij@FreeBSD.org>
Date: Wed, 2 Nov 2016 06:38:48 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r425115 - in head/dns: bind910 bind910/files bind911
 bind911/files bind99 bind99/files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2016 06:38:51 -0000

Author: delphij
Date: Wed Nov  2 06:38:48 2016
New Revision: 425115
URL: https://svnweb.freebsd.org/changeset/ports/425115

Log:
  Security update:
  
  dns/bind99:  9.9.9-P3  -> 9.9.9-P4
  dns/bind910: 9.10.4-P3 -> 9.10.4-P4
  dns/bind911: 9.11.0    -> 9.11.0-P1
  
  Security:	CVE-2016-8864
  Submitted by:	mat
  MFH:		2016Q4

Modified:
  head/dns/bind910/Makefile
  head/dns/bind910/distinfo
  head/dns/bind910/files/extrapatch-bind-min-override-ttl
  head/dns/bind911/Makefile
  head/dns/bind911/distinfo
  head/dns/bind911/files/extrapatch-bind-min-override-ttl
  head/dns/bind99/Makefile
  head/dns/bind99/distinfo
  head/dns/bind99/files/extrapatch-bind-min-override-ttl

Modified: head/dns/bind910/Makefile
==============================================================================
--- head/dns/bind910/Makefile	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind910/Makefile	Wed Nov  2 06:38:48 2016	(r425115)
@@ -29,7 +29,7 @@ COMMENT=	BIND DNS suite with updated DNS
 LICENSE=	ISCL
 
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.10.4-P3
+ISCVERSION=	9.10.4-P4
 
 USES=	cpe libedit
 

Modified: head/dns/bind910/distinfo
==============================================================================
--- head/dns/bind910/distinfo	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind910/distinfo	Wed Nov  2 06:38:48 2016	(r425115)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1474631813
-SHA256 (bind-9.10.4-P3.tar.gz) = a075e5ce89fddccb0e64d1777d59161387dd5151cf4e7d1a93875a487812baef
-SIZE (bind-9.10.4-P3.tar.gz) = 9299078
+TIMESTAMP = 1477663379
+SHA256 (bind-9.10.4-P4.tar.gz) = a41ce7518e1d0faa40312cc89f4ca42246906b2718099d992e87a5d3ce9a9d86
+SIZE (bind-9.10.4-P4.tar.gz) = 9299638

Modified: head/dns/bind910/files/extrapatch-bind-min-override-ttl
==============================================================================
--- head/dns/bind910/files/extrapatch-bind-min-override-ttl	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind910/files/extrapatch-bind-min-override-ttl	Wed Nov  2 06:38:48 2016	(r425115)
@@ -1,4 +1,4 @@
---- bin/named/config.c.orig	2016-04-20 20:11:20 UTC
+--- bin/named/config.c.orig	2016-10-21 05:10:54 UTC
 +++ bin/named/config.c
 @@ -151,6 +151,8 @@ options {\n\
  	min-roots 2;\n\
@@ -9,7 +9,7 @@
  	max-cache-ttl 604800; /* 1 week */\n\
  	transfer-format many-answers;\n\
  	max-cache-size 0;\n\
---- bin/named/server.c.orig	2016-04-20 20:11:20 UTC
+--- bin/named/server.c.orig	2016-10-21 05:10:54 UTC
 +++ bin/named/server.c
 @@ -2802,6 +2802,16 @@ configure_view(dns_view_t *view, dns_vie
  	}
@@ -28,7 +28,7 @@
  	result = ns_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2016-04-20 20:11:20 UTC
+--- lib/dns/include/dns/view.h.orig	2016-10-21 05:10:54 UTC
 +++ lib/dns/include/dns/view.h
 @@ -150,6 +150,8 @@ struct dns_view {
  	isc_boolean_t			requestnsid;
@@ -39,9 +39,9 @@
  	dns_ttl_t			maxncachettl;
  	dns_ttl_t			prefetch_trigger;
  	dns_ttl_t			prefetch_eligible;
---- lib/dns/resolver.c.orig	2016-04-20 20:11:20 UTC
+--- lib/dns/resolver.c.orig	2016-10-21 05:10:54 UTC
 +++ lib/dns/resolver.c
-@@ -5371,6 +5371,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5373,6 +5373,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
  		}
  
  		/*
@@ -60,7 +60,7 @@
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl)
---- lib/isccfg/namedconf.c.orig	2016-04-20 20:11:20 UTC
+--- lib/isccfg/namedconf.c.orig	2016-10-21 05:10:54 UTC
 +++ lib/isccfg/namedconf.c
 @@ -1572,6 +1572,8 @@ view_clauses[] = {
  #endif

Modified: head/dns/bind911/Makefile
==============================================================================
--- head/dns/bind911/Makefile	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind911/Makefile	Wed Nov  2 06:38:48 2016	(r425115)
@@ -29,7 +29,7 @@ COMMENT=	BIND DNS suite with updated DNS
 LICENSE=	MPL
 
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.11.0
+ISCVERSION=	9.11.0-P1
 
 USES=	cpe libedit
 

Modified: head/dns/bind911/distinfo
==============================================================================
--- head/dns/bind911/distinfo	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind911/distinfo	Wed Nov  2 06:38:48 2016	(r425115)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1475620351
-SHA256 (bind-9.11.0.tar.gz) = 6f0b403036e0281b272a0fbdd0dc3417f3050b625cb059c5409432611418058b
-SIZE (bind-9.11.0.tar.gz) = 9789272
+TIMESTAMP = 1477663452
+SHA256 (bind-9.11.0-P1.tar.gz) = 094cd3134ba1b44f0910de1334f05a7dca68d583da038de40a8ad7a0cb1592c6
+SIZE (bind-9.11.0-P1.tar.gz) = 9673074

Modified: head/dns/bind911/files/extrapatch-bind-min-override-ttl
==============================================================================
--- head/dns/bind911/files/extrapatch-bind-min-override-ttl	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind911/files/extrapatch-bind-min-override-ttl	Wed Nov  2 06:38:48 2016	(r425115)
@@ -1,4 +1,4 @@
---- bin/named/config.c.orig	2016-08-30 11:01:49 UTC
+--- bin/named/config.c.orig	2016-10-21 05:13:38 UTC
 +++ bin/named/config.c
 @@ -154,6 +154,8 @@ options {\n\
  	lame-ttl 600;\n\
@@ -9,9 +9,9 @@
  	max-cache-ttl 604800; /* 1 week */\n\
  	transfer-format many-answers;\n\
  	max-cache-size 90%;\n\
---- bin/named/server.c.orig	2016-08-30 11:01:49 UTC
+--- bin/named/server.c.orig	2016-10-21 05:13:38 UTC
 +++ bin/named/server.c
-@@ -3637,6 +3637,16 @@ configure_view(dns_view_t *view, dns_vie
+@@ -3638,6 +3638,16 @@ configure_view(dns_view_t *view, dns_vie
  	}
  
  	obj = NULL;
@@ -28,7 +28,7 @@
  	result = ns_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2016-08-30 11:01:49 UTC
+--- lib/dns/include/dns/view.h.orig	2016-10-21 05:13:38 UTC
 +++ lib/dns/include/dns/view.h
 @@ -146,6 +146,8 @@ struct dns_view {
  	isc_boolean_t			requestnsid;
@@ -39,9 +39,9 @@
  	dns_ttl_t			maxncachettl;
  	isc_uint32_t			nta_lifetime;
  	isc_uint32_t			nta_recheck;
---- lib/dns/resolver.c.orig	2016-08-30 11:01:49 UTC
+--- lib/dns/resolver.c.orig	2016-10-21 05:13:38 UTC
 +++ lib/dns/resolver.c
-@@ -5431,6 +5431,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5433,6 +5433,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
  		}
  
  		/*
@@ -60,7 +60,7 @@
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl)
---- lib/isccfg/namedconf.c.orig	2016-08-30 11:01:49 UTC
+--- lib/isccfg/namedconf.c.orig	2016-10-21 05:13:38 UTC
 +++ lib/isccfg/namedconf.c
 @@ -1735,6 +1735,8 @@ view_clauses[] = {
  	{ "nosit-udp-size", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE },

Modified: head/dns/bind99/Makefile
==============================================================================
--- head/dns/bind99/Makefile	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind99/Makefile	Wed Nov  2 06:38:48 2016	(r425115)
@@ -15,7 +15,7 @@ COMMENT=	BIND DNS suite with updated DNS
 LICENSE=	ISCL
 
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.9.9-P3
+ISCVERSION=	9.9.9-P4
 
 USES=	cpe libedit
 

Modified: head/dns/bind99/distinfo
==============================================================================
--- head/dns/bind99/distinfo	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind99/distinfo	Wed Nov  2 06:38:48 2016	(r425115)
@@ -1,5 +1,5 @@
-TIMESTAMP = 1474632756
-SHA256 (bind-9.9.9-P3.tar.gz) = d63befc221e305bc5cadf9018535e533ebb5a99dd8df69acf42191ecb58991e2
-SIZE (bind-9.9.9-P3.tar.gz) = 8764358
-SHA256 (9.9.9-P3-rpz2+rl.14038.05.patch.xz) = fffc64517aeabd0a9d51243e98b2fad725f98641cfa19e469c0a7b46e6bbc3c0
-SIZE (9.9.9-P3-rpz2+rl.14038.05.patch.xz) = 39308
+TIMESTAMP = 1477663203
+SHA256 (bind-9.9.9-P4.tar.gz) = fdd5120aea9bf5147c350fb2460bfe79c3f1bcc36baa863aee4e1a9de910f1e2
+SIZE (bind-9.9.9-P4.tar.gz) = 8764378
+SHA256 (9.9.9-P4-rpz2+rl.14038.05.patch.xz) = 6cc256dfc7895c9e3eac72465b43deaaba0a01e9f97c492eefc4fe4d80fac4aa
+SIZE (9.9.9-P4-rpz2+rl.14038.05.patch.xz) = 39308

Modified: head/dns/bind99/files/extrapatch-bind-min-override-ttl
==============================================================================
--- head/dns/bind99/files/extrapatch-bind-min-override-ttl	Wed Nov  2 06:25:39 2016	(r425114)
+++ head/dns/bind99/files/extrapatch-bind-min-override-ttl	Wed Nov  2 06:38:48 2016	(r425115)
@@ -1,4 +1,4 @@
---- bin/named/config.c.orig	2016-04-20 20:11:30 UTC
+--- bin/named/config.c.orig	2016-10-21 05:12:02 UTC
 +++ bin/named/config.c
 @@ -141,6 +141,8 @@ options {\n\
  	min-roots 2;\n\
@@ -9,7 +9,7 @@
  	max-cache-ttl 604800; /* 1 week */\n\
  	transfer-format many-answers;\n\
  	max-cache-size 0;\n\
---- bin/named/server.c.orig	2016-04-20 20:11:30 UTC
+--- bin/named/server.c.orig	2016-10-21 05:12:02 UTC
 +++ bin/named/server.c
 @@ -2559,6 +2559,16 @@ configure_view(dns_view_t *view, cfg_obj
  	}
@@ -28,7 +28,7 @@
  	result = ns_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2016-04-20 20:11:30 UTC
+--- lib/dns/include/dns/view.h.orig	2016-10-21 05:12:02 UTC
 +++ lib/dns/include/dns/view.h
 @@ -148,6 +148,8 @@ struct dns_view {
  	isc_boolean_t			provideixfr;
@@ -39,9 +39,9 @@
  	dns_ttl_t			maxncachettl;
  	in_port_t			dstport;
  	dns_aclenv_t			aclenv;
---- lib/dns/resolver.c.orig	2016-04-20 20:11:30 UTC
+--- lib/dns/resolver.c.orig	2016-10-21 05:12:02 UTC
 +++ lib/dns/resolver.c
-@@ -5114,6 +5114,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5116,6 +5116,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
  		}
  
  		/*
@@ -60,7 +60,7 @@
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl)
---- lib/isccfg/namedconf.c.orig	2016-04-20 20:11:30 UTC
+--- lib/isccfg/namedconf.c.orig	2016-10-21 05:12:02 UTC
 +++ lib/isccfg/namedconf.c
 @@ -1459,6 +1459,8 @@ view_clauses[] = {
  	{ "lame-ttl", &cfg_type_uint32, 0 },