From owner-cvs-all@FreeBSD.ORG  Mon Jan 25 00:25:09 2010
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 025B51065670;
	Mon, 25 Jan 2010 00:25:09 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id E5A9F8FC15;
	Mon, 25 Jan 2010 00:25:08 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o0P0P8jU036179;
	Mon, 25 Jan 2010 00:25:08 GMT
	(envelope-from dougb@repoman.freebsd.org)
Received: (from dougb@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o0P0P8m8036178;
	Mon, 25 Jan 2010 00:25:08 GMT (envelope-from dougb)
Message-Id: <201001250025.o0P0P8m8036178@repoman.freebsd.org>
From: Doug Barton <dougb@FreeBSD.org>
Date: Mon, 25 Jan 2010 00:25:08 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/dns/bind94 Makefile distinfo ports/dns/bind95
 Makefile distinfo ports/dns/bind96 Makefile distinfo
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the entire tree
	<cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2010 00:25:09 -0000

dougb       2010-01-25 00:25:08 UTC

  FreeBSD ports repository

  Modified files:
    dns/bind94           Makefile distinfo 
    dns/bind95           Makefile distinfo 
    dns/bind96           Makefile distinfo 
  Log:
  Upgrade to BIND 9.4.3-P5, 9.5.2-P2, and 9.6.1-P3. These versions address
  the following vulnerabilities:
  
  BIND 9 Cache Update from Additional Section
  https://www.isc.org/advisories/CVE-2009-4022v6
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
  A nameserver with DNSSEC validation enabled may incorrectly add
  unauthenticated records to its cache that are received during the
  resolution of a recursive client query
  
  BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
  https://www.isc.org/advisories/CVE-2010-0097
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
  There was an error in the DNSSEC NSEC/NSEC3 validation code that could
  cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records
  proven by NSEC or NSEC3 to exist) to be cached as if they had validated
  correctly
  
  These issues only affect systems with DNSSEC validation enabled.
  
  Revision  Changes    Path
  1.103     +2 -2      ports/dns/bind94/Makefile
  1.58      +6 -9      ports/dns/bind94/distinfo
  1.107     +2 -2      ports/dns/bind95/Makefile
  1.59      +6 -6      ports/dns/bind95/distinfo
  1.107     +2 -2      ports/dns/bind96/Makefile
  1.60      +6 -6      ports/dns/bind96/distinfo