![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / net / bind914
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.26, Tue Sep 1 14:14:53 2020 UTC (3 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: HEAD
Changes since 1.25: +1 -1
lines
FILE REMOVED
net/bind914: remove package Remove bind914 package since it is EOL, May, 2020.
Revision 1.25 / (download) - annotate - [select for diffs], Mon Aug 31 18:10:31 2020 UTC (3 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.24: +2 -2
lines
Diff to previous 1.24 (colored)
*: bump PKGREVISION for perl-5.32.
Revision 1.24 / (download) - annotate - [select for diffs], Tue Jun 2 08:24:29 2020 UTC (3 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base,
pkgsrc-2020Q2
Changes since 1.23: +2 -1
lines
Diff to previous 1.23 (colored)
Revbump for icu
Revision 1.23 / (download) - annotate - [select for diffs], Sat May 30 14:21:31 2020 UTC (3 years, 4 months ago) by taca
Branch: MAIN
Changes since 1.22: +2 -1
lines
Diff to previous 1.22 (colored)
net/bind914: fix build problem if PKG_DEVELOPER is enabled There was build problem after pkg-config was aded to USE_TOOLS if PKG_DEVELOPER is enabled, causing WRKDIR reference. Fix method is dirty (or quick) hack.
Revision 1.22 / (download) - annotate - [select for diffs], Thu May 21 12:45:47 2020 UTC (3 years, 4 months ago) by jperkin
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored)
bind*: Require pkg-config.
Revision 1.20.2.1 / (download) - annotate - [select for diffs], Wed May 20 19:42:25 2020 UTC (3 years, 4 months ago) by bsiegert
Branch: pkgsrc-2020Q1
Changes since 1.20: +2 -2
lines
Diff to previous 1.20 (colored) next main 1.21 (colored)
Pullup ticket #6209 - requested by taca net/bind914: security fix Revisions pulled up: - net/bind914/Makefile 1.21 - net/bind914/distinfo 1.15 --- Module Name: pkgsrc Committed By: taca Date: Tue May 19 10:23:04 UTC 2020 Modified Files: pkgsrc/net/bind914: Makefile distinfo Log Message: net/bind914: update to 9.14.12 Update bind914 to 9.14.12 (BIND 9.14.12). Note from release announce: BIND 9.14.12 is the final planned release in the now End-of-Life (EOL) 9.14 branch. --- 9.14.12 released --- 5395. [security] Further limit the number of queries that can be triggered from a request. Root and TLD servers are no longer exempt from max-recursion-queries. Fetches for missing name server address records are limited to 4 for any domain. (CVE-2020-8616) [GL #1388] 5390. [security] Replaying a TSIG BADTIME response as a request could trigger an assertion failure. (CVE-2020-8617) [GL #1703] 5376. [bug] Fix ineffective DNS rebinding protection when BIND is configured as a forwarding DNS server. Thanks to Tobias Klein. [GL #1574] 5358. [bug] Inline master zones whose master files were touched but otherwise unchanged and were subsequently reloaded may have stopped re-signing. [GL !3135] 5357. [bug] Newly added RRSIG records with expiry times before the previous earliest expiry times might not be re-signed in time. This was a side effect of 5315. [GL !3137]
Revision 1.21 / (download) - annotate - [select for diffs], Tue May 19 10:23:03 2020 UTC (3 years, 4 months ago) by taca
Branch: MAIN
Changes since 1.20: +2 -2
lines
Diff to previous 1.20 (colored)
net/bind914: update to 9.14.12 Update bind914 to 9.14.12 (BIND 9.14.12). Note from release announce: BIND 9.14.12 is the final planned release in the now End-of-Life (EOL) 9.14 branch. --- 9.14.12 released --- 5395. [security] Further limit the number of queries that can be triggered from a request. Root and TLD servers are no longer exempt from max-recursion-queries. Fetches for missing name server address records are limited to 4 for any domain. (CVE-2020-8616) [GL #1388] 5390. [security] Replaying a TSIG BADTIME response as a request could trigger an assertion failure. (CVE-2020-8617) [GL #1703] 5376. [bug] Fix ineffective DNS rebinding protection when BIND is configured as a forwarding DNS server. Thanks to Tobias Klein. [GL #1574] 5358. [bug] Inline master zones whose master files were touched but otherwise unchanged and were subsequently reloaded may have stopped re-signing. [GL !3135] 5357. [bug] Newly added RRSIG records with expiry times before the previous earliest expiry times might not be re-signed in time. This was a side effect of 5315. [GL !3137]
Revision 1.20 / (download) - annotate - [select for diffs], Thu Mar 26 13:54:35 2020 UTC (3 years, 6 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base
Branch point for: pkgsrc-2020Q1
Changes since 1.19: +5 -1
lines
Diff to previous 1.19 (colored)
bind914: Disable Linux capabilities if there's no sys/capability.h
Revision 1.19 / (download) - annotate - [select for diffs], Thu Feb 20 16:37:06 2020 UTC (3 years, 7 months ago) by taca
Branch: MAIN
Changes since 1.18: +2 -2
lines
Diff to previous 1.18 (colored)
net/bind914: update to 9.14.11 Update bind914 to 9.14.11 (BIND 9.14.11). --- 9.14.11 released --- 5353. [doc] Document port and dscp parameters in forwarders configuration option. [GL #914] 5352. [bug] Correctly handle catalog zone entries containing characters that aren't legal in filenames. [GL #1592] 5351. [bug] CDS / CDNSKEY consistency checks failed to handle removal records. [GL #1554] 5350. [bug] When a view was configured with class CHAOS, the server could crash while processing a query for a non-existent record. [GL #1540] 5348. [bug] dnssec-settime -Psync was not being honoured. [GL !2925]
Revision 1.18 / (download) - annotate - [select for diffs], Thu Jan 23 08:00:55 2020 UTC (3 years, 8 months ago) by taca
Branch: MAIN
Changes since 1.17: +3 -4
lines
Diff to previous 1.17 (colored)
net/bind914: update to 9.14.10 Update bind914 to 9.14.10 (BIND 9.14.10). pkgsrc change: update HOMEPAGE to use https URL. --- 9.14.10 released --- 5339. [bug] With some libmaxminddb versions, named could erroneously match an IP address not belonging to any subnet defined in a given GeoIP2 database to one of the existing entries in that database. [GL #1552] 5338. [bug] Fix line spacing in `rndc secroots`. Thanks to Tony Finch. [GL !2478] 5337. [func] 'named -V' now reports maxminddb and protobuf-c versions. [GL !2686]
Revision 1.17 / (download) - annotate - [select for diffs], Sat Jan 18 21:50:10 2020 UTC (3 years, 8 months ago) by jperkin
Branch: MAIN
Changes since 1.16: +2 -1
lines
Diff to previous 1.16 (colored)
*: Recursive revision bump for openssl 1.1.1.
Revision 1.16 / (download) - annotate - [select for diffs], Wed Jan 8 10:18:53 2020 UTC (3 years, 8 months ago) by jperkin
Branch: MAIN
Changes since 1.15: +2 -1
lines
Diff to previous 1.15 (colored)
bind914: Explicitly disable epoll on SunOS.
Revision 1.15 / (download) - annotate - [select for diffs], Sat Jan 4 10:10:02 2020 UTC (3 years, 9 months ago) by taca
Branch: MAIN
Changes since 1.14: +2 -2
lines
Diff to previous 1.14 (colored)
net/bind914: update to 9.14.9
Update bind914 to 9.14.9 (BIND 9.14.9).
--- 9.14.9 released ---
5330. [bug] 'configure --without-python' was ineffective if
PYTHON was set in the environment. [GL #1434]
5329. [bug] Reconfiguring named caused memory to be leaked when any
GeoIP2 database was in use. [GL #1445]
5328. [bug] rbtdb.c:rdataset_{get,set}ownercase failed to obtain
a node lock. [GL #1417]
5327. [func] Added a statistics counter to track queries
dropped because the recursive-clients quota was
exceeded. [GL #1399]
5326. [bug] Add python dependancy on 'distutils.core' to configure.
'distutils.core' is required for installation.
[GL #1397]
5321. [bug] Obtain write lock before updating version->records
and version->bytes. [GL #1341]
Revision 1.14 / (download) - annotate - [select for diffs], Thu Nov 21 05:37:06 2019 UTC (3 years, 10 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.13: +2 -2
lines
Diff to previous 1.13 (colored)
net/bind914: update to 9.14.8
Update bind914 to 9.14.8. It includes fix for CVS-2019-6477.
--- 9.14.8 released ---
5315. [bug] Apply the inital RRSIG expiration spread fixed
to all dynamically created records in the zone
including NSEC3. Also fix the signature clusters
when the server has been offline for prolonged
period of times. [GL #1256]
5314. [func] Added a new statistics variable "tcp-highwater"
that reports the maximum number of simultaneous TCP
clients BIND has handled while running. [GL #1206]
5313. [bug] The default GeoIP2 database location did not match
the ARM. 'named -V' now reports the default
location. [GL #1301]
5310. [bug] TCP failures were affecting EDNS statistics. [GL #1059]
5308. [bug] Don't log DNS_R_UNCHANGED from sync_secure_journal()
at ERROR level in receive_secure_serial(). [GL #1288]
5307. [bug] Fix hang when named-compilezone output is sent to pipe.
Thanks to Tony Finch. [GL !2481]
5306. [security] Set a limit on the number of concurrently served
pipelined TCP queries. (CVE-2019-6477) [GL #1264]
5305. [bug] NSEC Aggressive Cache ("synth-from-dnssec") has been
disabled by default because it was found to have
a significant performance impact on the recursive
service. [GL #1265]
5304. [bug] "dnskey-sig-validity 0;" was not being accepted.
[GL #876]
5302. [bug] Fix checking that "dnstap-output" is defined when
"dnstap" is specified in a view. [GL #1281]
5301. [bug] Detect partial prefixes / incomplete IPv4 address in
acls. [GL #1143]
Revision 1.13 / (download) - annotate - [select for diffs], Sun Nov 3 11:45:30 2019 UTC (3 years, 11 months ago) by rillig
Branch: MAIN
Changes since 1.12: +7 -7
lines
Diff to previous 1.12 (colored)
net: align variable assignments pkglint -Wall -F --only aligned --only indent -r No manual corrections.
Revision 1.12 / (download) - annotate - [select for diffs], Thu Oct 24 12:50:36 2019 UTC (3 years, 11 months ago) by otis
Branch: MAIN
Changes since 1.11: +4 -1
lines
Diff to previous 1.11 (colored)
bind914: Fix build on SmartOS SmartOS requires _XOPEN_SOURCE for various macros and functions (CMSG_DATA() et al.)
Revision 1.10.2.1 / (download) - annotate - [select for diffs], Fri Oct 18 14:26:06 2019 UTC (3 years, 11 months ago) by bsiegert
Branch: pkgsrc-2019Q3
Changes since 1.10: +2 -2
lines
Diff to previous 1.10 (colored) next main 1.11 (colored)
Pullup ticket #6070 - requested by maya net/bind914: security fix Revisions pulled up: - net/bind914/Makefile 1.11 - net/bind914/distinfo 1.9 --- Module Name: pkgsrc Committed By: maya Date: Wed Oct 16 20:51:59 UTC 2019 Modified Files: pkgsrc/net/bind914: Makefile distinfo Log Message: bind914: update to 9.14.7. security fix. --- 9.14.7 released --- 5299. [security] A flaw in DNSSEC verification when transferring mirror zones could allow data to be incorrectly marked valid. (CVE-2019-6475) [GL #1252] 5298. [security] Named could assert if a forwarder returned a referral, rather than resolving the query, when QNAME minimization was enabled. (CVE-2019-6476) [GL #1051] 5297. [bug] Check whether a previous QNAME minimization fetch is still running before starting a new one; return SERVFAIL and log an error if so. [GL #1191] 5294. [func] Fallback to ACE name on output in locale, which does not support converting it to unicode. [GL #846] 5293. [bug] On Windows, named crashed upon any attempt to fetch XML statistics from it. [GL #1245] 5292. [bug] Queue 'rndc nsec3param' requests while signing inline zone changes. [GL #1205] --- 9.14.6 released --- 5289. [bug] Address NULL pointer dereference in rpz.c:rpz_detach. [GL #1210] 5286. [contrib] Address potential NULL pointer dereferences in dlz_mysqldyn_mod.c. [GL #1207] 5285. [port] win32: implement "-T maxudpXXX". [GL #837] 5283. [bug] When a response-policy zone expires, ensure that its policies are removed from the RPZ summary database. [GL #1146] 5282. [bug] Fixed a bug in searching for possible wildcard matches for query names in the RPZ summary database. [GL #1146] 5281. [cleanup] Don't escape commas when reporting named's command line. [GL #1189] 5280. [protocol] Add support for displaying EDNS option LLQ. [GL #1201] 5279. [bug] When loading, reject zones containing CDS or CDNSKEY RRsets at the zone apex if they would cause DNSSEC validation failures if published in the parent zone as the DS RRset. [GL #1187]
Revision 1.11 / (download) - annotate - [select for diffs], Wed Oct 16 20:51:59 2019 UTC (3 years, 11 months ago) by maya
Branch: MAIN
Changes since 1.10: +2 -2
lines
Diff to previous 1.10 (colored)
bind914: update to 9.14.7. security fix. --- 9.14.7 released --- 5299. [security] A flaw in DNSSEC verification when transferring mirror zones could allow data to be incorrectly marked valid. (CVE-2019-6475) [GL #1252] 5298. [security] Named could assert if a forwarder returned a referral, rather than resolving the query, when QNAME minimization was enabled. (CVE-2019-6476) [GL #1051] 5297. [bug] Check whether a previous QNAME minimization fetch is still running before starting a new one; return SERVFAIL and log an error if so. [GL #1191] 5294. [func] Fallback to ACE name on output in locale, which does not support converting it to unicode. [GL #846] 5293. [bug] On Windows, named crashed upon any attempt to fetch XML statistics from it. [GL #1245] 5292. [bug] Queue 'rndc nsec3param' requests while signing inline zone changes. [GL #1205] --- 9.14.6 released --- 5289. [bug] Address NULL pointer dereference in rpz.c:rpz_detach. [GL #1210] 5286. [contrib] Address potential NULL pointer dereferences in dlz_mysqldyn_mod.c. [GL #1207] 5285. [port] win32: implement "-T maxudpXXX". [GL #837] 5283. [bug] When a response-policy zone expires, ensure that its policies are removed from the RPZ summary database. [GL #1146] 5282. [bug] Fixed a bug in searching for possible wildcard matches for query names in the RPZ summary database. [GL #1146] 5281. [cleanup] Don't escape commas when reporting named's command line. [GL #1189] 5280. [protocol] Add support for displaying EDNS option LLQ. [GL #1201] 5279. [bug] When loading, reject zones containing CDS or CDNSKEY RRsets at the zone apex if they would cause DNSSEC validation failures if published in the parent zone as the DS RRset. [GL #1187]
Revision 1.10 / (download) - annotate - [select for diffs], Wed Sep 18 15:19:31 2019 UTC (4 years ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base
Branch point for: pkgsrc-2019Q3
Changes since 1.9: +2 -3
lines
Diff to previous 1.9 (colored)
net/bind914: update to 9.14.5 Update bind914 to 9.14.5 (BIND 9.14.5). --- 9.14.5 released --- 5277. [bug] Cache DB statistics could underflow when serve-stale was in use, because of a bug in counter maintenance when RRsets become stale. Functions for dumping statistics have been updated to dump active, stale, and ancient statistic counters. Ancient RRset counters are prefixed with '~'; stale RRset counters are still prefixed with '#'. [GL #602] 5275. [bug] Mark DS records included in referral messages with trust level "pending" so that they can be validated and cached immediately, with no need to re-query. [GL #964] 5274. [bug] Address potential use after free race when shutting down rpz. [GL #1175] 5273. [bug] Check that bits [64..71] of a dns64 prefix are zero. [GL #1159] 5269. [port] cygwin: can return ETIMEDOUT on connect() with a non-blocking socket. [GL #1133] 5268. [bug] named could crash during configuration if configured to use "geoip continent" ACLs with legacy GeoIP. [GL #1163] 5266. [bug] named-checkconf failed to report dnstap-output missing from named.conf when dnstap was specified. [GL #1136] 5265. [bug] DNS64 and RPZ nodata (CNAME *.) rules interacted badly [GL #1106] 5264. [func] New DNS Cookie algorithm - siphash24 - has been added to BIND 9. [GL #605] 5236. [func] Add SipHash 2-4 implementation in lib/isc/siphash.c and switch isc_hash_function() to use SipHash 2-4. [GL #605]
Revision 1.9 / (download) - annotate - [select for diffs], Sun Aug 11 13:22:07 2019 UTC (4 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.8: +2 -1
lines
Diff to previous 1.8 (colored)
Bump PKGREVISIONs for perl 5.30.0
Revision 1.8 / (download) - annotate - [select for diffs], Thu Jul 18 03:02:02 2019 UTC (4 years, 2 months ago) by taca
Branch: MAIN
Changes since 1.7: +2 -3
lines
Diff to previous 1.7 (colored)
net/bind914: update to 9.14.4 Update bind914 to 9.14.4. --- 9.14.4 released --- 5260. [bug] dnstap-read was producing malformed output for large packets. [GL #1093] 5258. [func] Added support for the GeoIP2 API from MaxMind, when BIND is compiled using "configure --with-geoip2". The legacy GeoIP API can be enabled by using "configure --with-geoip" instead. These options cannot be used together. Certain geoip ACL settings that were available with legacy GeoIP are not available when using GeoIP2. See the ARM for details. [GL #182] 5257. [bug] Some statistics data was not being displayed. Add shading to the zone tables. [GL #1030] 5256. [bug] Ensure that glue records are included in root priming responses if "minimal-responses" is not set to "yes". [GL #1092] 5255. [bug] Errors encountered while reloading inline-signing zones could be ignored, causing the zone content to be left in an incompletely updated state rather than reverted. [GL #1109] 5254. [func] Collect metrics to report to the statistics-channel DNSSEC signing operations (dnssec-sign) and refresh operations (dnssec-refresh) per zone and per keytag. [GL #513] 5253. [port] Support platforms that don't define ULLONG_MAX. [GL #1098] 5251. [bug] Statistics were broken in x86 Windows builds. [GL #1081] 5249. [bug] Fix a possible underflow in recursion clients statistics when hitting recursive clients soft quota. [GL #1067]
Revision 1.7 / (download) - annotate - [select for diffs], Fri Jun 28 17:01:30 2019 UTC (4 years, 3 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q2
Changes since 1.6: +2 -1
lines
Diff to previous 1.6 (colored)
bind*: Remove privileges from SMF method script. This inadvertently opened up the named process to more privileges than necessary and could be considered a security risk. This may affect chroot support, adding back in support for that will need to be done carefully. Bump PKGREVISIONs.
Revision 1.6 / (download) - annotate - [select for diffs], Thu Jun 20 02:16:53 2019 UTC (4 years, 3 months ago) by taca
Branch: MAIN
Changes since 1.5: +2 -3
lines
Diff to previous 1.5 (colored)
net/bind914: update to 9.14.3 Update bind914 to 9.14.3 (BIND 9.14.3). --- 9.14.3 released --- 5244. [security] Fixed a race condition in dns_dispatch_getnext() that could cause an assertion failure if a significant number of incoming packets were rejected. (CVE-2019-6471) [GL #942] 5243. [bug] Fix a possible race between dispatcher and socket code in a high-load cold-cache resolver scenario. [GL #943] 5242. [bug] In relaxed qname minimizatiom mode, fall back to normal resolution when encountering a lame delegation, and use _.domain/A queries rather than domain/NS. [GL #1055] 5241. [bug] Fix Ed448 private and public key ASN.1 prefix blobs. [GL #225] 5240. [bug] Remove key id calculation for RSAMD5. [GL #996] 5238. [bug] Fix a possible deadlock in TCP code. [GL #1046] 5237. [bug] Recurse to find the root server list with 'dig +trace'. [GL #1028] 5234. [port] arm: just use the compiler's default support for yield. [GL #981]
Revision 1.5 / (download) - annotate - [select for diffs], Fri Jun 14 16:14:05 2019 UTC (4 years, 3 months ago) by taca
Branch: MAIN
Changes since 1.4: +2 -1
lines
Diff to previous 1.4 (colored)
net/bind914: fix runtime problem Fix runtime problem by removing extra (fdwatch) from NetBSD current. Bump PKGREVISION.
Revision 1.4 / (download) - annotate - [select for diffs], Mon May 20 16:31:08 2019 UTC (4 years, 4 months ago) by taca
Branch: MAIN
Changes since 1.3: +2 -4
lines
Diff to previous 1.3 (colored)
net/bind914: update to 9.14.2 pkgsrc change: remove "USE_CWRAPPERS=no". --- 9.14.2 released --- 5233. [bug] Negative trust anchors did not work with "forward only;" to validating resolvers. [GL #997] 5231. [protocol] Add support for displaying CLIENT-TAG and SERVER-TAG. [GL #960] 5229. [protocol] Enforce known SSHFP fingerprint lengths. [GL #852] 5228. [cleanup] If trusted-keys and managed-keys are configured simultaneously for the same name, the key cannot be rolled automatically. This configuration now logs a warning. [GL #868] 5224. [bug] Only test provide-ixfr on TCP streams. [GL #991] 5223. [bug] Fixed a race in the filter-aaaa plugin accessing the hash table. [GL #1005] 5222. [bug] 'delv -t ANY' could leak memory. [GL #983] 5221. [test] Enable parallel execution of system tests on Windows. [GL !4101] 5220. [cleanup] Refactor the isc_stat structure to take advantage of stdatomic. [GL !1493] 5219. [bug] Fixed a race in the filter-aaaa plugin that could trigger a crash when returning an instance object to the memory pool. [GL #982] 5218. [bug] Conditionally include <dlfcn.h>. [GL #995] 5217. [bug] Restore key id calculation for RSAMD5. [GL #996] 5216. [bug] Fetches-per-zone counter wasn't updated correctly when doing qname minimization. [GL #992] 5215. [bug] Change #5124 was incomplete; named could still return FORMERR instead of SERVFAIL in some cases. [GL #990] 5214. [bug] win32: named now removes its lock file upon shutdown. [GL #979] 5213. [bug] win32: Eliminated a race which allowed named.exe running as a service to be killed prematurely during shutdown. [GL #978] 5211. [bug] Allow out-of-zone additional data to be included in authoritative responses if recursion is allowed and "minimal-responses" is disabled. This behavior was inadvertently removed in change #4605. [GL #817] 5210. [bug] When dnstap is enabled and recursion is not available, incoming queries are now logged as "auth". Previously, this depended on whether recursion was requested by the client, not on whether recursion was available. [GL #963] 5209. [bug] When update-check-ksk is true, add_sigs was not considering offline keys, leaving record sets signed with the incorrect type key. [GL #763] 5208. [test] Run valid rdata wire encodings through totext+fromtext and tofmttext+fromtext methods to check these methods. [GL #899] 5207. [test] Check delv and dig TTL values. [GL #965] 5206. [bug] Delv could print out bad TTLs. [GL #965] 5205. [bug] Enforce that a DS hash exists. [GL #899] 5204. [test] Check that dns_rdata_fromtext() produces a record that will be accepted by dns_rdata_fromwire(). [GL #852] 5203. [bug] Enforce whether key rdata exists or not in KEY, DNSKEY, CDNSKEY and RKEY. [GL #899] 5202. [bug] <dns/ecs.h> was missing ISC_LANG_ENDDECLS. [GL #976] 5190. [bug] Ignore trust anchors using disabled algorithms. [GL #806]
Revision 1.3 / (download) - annotate - [select for diffs], Tue May 7 06:56:23 2019 UTC (4 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored)
bind914: Fix version in COMMENT
Revision 1.2 / (download) - annotate - [select for diffs], Thu May 2 13:29:53 2019 UTC (4 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.1: +2 -1
lines
Diff to previous 1.1 (colored)
net/bind914: fix an error when reloading configuration Fix an error when reloading configuration. There is on more check to "directory" in option statement is writable. Bump PKGREVISION.
Revision 1.1 / (download) - annotate - [select for diffs], Tue Apr 30 03:34:34 2019 UTC (4 years, 5 months ago) by taca
Branch: MAIN
net/bind914: add version 9.14.1
Add bind914 version 9.14.1 package (BIND 9.14.1).
pkgsrc chagnes:
* Add blacklist support from NetBSD base system.
* Note about required directories.
BIND, the Berkeley Internet Name Daemon. This package contains the BIND
9.14 release.
* A new "plugin" mechanism has been added to allow query functionality
to be extended using dynamically loadable libraries. The "filter-aaaa"
feature has been removed from named and is now implemented as a
plugin.
* QNAME minimization, as described in RFC 7816, is now supported.
* Socket and task code has been refactored to improve performance on
most modern machines.
* "Root key sentinel" support, enabling validating resolvers to indicate
via a special query which trust anchors are configured for the root
zone.
* Secondary zones can now be configured as "mirror" zones; their
contents are transferred in as with traditional slave zones, but are
subject to DNSSEC validation and are not treated as authoritative data
when answering. This makes it easier to configure a local copy of the
root zone as described in RFC 7706.
* The "validate-except" option allows configuration of domains below
which DNSSEC validation should not be performed.
* The default value of "dnssec-validation" is now "auto".
* IDNA2008 is now supported when linking with libidn2.
* "named -V" now outputs the default paths for files used by named and
other tools.