]> CyberLeo.Net >> Repos - FreeBSD/stable/8.git/commit
projects / FreeBSD / stable / 8.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cfd0167) | patch
MFC 202961:
authordougb <dougb@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Sun, 7 Feb 2010 20:28:24 +0000 (20:28 +0000)
committerdougb <dougb@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Sun, 7 Feb 2010 20:28:24 +0000 (20:28 +0000)
commit254e69d21c7837efa52d4e35aa044a650a629cb1
treefc27f345a6a3a8f79c7c47f79fb0750e698d8a73tree | snapshot
parentcfd0167c9ceeda4cc78ba408877df9bbac5bded4commit | diff
MFC 202961:

Upgrade to BIND 9.6.1-P3.

This version address the following vulnerabilities:

BIND 9 Cache Update from Additional Section
https://www.isc.org/advisories/CVE-2009-4022v6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
A nameserver with DNSSEC validation enabled may incorrectly add
unauthenticated records to its cache that are received during the
resolution of a recursive client query

BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
https://www.isc.org/advisories/CVE-2010-0097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
There was an error in the DNSSEC NSEC/NSEC3 validation code that could
cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records
proven by NSEC or NSEC3 to exist) to be cached as if they had validated
correctly

These issues only affect systems with DNSSEC validation enabled.

git-svn-id: svn://svn.freebsd.org/base/stable/8@203635 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
39 files changed:
contrib/bind9/CHANGES diff | blob | history
contrib/bind9/FAQ diff | blob | history
contrib/bind9/FAQ.xml diff | blob | history
contrib/bind9/bin/dnssec/dnssec-signzone.8 diff | blob | history
contrib/bind9/bin/dnssec/dnssec-signzone.html diff | blob | history
contrib/bind9/bin/named/query.c diff | blob | history
contrib/bind9/doc/arm/Bv9ARM.pdf diff | blob | history
contrib/bind9/doc/arm/man.dnssec-signzone.html diff | blob | history
contrib/bind9/doc/arm/man.named-checkconf.html diff | blob | history
contrib/bind9/doc/arm/man.named-checkzone.html diff | blob | history
contrib/bind9/doc/arm/man.named.html diff | blob | history
contrib/bind9/doc/arm/man.nsupdate.html diff | blob | history
contrib/bind9/doc/arm/man.rndc-confgen.html diff | blob | history
contrib/bind9/doc/arm/man.rndc.conf.html diff | blob | history
contrib/bind9/doc/arm/man.rndc.html diff | blob | history
contrib/bind9/lib/dns/include/dns/db.h diff | blob | history
contrib/bind9/lib/dns/include/dns/ncache.h diff | blob | history
contrib/bind9/lib/dns/include/dns/types.h diff | blob | history
contrib/bind9/lib/dns/rbtdb.c diff | blob | history
contrib/bind9/lib/dns/resolver.c diff | blob | history
contrib/bind9/lib/dns/validator.c diff | blob | history
contrib/bind9/lib/lwres/man/lwres.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_buffer.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_config.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_context.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_gabn.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_gai_strerror.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_getaddrinfo.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_gethostent.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_getipnode.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_getnameinfo.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_getrrsetbyname.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_gnba.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_hstrerror.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_inetntop.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_noop.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_packet.html diff | blob | history
contrib/bind9/lib/lwres/man/lwres_resutil.html diff | blob | history
contrib/bind9/version diff | blob | history
8-STABLE