| Age | Commit message (Collapse) | Author |
|---|
|
1. The default access control lists (acls) are not being
correctly set. If not set anyone can make recursive queries
and/or query the cache contents.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925
2. The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.
This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.
All users are encouraged to upgrade.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
|
|
The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.
This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.
All users are encouraged to upgrade.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
|
|
supports them. This is determined by running ``configure --help'' in
do-configure target and set the shell variable _LATE_CONFIGURE_ARGS
which is then passed to CONFIGURE_ARGS.
- Remove --mandir and --infodir in ports' Makefile where applicable
Few ports use REINPLACE_CMD to achieve the same effect, remove them too.
- Correct some manual pages location from PREFIX/man to MANPREFIX/man
- Define INFO_PATH where necessary
- Document that .info files are installed in a subdirectory relative to
PREFIX/INFO_PATH and slightly change add-plist-info to use INFO_PATH and
subdirectory detection.
PR: ports/111470
Approved by: portmgr
Discussed with: stas (Mk/*), gerald (info related stuffs)
Tested by: pointyhat exp run
|
|
|
|
No objection from: ports@, maintainers
Approved by: portmgr (pav)
|
|
Approved by: maintainer implicit
|
|
|
|
edit and write RFC1033 style DNS Zones.
PR: ports/114271
Submitted by: Chris St Denis (<chris at ctgameinfo.com>)
|
|
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3409
... as well as rudimentary support for IPSECKEY.
See /usr/local/share/doc/p5-Net-DNS/Changes for more details.
Prodded by: Several, including ...
PR: ports/114230
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp>
|
|
Reported by: pointhat (logs)
|
|
Changes: http://search.cpan.org/src/NEELY/Data-Validate-Domain-0.08/Changes
|
|
- maradns.sh and zoneserver.sh now use PID file
- change default MaraDNS UID from 99 to bind(53)
- change default maraDNS GID from 99 to bind(53)
- change default duende logger process UID from 66 to nobody(65534)
- create empty etc/logger directory
PR: ports/113235
Submitted by: Simun Mikecin <numisemis@yahoo.com>
Approved by: Alex Kapranoff <alex@kapranoff.ru> (maintainer)
|
|
Approved by: maintainer timeout (security, 1 day), so (simon)
Security: http://www.vuxml.org/freebsd/70ae62b0-16b0-11dc-b803-0016179b2dd5.html
|
|
|
|
|
|
Hat: portmgr
|
|
Submitted by: pointhat via kris
Sten Spans <sten@blinkenlights.nl> (maintainer)
|
|
Supports adding, removing, and modifying enteries.
The attributes it can handle are TTL, A record, C name, AAAA
record, and MX record. Outside of TTL, multiple attributes
for each type record.
WWW: http://vvelox.net/projects/ldnsm/
PR: ports/112191
Submitted by: Zane C. Bowers
|
|
|
|
|
|
PR: 111915
Submitted by: Sten Spans <sten@blinkenlights.nl> (maintainer)
|
|
PR: 112768
Submitted by: Alex Kapranoff <alex@kapranoff.ru> (maintainer)
|
|
- Set X11BASE to ${LOCALBASE} for recent ${OSVERSION}.
- Bump PORTREVISION for ports intalling files in ${X11BASE}.
|
|
|
|
cap is a network capture utility designed specifically for DNS
traffic. It produces binary data in pcap(3) format, either on
standard output (by default) or in successive dump files (if the d
command line option is given.) This utility is similar to tcpdump(1),
but has finer grained packet recognition tailored to DNS transactions
and protocol options. dnscap is expected to be used for gathering
continuous research or audit traces.
SYNOPSIS
dnscap [-avf6] [-i if ...] [-l vlan ...] [-p port] [-m [quire]] [-h [ir]]
[-q host ...] [-r host ...] [-d base [-k cmd]] [-t lim] [-c lim]
WWW: http://public.oarci.net/tools/dnscap
|
|
Approved by: maintainer implicit
|
|
2172. [bug] query_addsoa() was being called with a non zone db.
[RT #16834]
If you are running BIND 9.4.0 (either pre-release or final),
you are advised to upgrade as soon as possible to BIND 9.4.1.
|
|
|
|
Submitted by: Pietro Celentano <pcelentano@tiscalinet.it>
|
|
- Add patch from SVN to support DNSSEC records
- Update examples (config and table creation files)
- For the complete changelog see http://doc.powerdns.com/changelog.html
PR: ports/112055
Submitted by: maintainer (Ralf van der Enden)
Reviewed by: maintainer
|
|
PR: 112080
Submitted by: miwi
|
|
- Update WWW
|
|
PR: 111765
Submitted by: Volker Theile<votdev@gmx.de>
Approved by: maintainer
|
|
PR: 111733
Submitted by: Olafur Osvaldsson <oli@isnic.is> (maintainer)
|
|
PR: ports/111360
Submitted by: novel
|
|
|
|
Bump PORTREVISION.
|
|
Approved by: garga (mentor)
|
|
is coming.
|
|
Suggested by: skv
|
|
PR: ports/110568
Submitted by: Ed Schouten <ed@fxq.nl> (maintainer)
- While here, modernize USE_RC_SUBR and kill FreeBSD 4.X bits
|
|
PR: ports/105529
Submitted by: laszlof
|
|
PR: ports/110546
Submitted by: Anish Mistry <amistry@am-productions.biz>
Approved by: Ralf van der Enden <Ralf.vdEnden@wldelft.nl> (maintainer)
|
|
PR: 110671
Submitted by: Olafur Osvaldsson <oli@isnic.is> (maintainer)
|
|
PR: ports/109963
Submitted by: clsung
Approved by: maintainer (Jin-Shan Tseng)
|
|
PR: 109873
Submitted by: miwi
Approved by: maintainer
|
|
Hat: portmgr
|
|
contains a bugfix for recovering from permanently lost database connections
- Fix build on gcc 4.x
PR: ports/109273
Submitted by: Ralf van der Enden <tremere at cainites.net> (maintainer)
|
|
- Update pkg-descr
PR: ports/109297
Submitted by: David Sze <dsze@alumni.uwaterloo.ca>
Approved by: Jason DiCioccio <jd@ods.org> (maintainer),
erwin (mentor, implicit)
|
|
PR: 109533
Submitted by: Kay Abendroth <kay.abendroth@raxion.net> (maintainer)
|
