head	1.10;
access;
symbols
	RELENG_8_4:1.10.0.2
	RELENG_9_1_0_RELEASE:1.7.2.2
	RELENG_9_1:1.7.2.2.0.2
	RELENG_9_1_BP:1.7.2.2
	RELENG_8_3_0_RELEASE:1.4.2.2
	RELENG_8_3:1.4.2.2.0.2
	RELENG_8_3_BP:1.4.2.2
	RELENG_9_0_0_RELEASE:1.7
	RELENG_9_0:1.7.0.4
	RELENG_9_0_BP:1.7
	RELENG_9:1.7.0.2
	RELENG_9_BP:1.7
	RELENG_7_4_0_RELEASE:1.1.1.5.2.3
	RELENG_8_2_0_RELEASE:1.4
	RELENG_7_4:1.1.1.5.2.3.0.2
	RELENG_7_4_BP:1.1.1.5.2.3
	RELENG_8_2:1.4.0.8
	RELENG_8_2_BP:1.4
	RELENG_8_1_0_RELEASE:1.4
	RELENG_8_1:1.4.0.6
	RELENG_8_1_BP:1.4
	RELENG_7_3_0_RELEASE:1.1.1.5.2.2.4.1
	RELENG_7_3:1.1.1.5.2.2.0.4
	RELENG_7_3_BP:1.1.1.5.2.2
	RELENG_8_0_0_RELEASE:1.4
	RELENG_8_0:1.4.0.4
	RELENG_8_0_BP:1.4
	RELENG_8:1.4.0.2
	RELENG_8_BP:1.4
	RELENG_7_2_0_RELEASE:1.1.1.5.2.2
	RELENG_7_2:1.1.1.5.2.2.0.2
	RELENG_7_2_BP:1.1.1.5.2.2
	RELENG_7_1_0_RELEASE:1.1.1.5.2.1
	RELENG_6_4_0_RELEASE:1.1.1.2.2.3
	RELENG_7_1:1.1.1.5.2.1.0.4
	RELENG_7_1_BP:1.1.1.5.2.1
	RELENG_6_4:1.1.1.2.2.3.0.2
	RELENG_6_4_BP:1.1.1.2.2.3
	RELENG_7_0_0_RELEASE:1.1.1.5.2.1
	RELENG_6_3_0_RELEASE:1.1.1.2.2.2
	RELENG_7_0:1.1.1.5.2.1.0.2
	RELENG_7_0_BP:1.1.1.5.2.1
	BIND_9_4_2:1.1.1.6
	RELENG_6_3:1.1.1.2.2.2.0.2
	RELENG_6_3_BP:1.1.1.2.2.2
	RELENG_7:1.1.1.5.0.2
	RELENG_7_BP:1.1.1.5
	BIND_9_4_1_P1:1.1.1.5
	BIND_9_4_1:1.1.1.5
	BIND_9_3_4:1.1.1.4
	RELENG_6_2_0_RELEASE:1.1.1.2.2.1.4.1
	BIND_9_3_3:1.1.1.4
	RELENG_6_2:1.1.1.2.2.1.0.4
	RELENG_6_2_BP:1.1.1.2.2.1
	RELENG_5_5_0_RELEASE:1.1.1.1.2.3
	RELENG_5_5:1.1.1.1.2.3.0.2
	RELENG_5_5_BP:1.1.1.1.2.3
	RELENG_6_1_0_RELEASE:1.1.1.2.2.1
	RELENG_6_1:1.1.1.2.2.1.0.2
	RELENG_6_1_BP:1.1.1.2.2.1
	BIND_9_3_2:1.1.1.3
	RELENG_6_0_0_RELEASE:1.1.1.2
	RELENG_6_0:1.1.1.2.0.4
	RELENG_6_0_BP:1.1.1.2
	RELENG_6:1.1.1.2.0.2
	RELENG_6_BP:1.1.1.2
	RELENG_5_4_0_RELEASE:1.1.1.1.2.2
	RELENG_5_4:1.1.1.1.2.2.0.2
	RELENG_5_4_BP:1.1.1.1.2.2
	BIND_9_3_1:1.1.1.2
	RELENG_5_3_0_RELEASE:1.1.1.1.2.1
	RELENG_5_3:1.1.1.1.2.1.0.2
	RELENG_5_3_BP:1.1.1.1.2.1
	RELENG_5:1.1.1.1.0.2
	BIND_9_3_0:1.1.1.1
	BIND_9_3_0_RC4:1.1.1.1
	ISC:1.1.1;
locks; strict;
comment	@# @;


1.10
date	2012.12.07.12.43.13;	author svnexp;	state Exp;
branches
	1.10.2.1;
next	1.9;

1.9
date	2012.05.28.19.47.56;	author dougb;	state Exp;
branches;
next	1.8;

1.8
date	2012.04.05.04.29.35;	author dougb;	state Exp;
branches;
next	1.7;

1.7
date	2011.09.03.07.13.45;	author dougb;	state Exp;
branches
	1.7.2.1;
next	1.6;

1.6
date	2011.07.16.11.12.09;	author dougb;	state Exp;
branches;
next	1.5;

1.5
date	2011.02.06.22.46.07;	author dougb;	state Exp;
branches;
next	1.4;

1.4
date	2009.06.25.19.16.29;	author dougb;	state Exp;
branches
	1.4.2.1;
next	1.3;

1.3
date	2009.05.31.05.42.58;	author dougb;	state Exp;
branches;
next	1.2;

1.2
date	2008.12.23.22.47.56;	author dougb;	state Exp;
branches;
next	1.1;

1.1
date	2004.09.19.01.30.17;	author trhodes;	state Exp;
branches
	1.1.1.1;
next	;

1.10.2.1
date	2012.12.07.12.43.13;	author svnexp;	state dead;
branches;
next	1.10.2.2;

1.10.2.2
date	2013.03.28.13.00.21;	author svnexp;	state Exp;
branches;
next	;

1.7.2.1
date	2012.04.08.01.43.41;	author dougb;	state Exp;
branches;
next	1.7.2.2;

1.7.2.2
date	2012.06.01.03.46.28;	author dougb;	state Exp;
branches;
next	1.7.2.3;

1.7.2.3
date	2013.01.08.10.02.28;	author svnexp;	state Exp;
branches;
next	1.7.2.4;

1.7.2.4
date	2013.08.16.08.01.50;	author svnexp;	state Exp;
branches;
next	1.7.2.5;

1.7.2.5
date	2013.08.26.08.01.49;	author svnexp;	state Exp;
branches;
next	1.7.2.6;

1.7.2.6
date	2014.03.03.10.08.04;	author svnexp;	state Exp;
branches;
next	;

1.4.2.1
date	2011.02.05.19.13.34;	author dougb;	state Exp;
branches;
next	1.4.2.2;

1.4.2.2
date	2011.08.02.08.07.59;	author dougb;	state Exp;
branches;
next	1.4.2.3;

1.4.2.3
date	2012.04.05.04.31.17;	author dougb;	state Exp;
branches;
next	1.4.2.4;

1.4.2.4
date	2013.01.04.14.22.20;	author svnexp;	state Exp;
branches;
next	1.4.2.5;

1.4.2.5
date	2013.02.11.12.33.25;	author svnexp;	state Exp;
branches;
next	1.4.2.6;

1.4.2.6
date	2014.03.03.10.23.39;	author svnexp;	state Exp;
branches;
next	;

1.1.1.1
date	2004.09.19.01.30.17;	author trhodes;	state Exp;
branches
	1.1.1.1.2.1;
next	1.1.1.2;

1.1.1.2
date	2005.03.17.08.03.32;	author dougb;	state Exp;
branches
	1.1.1.2.2.1;
next	1.1.1.3;

1.1.1.3
date	2005.12.29.04.22.41;	author dougb;	state Exp;
branches;
next	1.1.1.4;

1.1.1.4
date	2006.12.10.07.09.01;	author dougb;	state Exp;
branches;
next	1.1.1.5;

1.1.1.5
date	2007.06.02.23.21.35;	author dougb;	state Exp;
branches
	1.1.1.5.2.1;
next	1.1.1.6;

1.1.1.6
date	2007.12.02.19.10.22;	author dougb;	state Exp;
branches;
next	;

1.1.1.1.2.1
date	2004.09.26.03.09.50;	author des;	state Exp;
branches;
next	1.1.1.1.2.2;

1.1.1.1.2.2
date	2005.03.23.18.16.28;	author dougb;	state Exp;
branches;
next	1.1.1.1.2.3;

1.1.1.1.2.3
date	2006.01.14.10.42.07;	author dougb;	state Exp;
branches;
next	1.1.1.1.2.4;

1.1.1.1.2.4
date	2006.12.13.09.57.07;	author dougb;	state Exp;
branches;
next	;

1.1.1.2.2.1
date	2006.01.14.10.13.44;	author dougb;	state Exp;
branches
	1.1.1.2.2.1.4.1;
next	1.1.1.2.2.2;

1.1.1.2.2.2
date	2006.12.13.09.46.56;	author dougb;	state Exp;
branches;
next	1.1.1.2.2.3;

1.1.1.2.2.3
date	2008.06.03.05.38.10;	author dougb;	state Exp;
branches;
next	1.1.1.2.2.4;

1.1.1.2.2.4
date	2009.01.10.04.30.27;	author dougb;	state Exp;
branches;
next	;

1.1.1.2.2.1.4.1
date	2006.12.13.09.52.23;	author dougb;	state Exp;
branches;
next	;

1.1.1.5.2.1
date	2007.12.07.08.31.14;	author dougb;	state Exp;
branches;
next	1.1.1.5.2.2;

1.1.1.5.2.2
date	2009.01.10.03.00.21;	author dougb;	state Exp;
branches
	1.1.1.5.2.2.4.1;
next	1.1.1.5.2.3;

1.1.1.5.2.3
date	2010.02.16.05.14.51;	author dougb;	state Exp;
branches;
next	;

1.1.1.5.2.2.4.1
date	2010.02.16.18.10.35;	author dougb;	state Exp;
branches;
next	;


desc
@@


1.10
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/243981
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@# LIBINTERFACE ranges
# 9.6: 50-59, 110-119
# 9.7: 60-79
# 9.8: 80-89
# 9.9: 90-109
LIBINTERFACE = 80
LIBREVISION = 7
LIBAGE = 0
@


1.10.2.1
log
@file api was added on branch RELENG_8_4 on 2013-03-28 13:00:21 +0000
@
text
@d1 8
@


1.10.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248810
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 8
# LIBINTERFACE ranges
# 9.6: 50-59, 110-119
# 9.7: 60-79
# 9.8: 80-89
# 9.9: 90-109
LIBINTERFACE = 80
LIBREVISION = 7
LIBAGE = 0
@


1.9
log
@SVN rev 236196 on 2012-05-28 19:47:56Z by dougb

Upgrade to BIND version 9.8.3, the latest from ISC.

Feature Change

*  BIND now recognizes the TLSA resource record type, created to
   support IETF DANE (DNS-based Authentication of Named Entities)

Bug Fix

*  The locking strategy around the handling of iterative queries
   has been tuned to reduce unnecessary contention in a multi-
   threaded environment.

Other critical bug fixes are included.

All BIND users are encouraged to upgrade.
@
text
@d7 1
a7 1
LIBREVISION = 5
@


1.8
log
@SVN rev 233914 on 2012-04-05 04:29:35Z by dougb

Update to version 9.8.2, the latest from ISC, which contains numerous bug fixes.
@
text
@d7 1
a7 1
LIBREVISION = 4
@


1.7
log
@SVN rev 225361 on 2011-09-03 07:13:45Z by dougb

Upgrade to BIND version 9.8.1. Release notes at:

https://deepthought.isc.org/article/AA-00446/81/
or
/usr/src/contrib/bind9/

Approved by:	re (kib)
@
text
@d1 5
d7 1
a7 1
LIBREVISION = 3
@


1.7.2.1
log
@SVN rev 234010 on 2012-04-08 01:43:41Z by dougb

MFC r233909:

Add Bv9ARM.pdf to the list of docs to install.

MFV/MFC r233914:

Update to version 9.8.2, the latest from ISC, which contains numerous bug fixes.
@
text
@a0 5
# LIBINTERFACE ranges
# 9.6: 50-59, 110-119
# 9.7: 60-79
# 9.8: 80-89
# 9.9: 90-109
d2 1
a2 1
LIBREVISION = 4
@


1.7.2.2
log
@SVN rev 236374 on 2012-06-01 03:46:28Z by dougb

MFV r236171, MFC r236196:

Upgrade to BIND version 9.8.3, the latest from ISC.

Feature Change

*  BIND now recognizes the TLSA resource record type, created to
   support IETF DANE (DNS-based Authentication of Named Entities)

Bug Fix

*  The locking strategy around the handling of iterative queries
   has been tuned to reduce unnecessary contention in a multi-
   threaded environment.

Other critical bug fixes are included.

All BIND users are encouraged to upgrade.
@
text
@d7 1
a7 1
LIBREVISION = 5
@


1.7.2.3
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/245163
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r245163 | erwin | 2013-01-08 09:05:09 +0000 (Tue, 08 Jan 2013) | 21 lines
## SVN ##
## SVN ## MFC r243981,243987:
## SVN ##
## SVN ##   Update to 9.8.4-P1.
## SVN ##
## SVN ##   New Features
## SVN ##
## SVN ##   *  Elliptic Curve Digital Signature Algorithm keys and signatures in
## SVN ##      DNSSEC are now supported per RFC 6605. [RT #21918]
## SVN ##
## SVN ##   Feature Changes
## SVN ##
## SVN ##   *  Improves OpenSSL error logging [RT #29932]
## SVN ##
## SVN ##   *  nslookup now returns a nonzero exit code when it is unable to get
## SVN ##      an answer.  [RT #29492]
## SVN ##
## SVN ##   Other critical bug fixes are included.
## SVN ##
## SVN ##   Approved by:  delphij (mentor)
## SVN ##   Sponsored by: DK Hostmaster A/S
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d7 1
a7 1
LIBREVISION = 7
@


1.7.2.4
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/254402
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d4 1
a4 1
# 9.8: 80-89, 120-129
a5 1
# 9.9-sub: 130-139
d7 1
a7 1
LIBREVISION = 8
@


1.7.2.5
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/254897
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d7 2
a8 2
LIBINTERFACE = 90
LIBREVISION = 7
@


1.7.2.6
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/262706
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d8 1
a8 1
LIBREVISION = 9
@


1.6
log
@SVN rev 224092 on 2011-07-16 11:12:09Z by dougb

Upgrade to version 9.8.0-P4

This version has many new features, see /usr/share/doc/bind9/README
for details.
@
text
@d2 1
a2 1
LIBREVISION = 1
@


1.5
log
@SVN rev 218384 on 2011-02-06 22:46:07Z by dougb

Update to BIND 9.6.3, the latest from ISC on the 9.6 branch.

All 9.6 users with DNSSEC validation enabled should upgrade to this
version, or the latest version in the 9.7 branch, prior to 2011-03-31
in order to avoid validation failures for names in .COM as described
here:

https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record

In addition the fixes for this and other bugs, there are also the
following:

  * Various fixes to kerberos support, including GSS-TSIG
  * Various fixes to avoid leaking memory, and to problems that could
    prevent a clean shutdown of named
@
text
@d1 2
a2 2
LIBINTERFACE = 50
LIBREVISION = 4
@


1.4
log
@SVN rev 194995 on 2009-06-25 19:16:29Z by dougb

Update to the final release version of BIND 9.6.1. It has the following
changes from the 9.6.1rc1 version. The first 2 only affect DNSSEC.

          named could incorrectly delete NSEC3 records for
          empty nodes when processing a update request.

          Accept DS responses from delegation only zones.

          "delegation-only" was not being accepted in
          delegation-only type zones.
@
text
@d2 1
a2 1
LIBREVISION = 3
@


1.4.2.1
log
@SVN rev 218334 on 2011-02-05 19:13:34Z by dougb

Update to BIND 9.6.3, the latest from ISC on the 9.6 branch.

All 9.6 users with DNSSEC validation enabled should upgrade to this
version, or the latest version in the 9.7 branch, prior to 2011-03-31
in order to avoid validation failures for names in .COM as described
here:

https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record

In addition the fixes for this and other bugs, there are also the
following:

  * Various fixes to kerberos support, including GSS-TSIG
  * Various fixes to avoid leaking memory, and to problems that could
    prevent a clean shutdown of named
@
text
@d2 1
a2 1
LIBREVISION = 4
@


1.4.2.2
log
@SVN rev 224596 on 2011-08-02 08:07:59Z by dougb

Update to version 9.6-ESV-R5 which contains various bug fixes
and improvements:

ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5/RELEASE-NOTES-BIND-9.6-ESV.html
@
text
@d2 1
a2 1
LIBREVISION = 5
@


1.4.2.3
log
@SVN rev 233915 on 2012-04-05 04:31:17Z by dougb

Update to version 9.6-ESV-R6, the latest from ISC, which contains numerous
bug fixes.
@
text
@a0 5
# LIBINTERFACE ranges
# 9.6: 50-59, 110-119
# 9.7: 60-79
# 9.8: 80-89
# 9.9: 90-109
d2 1
a2 1
LIBREVISION = 7
@


1.4.2.4
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/245039
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r245039 | erwin | 2013-01-04 13:36:31 +0000 (Fri, 04 Jan 2013) | 7 lines
## SVN ##
## SVN ## Update to 9.6-ESV-R8.
## SVN ##
## SVN ## All security fixes were previously merged.
## SVN ## Release notes: https://kb.isc.org/article/AA-00795
## SVN ##
## SVN ## Approved by:	delphij (mentor)
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d7 1
a7 1
LIBREVISION = 9
@


1.4.2.5
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246656
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d6 2
a7 2
LIBINTERFACE = 80
LIBREVISION = 7
@


1.4.2.6
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/262707
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d4 1
a4 1
# 9.8: 80-89, 120-129
a5 1
# 9.9-sub: 130-139
d7 1
a7 1
LIBREVISION = 9
@


1.3
log
@SVN rev 193149 on 2009-05-31 05:42:58Z by dougb

Update BIND to version 9.6.1rc1. This version has better performance and
lots of new features compared to 9.4.x, including:

	Full NSEC3 support
	Automatic zone re-signing
	New update-policy methods tcp-self and 6to4-self
	DHCID support.
	More detailed statistics counters including those supported in BIND 8.
	Faster ACL processing.
	Efficient LRU cache-cleaning mechanism.
	NSID support.
@
text
@d2 1
a2 1
LIBREVISION = 2
@


1.2
log
@SVN rev 186462 on 2008-12-23 22:47:56Z by dougb

Merge from vendor/bind9/dist as of the 9.4.3 import
@
text
@d1 3
a3 3
LIBINTERFACE = 31
LIBREVISION = 1
LIBAGE = 1
@


1.1
log
@Initial revision
@
text
@d1 3
a3 3
LIBINTERFACE = 0
LIBREVISION = 4
LIBAGE = 0
@


1.1.1.1
log
@Vender import of BIND 9.3.0rc4.
@
text
@@


1.1.1.2
log
@Vendor import of BIND 9.3.1
@
text
@d2 1
a2 1
LIBREVISION = 5
@


1.1.1.2.2.1
log
@MFC import of BIND 9.3.2
@
text
@d2 1
a2 1
LIBREVISION = 7
@


1.1.1.2.2.1.4.1
log
@MFC upgrade to version 9.3.3

Approved by:    re (kensmith)
@
text
@d2 1
a2 1
LIBREVISION = 8
@


1.1.1.2.2.2
log
@MFC upgrade to version 9.3.3

Approved by:	re (kensmith)
@
text
@d2 1
a2 1
LIBREVISION = 8
@


1.1.1.2.2.3
log
@SVN rev 179502 on 2008-06-03 05:38:10Z by dougb

Update to version 9.3.5. It contains the latest bug fixes, updates
to root server addresses, and a fix for the vulnerability mentioned
here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122

Users of BIND 9.3.x are strongly encouraged to upgrade to this
version. Also, the 9.3.x branch is now in maintenance-only mode.
Users are encouraged to investigate BIND 9.4.x or perhaps 9.5.x.

http://www.isc.org/index.pl?/sw/bind/versions_and_support.php

This udpate is being done by updating the files directly in this
branch rather than an import + MFC because BIND in HEAD is 9.4.x.
@
text
@d2 1
a2 1
LIBREVISION = 10
@


1.1.1.2.2.4
log
@SVN rev 186999 on 2009-01-10 04:30:27Z by dougb

Merge from vendor/bind9/dist-9.3 as of the 9.3.6-P1 import
@
text
@d2 1
a2 1
LIBREVISION = 11
@


1.1.1.3
log
@Vendor import of BIND 9.3.2
@
text
@d2 1
a2 1
LIBREVISION = 7
@


1.1.1.4
log
@Vendor import of BIND 9.3.3
@
text
@d2 1
a2 1
LIBREVISION = 8
@


1.1.1.5
log
@Vendor import of BIND 9.4.1
@
text
@d1 2
a2 2
LIBINTERFACE = 30
LIBREVISION = 3
@


1.1.1.5.2.1
log
@MFC contrib code and bmake changes for BIND version 9.4.2

Approved by:	re (kensmith)
@
text
@d1 3
a3 3
LIBINTERFACE = 31
LIBREVISION = 0
LIBAGE = 1
@


1.1.1.5.2.2
log
@SVN rev 186996 on 2009-01-10 03:00:21Z by dougb

MFC the BIND 9.4.3 and 9.4.3-P1 updates
@
text
@d2 1
a2 1
LIBREVISION = 1
@


1.1.1.5.2.2.4.1
log
@SVN rev 203961 on 2010-02-16 18:10:35Z by dougb

Merge from stable/7, version 203948:

Upgrade to BIND 9.4-ESV. This version incorporates all bug and security
fixes since the release of 9.4.3, including the most recent -P5 security
fix detailed below.

From the README:
BIND 9.4-ESV will be supported until December 31, 2010, at
which time you will need to upgrade to the current release
of BIND.

This versions address the following vulnerabilities:

BIND 9 Cache Update from Additional Section
https://www.isc.org/advisories/CVE-2009-4022v6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
A nameserver with DNSSEC validation enabled may incorrectly add
unauthenticated records to its cache that are received during the
resolution of a recursive client query

BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
https://www.isc.org/advisories/CVE-2010-0097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
There was an error in the DNSSEC NSEC/NSEC3 validation code that could
cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records
proven by NSEC or NSEC3 to exist) to be cached as if they had validated
correctly

These issues only affect systems with DNSSEC validation enabled.

Approved by:	re (kensmith)
@
text
@d2 1
a2 1
LIBREVISION = 2
@


1.1.1.5.2.3
log
@SVN rev 203948 on 2010-02-16 05:14:51Z by dougb

Upgrade to BIND 9.4-ESV. This version incorporates all bug and security
fixes since the release of 9.4.3, including the most recent -P5 security
fix detailed below.

From the README:
BIND 9.4-ESV will be supported until December 31, 2010, at
which time you will need to upgrade to the current release
of BIND.

This versions address the following vulnerabilities:

BIND 9 Cache Update from Additional Section
https://www.isc.org/advisories/CVE-2009-4022v6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
A nameserver with DNSSEC validation enabled may incorrectly add
unauthenticated records to its cache that are received during the
resolution of a recursive client query

BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
https://www.isc.org/advisories/CVE-2010-0097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
There was an error in the DNSSEC NSEC/NSEC3 validation code that could
cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records
proven by NSEC or NSEC3 to exist) to be cached as if they had validated
correctly

These issues only affect systems with DNSSEC validation enabled.

Approved by:	re (kensmith)
@
text
@d2 1
a2 1
LIBREVISION = 2
@


1.1.1.6
log
@Vendor import of BIND 9.4.2
@
text
@d1 3
a3 3
LIBINTERFACE = 31
LIBREVISION = 0
LIBAGE = 1
@


1.1.1.1.2.1
log
@MFC: BIND 9 and related bits.

Approved by:	re
@
text
@@


1.1.1.1.2.2
log
@MFC BIND 9.3.1 and related bmake updates

Approved by:	re (kensmith)
@
text
@d2 1
a2 1
LIBREVISION = 5
@


1.1.1.1.2.3
log
@MFC import of BIND 9.3.2
@
text
@d2 1
a2 1
LIBREVISION = 7
@


1.1.1.1.2.4
log
@MFC upgrade to version 9.3.3
@
text
@d2 1
a2 1
LIBREVISION = 8
@


