diff options
| -rw-r--r-- | dns/bind96/Makefile | 4 | ||||
| -rw-r--r-- | dns/bind96/distinfo | 8 | ||||
| -rw-r--r-- | dns/bind97/Makefile | 4 | ||||
| -rw-r--r-- | dns/bind97/distinfo | 8 | ||||
| -rw-r--r-- | dns/bind98/Makefile | 4 | ||||
| -rw-r--r-- | dns/bind98/distinfo | 8 | ||||
| -rw-r--r-- | dns/bind99/Makefile | 4 | ||||
| -rw-r--r-- | dns/bind99/distinfo | 8 | ||||
| -rw-r--r-- | security/vuxml/vuln.xml | 51 |
9 files changed, 75 insertions, 24 deletions
diff --git a/dns/bind96/Makefile b/dns/bind96/Makefile index ad80ddafbe79..13a45e0ab9b0 100644 --- a/dns/bind96/Makefile +++ b/dns/bind96/Makefile @@ -12,7 +12,7 @@ # release you can generally build it cleanly from the source - Doug PORTNAME= bind96 -PORTVERSION= 9.6.3.1.ESV.R7 +PORTVERSION= 9.6.3.1.ESV.R7.1 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} \ http://dougbarton.us/Downloads/%SUBDIR%/ @@ -25,7 +25,7 @@ MAINTAINER= dougb@FreeBSD.org COMMENT= The BIND DNS suite with updated DNSSEC and threads # ISC releases things like 9.4.0b3, which our versioning doesn't like -ISCVERSION= 9.6-ESV-R7 +ISCVERSION= 9.6-ESV-R7-P1 MAKE_JOBS_UNSAFE= yes diff --git a/dns/bind96/distinfo b/dns/bind96/distinfo index 7a0fe7918fbd..24155b5d329a 100644 --- a/dns/bind96/distinfo +++ b/dns/bind96/distinfo @@ -1,4 +1,4 @@ -SHA256 (bind-9.6-ESV-R7.tar.gz) = 887043bc74f496fe3402c7b8b3001aa42ffbe34e35d061b9d8a2ee1021b9ac39 -SIZE (bind-9.6-ESV-R7.tar.gz) = 6286390 -SHA256 (bind-9.6-ESV-R7.tar.gz.asc) = c386d41720d24d2f277ffcd76b840b78ed99764895f57984884ac1e4dca5f0dc -SIZE (bind-9.6-ESV-R7.tar.gz.asc) = 490 +SHA256 (bind-9.6-ESV-R7-P1.tar.gz) = 4f3ad2ddc03ca09b72b3f267ba1164ec522b10f066e348f1c24ac2616a8c6d16 +SIZE (bind-9.6-ESV-R7-P1.tar.gz) = 6415389 +SHA256 (bind-9.6-ESV-R7-P1.tar.gz.asc) = e169e7fa9adf08f0d386cc8fbc41e1334199e5e7fc44c25d8d567cd13b6f1f0f +SIZE (bind-9.6-ESV-R7-P1.tar.gz.asc) = 481 diff --git a/dns/bind97/Makefile b/dns/bind97/Makefile index 7479971c3915..a6d3989e88e1 100644 --- a/dns/bind97/Makefile +++ b/dns/bind97/Makefile @@ -6,7 +6,7 @@ # PORTNAME?= bind97 -PORTVERSION= 9.7.6 +PORTVERSION= 9.7.6.1 PORTREVISION?= 0 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} \ @@ -20,7 +20,7 @@ MAINTAINER= dougb@FreeBSD.org COMMENT?= The BIND DNS suite with updated DNSSEC and threads # ISC releases things like 9.4.0b3, which our versioning doesn't like -ISCVERSION= 9.7.6 +ISCVERSION= 9.7.6-P1 MAKE_JOBS_UNSAFE= yes diff --git a/dns/bind97/distinfo b/dns/bind97/distinfo index 88e0c6b304e0..4c22c523fa5f 100644 --- a/dns/bind97/distinfo +++ b/dns/bind97/distinfo @@ -1,4 +1,4 @@ -SHA256 (bind-9.7.6.tar.gz) = 9294610d63c376bd62e5a303e1035f3a95067b60271a67f98841fe56e58045f8 -SIZE (bind-9.7.6.tar.gz) = 6846451 -SHA256 (bind-9.7.6.tar.gz.asc) = f503a6efc2f487a16a9e317ae0f38e89dc886de45b69625b646985dc7452017d -SIZE (bind-9.7.6.tar.gz.asc) = 490 +SHA256 (bind-9.7.6-P1.tar.gz) = 33703cc68d94e6a639fe95f24bcbedf9b088123bae9ef357f0668d78dd60e7f6 +SIZE (bind-9.7.6-P1.tar.gz) = 6978457 +SHA256 (bind-9.7.6-P1.tar.gz.asc) = 02f5d7cbec706fd22a1168c88d19cf318f932f45302b48dbc6aa91c0c96b4098 +SIZE (bind-9.7.6-P1.tar.gz.asc) = 481 diff --git a/dns/bind98/Makefile b/dns/bind98/Makefile index 381b15b6a99b..deda9e7a723e 100644 --- a/dns/bind98/Makefile +++ b/dns/bind98/Makefile @@ -12,7 +12,7 @@ # release you can generally build it cleanly from the source - Doug PORTNAME= bind98 -PORTVERSION= 9.8.3 +PORTVERSION= 9.8.3.1 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} \ http://dougbarton.us/Downloads/%SUBDIR%/ @@ -25,7 +25,7 @@ MAINTAINER= dougb@FreeBSD.org COMMENT= The BIND DNS suite with updated DNSSEC and DNS64 # ISC releases things like 9.8.0-P1, which our versioning doesn't like -ISCVERSION= 9.8.3 +ISCVERSION= 9.8.3-P1 MAKE_JOBS_UNSAFE= yes diff --git a/dns/bind98/distinfo b/dns/bind98/distinfo index 26322da2e9b3..8152986fb8b6 100644 --- a/dns/bind98/distinfo +++ b/dns/bind98/distinfo @@ -1,4 +1,4 @@ -SHA256 (bind-9.8.3.tar.gz) = 4099a4c18d931a0d0322666ba4a93bb4f07c8644b264cda38a2431148f91b2d8 -SIZE (bind-9.8.3.tar.gz) = 6984538 -SHA256 (bind-9.8.3.tar.gz.asc) = 59146b592b74bb9c76315a0d569d3924c641984bf9e4a981fc0259d9bd0719f3 -SIZE (bind-9.8.3.tar.gz.asc) = 490 +SHA256 (bind-9.8.3-P1.tar.gz) = 850aede364f89e706dbfcbe7d70887bc3c2df468146da5cae8c8ab9ee4621891 +SIZE (bind-9.8.3-P1.tar.gz) = 7112920 +SHA256 (bind-9.8.3-P1.tar.gz.asc) = df23470f353b4f4eb70e7d34ebc7e94b55b1fc543445230a42c31ab9a49a5dc3 +SIZE (bind-9.8.3-P1.tar.gz.asc) = 481 diff --git a/dns/bind99/Makefile b/dns/bind99/Makefile index 502d5a6a5c33..94613c5bd4c7 100644 --- a/dns/bind99/Makefile +++ b/dns/bind99/Makefile @@ -11,7 +11,7 @@ # release you can generally build it cleanly from the source - Doug PORTNAME= bind99 -PORTVERSION= 9.9.1 +PORTVERSION= 9.9.1.1 CATEGORIES= dns net ipv6 MASTER_SITES= ${MASTER_SITE_ISC} \ http://dougbarton.us/Downloads/%SUBDIR%/ @@ -24,7 +24,7 @@ MAINTAINER= dougb@FreeBSD.org COMMENT= The BIND DNS suite with updated DNSSEC and DNS64 # ISC releases things like 9.8.0-P1, which our versioning doesn't like -ISCVERSION= 9.9.1 +ISCVERSION= 9.9.1-P1 MAKE_JOBS_UNSAFE= yes diff --git a/dns/bind99/distinfo b/dns/bind99/distinfo index de63ca8d55a0..17487e4bf028 100644 --- a/dns/bind99/distinfo +++ b/dns/bind99/distinfo @@ -1,4 +1,4 @@ -SHA256 (bind-9.9.1.tar.gz) = 7599ae5a7d945707926019a6b191d06775e9657c68ced00e09af5bc751dad524 -SIZE (bind-9.9.1.tar.gz) = 7092357 -SHA256 (bind-9.9.1.tar.gz.asc) = 96860076a0fa4dfba9f1bd2143a6d13a1ef9d9478a5e847cb2c28311fc517f74 -SIZE (bind-9.9.1.tar.gz.asc) = 490 +SHA256 (bind-9.9.1-P1.tar.gz) = 2dc5886b3eb6768d312b43dbe1e23a5b67b4f4dcfa1a65b1017e7710bb764627 +SIZE (bind-9.9.1-P1.tar.gz) = 7223197 +SHA256 (bind-9.9.1-P1.tar.gz.asc) = 9692338123284f8d7b580d4368f59ff845868f3534c6a5efcfb4d6fc8a69ad58 +SIZE (bind-9.9.1-P1.tar.gz.asc) = 481 diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 229c2cd434f5..063bbdf413a4 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -52,6 +52,57 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="1ecc0d3f-ae8e-11e1-965b-0024e88a8c98"> + <topic>dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory</topic> + <affects> + <package> + <name>bind99</name> + <range><lt>9.9.1.1</lt></range> + </package> + <package> + <name>bind98</name> + <range><lt>9.8.3.1</lt></range> + </package> + <package> + <name>bind99</name> + <range><lt>9.7.6.1</lt></range> + </package> + <package> + <name>bind99</name> + <range><lt>9.6.3.1.ESV.R7.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>ISC reports:</p> + <blockquote cite="http://www.isc.org/software/bind/advisories/cve-2012-1667"> + <p>Processing of DNS resource records where the rdata field is zero length + may cause various issues for the servers handling them.</p> + <p>Processing of these records may lead to unexpected outcomes. Recursive + servers may crash or disclose some portion of memory to the client. + Secondary servers may crash on restart after transferring a zone + containing these records. Master servers may corrupt zone data if the + zone option "auto-dnssec" is set to "maintain". Other unexpected + problems that are not listed here may also be encountered.</p> + <p>Impact: This issue primarily affects recursive nameservers. + Authoritative nameservers will only be impacted if an administrator + configures experimental record types with no data. If the server is + configured this way, then secondaries can crash on restart after + transferring that zone. Zone data on the master can become corrupted if + the zone with those records has named configured to manage the DNSSEC + key rotation.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2012-1667</cvename> + </references> + <dates> + <discovery>2012-06-04</discovery> + <entry>2012-06-04</entry> + </dates> + </vuln> + <vuln vid="a8864f8f-aa9e-11e1-a284-0023ae8e59f0"> <topic>databases/postgresql*-server -- crypt vulnerabilities</topic> <affects> |