Petr Menšík
c223e3e275
Update to 9.11.17
...
Updated a bit SDB related patches.
2020-03-31 20:37:08 +02:00
Petr Menšík
23657868e6
Update to 9.11.14
...
Includes ThreadSanitizer fixes already included as downstream patches.
Adjusts serve-stale patch, one new statistics.
2019-12-19 18:43:23 +01:00
Petr Menšík
74b53c3a58
Update to 9.11.13
2019-11-25 21:06:06 +01:00
Petr Menšík
86712fc834
Remove config archive with zone files
...
Few configuration and zone files were moved into tarball by commit
55b04de09a
. It makes tracking of changes difficult, hardens rebases,
makes difficult building without proper lookaside cache. Those files are
tiny, no need to hold them inside compressed binary archive. Move them
out.
Replaces also few places with proper directory macros.
2019-11-04 21:45:08 +01:00
Petr Menšík
d0053ae530
Update to 9.11.12 ( #1557762 )
2019-10-21 14:26:32 +02:00
Petr Menšík
69b861316f
Update to 9.11.11
...
- Interaction between DNS64 and RPZ No Data rule (CNAME *.) could
cause unexpected results; this has been fixed. [GL #1106 ]
- named-checkconf now checks DNS64 prefixes
to ensure bits 64-71 are zero. [GL #1159 ]
- named-checkconf could crash during configuration
if configured to use "geoip continent" ACLs with
legacy GeoIP. [GL #1163 ]
- named-checkconf now correctly reports missing
dnstap-output option when
dnstap is set. [GL #1136
- Handle ETIMEDOUT error on connect() with a non-blocking
socket. [GL #1133 ]
2019-09-25 21:24:23 +02:00
Petr Menšík
72f1dad845
Update to BIND 9.11.10
2019-08-27 21:39:46 +02:00
Petr Menšík
afa1fa2af7
Update to 9.11.9
2019-08-08 12:16:51 +02:00
Petr Menšík
16ecf0736f
Update to 9.11.8
...
Contains:
5244. [security] Fixed a race condition in dns_dispatch_getnext()
that could cause an assertion failure if a
significant number of incoming packets were
rejected. (CVE-2019-6471) [GL #942 ]
5241. [bug] Fix Ed448 private and public key ASN.1 prefix blobs.
[GL #225 ]
5237. [bug] Recurse to find the root server list with 'dig +trace'.
[GL #1028 ]
2019-07-02 11:10:03 +02:00
Petr Menšík
625ca235be
Update to BIND 9.11.7
...
Fixes trusted-keys and managed-keys using the same filename.
https://downloads.isc.org/isc/bind9/9.11.7/RELEASE-NOTES-bind-9.11.7.html
2019-06-10 10:41:28 +02:00
Petr Menšík
4b42a5c162
5200. [security] tcp-clients settings could be exceeded in some cases,
...
which could lead to exhaustion of file descriptors.
(CVE-2018-5743) [GL #615 ]
2019-05-02 14:49:56 +02:00
Petr Menšík
2aa49f0cec
Update to 9.11.6
...
Update lastest release, patches not yet adepted for it.
2019-03-05 14:35:50 +01:00
Petr Menšík
321554b987
Update to BIND 9.11.5-P4
...
Add also PGP signature as part of repository.
2019-02-22 19:40:00 +01:00
Petr Menšík
6fee3d63e9
Remove revoked KSK 19164 from trusted root keys
2019-02-15 19:50:20 +01:00
Petr Menšík
13f8f23ec5
Update to 9.11.5-P1
2019-01-28 00:47:11 +01:00
Petr Menšík
ad7b3b8f12
Update to 9.11.5
...
Bump to higher version, update sources.
More fixes to rebased BIND. Many patches are affected by stdbool change.
Update libraries so versions.
2018-11-05 18:12:29 +01:00
Petr Menšík
0b3ef49c00
Update to bind-9.11.4-P2
2018-09-20 11:38:06 +02:00
Petr Menšík
35334375ff
Update to 9.11.4-P1
...
- Fixes CVE-2018-5740
- Adds root key sentinel mechanism support
- incremental zone transfer limit to prevent journal corruption
- rndc reload memory leak
2018-08-09 13:13:02 +02:00
Petr Menšík
a38c250807
Update to 9.11.4
...
- Use more recent kyua, upstream bind now requires parallelism.
- Make global so version variables for libraries with multiple builds.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-07-13 14:14:38 +02:00
Petr Menšík
b8176e5eb4
Update named.ca
2018-04-05 16:38:16 +02:00
Petr Menšík
86ff90b834
Rebase to 9.11.3
...
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-03-21 17:59:41 +01:00
Petr Menšík
cb2172301b
Rebase to 9.11.3b1
...
Remove merged upstream patches
Signed-off-by: Petr Menšík <pemensik@redhat.com>
Update new so names
2018-02-17 09:29:59 +01:00
Petr Menšík
7556fb076a
Fix CVE-2017-3145, rebase to 9.11.2-P1
...
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-01-16 23:38:29 +01:00
Petr Menšík
5d8eb8cf1d
Update named.ca, move named.conf out of config archive
2017-08-16 22:47:09 +02:00
Petr Menšík
7584e54e6c
Update to 9.11.2
2017-08-14 12:17:30 +02:00
Petr Menšík
79d28ed32a
Update to 9.11.2b1
2017-08-08 17:14:41 +02:00
Petr Menšík
e42c700db9
Update to 9.11.1-P3
2017-07-10 10:21:43 +02:00
Petr Menšík
85d0fb613e
Update to 9.11.1-P2
2017-06-30 16:06:24 +02:00
Petr Menšík
08bdf0ebe6
Update to 9.11.1-P1
2017-06-15 17:19:36 +02:00
Petr Menšík
09e4b5788e
- Update to 9.11.0-P5
...
- Use BINDVERSION for upstream version
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-04-18 10:51:38 +02:00
Petr Menšík
bbe4229562
Update to 9.11.0-P3
2017-02-10 09:20:33 +01:00
Petr Menšík
f696d69809
Update to 9.11.0-P2
...
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-01-12 16:09:05 +01:00
Michal Ruprich
d886cd072d
Update to 9.11.0-P1
2016-11-16 08:46:09 +01:00
Petr Menšík
e94c66494e
Update to 9.10.4-P4
2016-11-08 16:31:48 +01:00
Tomas Hozza
27a8e54aa7
Update to 9.10.4-P3
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-09-29 10:23:55 +02:00
Michal Ruprich
02e0755d17
Update to 9.10.4-P2
...
Signed-off-by: Michal Ruprich <mruprich@redhat.com>
2016-07-20 13:51:14 +02:00
Tomas Hozza
3fed71e579
Update to 9.10.4-P1
2016-05-26 17:23:15 +02:00
Tomas Hozza
83466f11b9
Update to 9.10.3-P4 due to CVE-2016-1285 CVE-2016-1286 CVE-2016-2088
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-03-11 15:02:53 +01:00
Tomas Hozza
4f7493080f
Update to 9.10.3-P3 due to CVE-2015-8704 and CVE-2015-8705 ( #1300051 )
2016-01-21 09:51:24 +01:00
Tomas Hozza
1a8262dde0
Commented out bindkeys-file statement in default configuration (#1223365#c3)
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-01-06 14:46:32 +01:00
Tomas Hozza
703982aa78
Update to 9.10.3-P2
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-12-16 15:39:32 +01:00
Tomas Hozza
caf3603af7
Update to 9.10.3 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-09-17 16:17:35 +02:00
Tomas Hozza
a3771cee48
Update to 9.10.3rc1 ( #1259690 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-09-04 01:50:26 +02:00
Tomas Hozza
d6c0550f5c
Update to 9.10.2-P3 to fix CVE-2015-5477
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-07-29 10:53:07 +02:00
Tomas Hozza
1d29922e18
Update to 9.10.2-P2
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-07-09 12:13:13 +02:00
Tomas Hozza
5196f25446
Update to 9.10.2-P1
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-06-19 20:48:19 +02:00
Tomas Hozza
71f9fb4731
Utilize system-wide crypto-policies ( #1179925 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-05-22 19:09:39 +02:00
Tomas Hozza
c501776f39
Don't use ISC's DLV by default ( #1223365 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-05-22 17:45:37 +02:00
Tomas Hozza
be760938ec
update to 9.10.2 stable
...
- remove parallel-build patch after discussion with upstream [ISC-Bugs #38739 ]
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-03-05 13:01:25 +01:00
Tomas Hozza
f3967f6469
update to 9.10.2rc2
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-02-23 09:59:32 +01:00