Petr Menšík
69b861316f
Update to 9.11.11
...
- Interaction between DNS64 and RPZ No Data rule (CNAME *.) could
cause unexpected results; this has been fixed. [GL #1106 ]
- named-checkconf now checks DNS64 prefixes
to ensure bits 64-71 are zero. [GL #1159 ]
- named-checkconf could crash during configuration
if configured to use "geoip continent" ACLs with
legacy GeoIP. [GL #1163 ]
- named-checkconf now correctly reports missing
dnstap-output option when
dnstap is set. [GL #1136
- Handle ETIMEDOUT error on connect() with a non-blocking
socket. [GL #1133 ]
2019-09-25 21:24:23 +02:00
Petr Menšík
72f1dad845
Update to BIND 9.11.10
2019-08-27 21:39:46 +02:00
Petr Menšík
afa1fa2af7
Update to 9.11.9
2019-08-08 12:16:51 +02:00
Petr Menšík
16ecf0736f
Update to 9.11.8
...
Contains:
5244. [security] Fixed a race condition in dns_dispatch_getnext()
that could cause an assertion failure if a
significant number of incoming packets were
rejected. (CVE-2019-6471) [GL #942 ]
5241. [bug] Fix Ed448 private and public key ASN.1 prefix blobs.
[GL #225 ]
5237. [bug] Recurse to find the root server list with 'dig +trace'.
[GL #1028 ]
2019-07-02 11:10:03 +02:00
Petr Menšík
625ca235be
Update to BIND 9.11.7
...
Fixes trusted-keys and managed-keys using the same filename.
https://downloads.isc.org/isc/bind9/9.11.7/RELEASE-NOTES-bind-9.11.7.html
2019-06-10 10:41:28 +02:00
Petr Menšík
4b42a5c162
5200. [security] tcp-clients settings could be exceeded in some cases,
...
which could lead to exhaustion of file descriptors.
(CVE-2018-5743) [GL #615 ]
2019-05-02 14:49:56 +02:00
Petr Menšík
2aa49f0cec
Update to 9.11.6
...
Update lastest release, patches not yet adepted for it.
2019-03-05 14:35:50 +01:00
Petr Menšík
321554b987
Update to BIND 9.11.5-P4
...
Add also PGP signature as part of repository.
2019-02-22 19:40:00 +01:00
Petr Menšík
6fee3d63e9
Remove revoked KSK 19164 from trusted root keys
2019-02-15 19:50:20 +01:00
Petr Menšík
13f8f23ec5
Update to 9.11.5-P1
2019-01-28 00:47:11 +01:00
Petr Menšík
ad7b3b8f12
Update to 9.11.5
...
Bump to higher version, update sources.
More fixes to rebased BIND. Many patches are affected by stdbool change.
Update libraries so versions.
2018-11-05 18:12:29 +01:00
Petr Menšík
0b3ef49c00
Update to bind-9.11.4-P2
2018-09-20 11:38:06 +02:00
Petr Menšík
35334375ff
Update to 9.11.4-P1
...
- Fixes CVE-2018-5740
- Adds root key sentinel mechanism support
- incremental zone transfer limit to prevent journal corruption
- rndc reload memory leak
2018-08-09 13:13:02 +02:00
Petr Menšík
a38c250807
Update to 9.11.4
...
- Use more recent kyua, upstream bind now requires parallelism.
- Make global so version variables for libraries with multiple builds.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-07-13 14:14:38 +02:00
Petr Menšík
b8176e5eb4
Update named.ca
2018-04-05 16:38:16 +02:00
Petr Menšík
86ff90b834
Rebase to 9.11.3
...
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-03-21 17:59:41 +01:00
Petr Menšík
cb2172301b
Rebase to 9.11.3b1
...
Remove merged upstream patches
Signed-off-by: Petr Menšík <pemensik@redhat.com>
Update new so names
2018-02-17 09:29:59 +01:00
Petr Menšík
7556fb076a
Fix CVE-2017-3145, rebase to 9.11.2-P1
...
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-01-16 23:38:29 +01:00
Petr Menšík
5d8eb8cf1d
Update named.ca, move named.conf out of config archive
2017-08-16 22:47:09 +02:00
Petr Menšík
7584e54e6c
Update to 9.11.2
2017-08-14 12:17:30 +02:00
Petr Menšík
79d28ed32a
Update to 9.11.2b1
2017-08-08 17:14:41 +02:00
Petr Menšík
e42c700db9
Update to 9.11.1-P3
2017-07-10 10:21:43 +02:00
Petr Menšík
85d0fb613e
Update to 9.11.1-P2
2017-06-30 16:06:24 +02:00
Petr Menšík
08bdf0ebe6
Update to 9.11.1-P1
2017-06-15 17:19:36 +02:00
Petr Menšík
09e4b5788e
- Update to 9.11.0-P5
...
- Use BINDVERSION for upstream version
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-04-18 10:51:38 +02:00
Petr Menšík
bbe4229562
Update to 9.11.0-P3
2017-02-10 09:20:33 +01:00
Petr Menšík
f696d69809
Update to 9.11.0-P2
...
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-01-12 16:09:05 +01:00
Michal Ruprich
d886cd072d
Update to 9.11.0-P1
2016-11-16 08:46:09 +01:00
Petr Menšík
e94c66494e
Update to 9.10.4-P4
2016-11-08 16:31:48 +01:00
Tomas Hozza
27a8e54aa7
Update to 9.10.4-P3
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-09-29 10:23:55 +02:00
Michal Ruprich
02e0755d17
Update to 9.10.4-P2
...
Signed-off-by: Michal Ruprich <mruprich@redhat.com>
2016-07-20 13:51:14 +02:00
Tomas Hozza
3fed71e579
Update to 9.10.4-P1
2016-05-26 17:23:15 +02:00
Tomas Hozza
83466f11b9
Update to 9.10.3-P4 due to CVE-2016-1285 CVE-2016-1286 CVE-2016-2088
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-03-11 15:02:53 +01:00
Tomas Hozza
4f7493080f
Update to 9.10.3-P3 due to CVE-2015-8704 and CVE-2015-8705 ( #1300051 )
2016-01-21 09:51:24 +01:00
Tomas Hozza
1a8262dde0
Commented out bindkeys-file statement in default configuration (#1223365#c3)
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-01-06 14:46:32 +01:00
Tomas Hozza
703982aa78
Update to 9.10.3-P2
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-12-16 15:39:32 +01:00
Tomas Hozza
caf3603af7
Update to 9.10.3 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-09-17 16:17:35 +02:00
Tomas Hozza
a3771cee48
Update to 9.10.3rc1 ( #1259690 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-09-04 01:50:26 +02:00
Tomas Hozza
d6c0550f5c
Update to 9.10.2-P3 to fix CVE-2015-5477
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-07-29 10:53:07 +02:00
Tomas Hozza
1d29922e18
Update to 9.10.2-P2
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-07-09 12:13:13 +02:00
Tomas Hozza
5196f25446
Update to 9.10.2-P1
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-06-19 20:48:19 +02:00
Tomas Hozza
71f9fb4731
Utilize system-wide crypto-policies ( #1179925 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-05-22 19:09:39 +02:00
Tomas Hozza
c501776f39
Don't use ISC's DLV by default ( #1223365 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-05-22 17:45:37 +02:00
Tomas Hozza
be760938ec
update to 9.10.2 stable
...
- remove parallel-build patch after discussion with upstream [ISC-Bugs #38739 ]
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-03-05 13:01:25 +01:00
Tomas Hozza
f3967f6469
update to 9.10.2rc2
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-02-23 09:59:32 +01:00
Tomas Hozza
a1f249d671
Add the config-12.tar.bz2 to sources
...
Was removed by fedpkg new-sources
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-02-02 12:50:00 +01:00
Tomas Hozza
4e2098e221
update to 9.10.2rc1
...
- fix nsupdate server auto-detection (#1184151 )
- drop merged patch bind99-rh985918.patch
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-02-02 12:39:57 +01:00
Tomas Hozza
4fa9972d29
Update to 9.10.1-P1 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-01-14 12:47:51 +01:00
Tomas Hozza
460bee9b36
Update to 9.9.6-P1 (CVE-2014-8500)
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-12-09 19:01:49 +01:00
Tomas Hozza
b746061914
Update to 9.9.6
...
- drop merged patches and rebase some of existing patches
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-10-03 11:21:38 +02:00
Tomas Hozza
7809ef4347
Update to 9.9.5-P1
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-06-12 16:05:32 +02:00
Tomas Hozza
7ebf9a3e72
Update to 9.9.5 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-02-13 09:31:31 +01:00
Tomas Hozza
fb62390fbb
update to 9.9.5rc2
...
- merged patches dropped
- some patches rebased to the new version
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-01-24 13:08:12 +01:00
Tomas Hozza
abe4be5502
Update to bind-9.9.5b1
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-01-06 15:06:20 +01:00
Tomas Hozza
93a69bb161
Added session-keyfile statement into default named.conf since we use /run/named
...
Since we don't use default /var/run/named path for PID file, we should not
use it also for Dynamic DNS session key.
Therefore the following line was added into the named.conf:
session-keyfile "/run/named/session.key";
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-10-30 12:45:06 +01:00
Tomas Hozza
55d3302131
Update to bind-9.9.4 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-09-23 09:26:20 +02:00
Tomas Hozza
d010f7191d
update to bind-9.9.4rc2
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-09-09 12:35:04 +02:00
Tomas Hozza
65cc9d95ad
update to bind-9.9.4rc1
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-08-05 15:28:53 +02:00
Tomas Hozza
37d1c73624
update to bind-9.9.4b1
...
- drop merged RRL patch
- drop merged stat.h patch
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-07-15 13:58:12 +02:00
Tomas Hozza
0c054b2ac8
update to 9.9.3-P1 (fix for CVE-2013-3919)
...
- update RRL patch to 9.9.3-P1-rl.156.01
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-06-05 09:52:49 +02:00
Tomas Hozza
1bf060007d
update to 9.9.3
...
- install dns/update.h header
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-06-03 09:47:13 +02:00
Tomas Hozza
60039a5407
update to 9.9.3rc2
...
- part of bind97-exportlib.patch not needed any more
- bind-9.9.1-P2-multlib-conflict.patch modified to reflect latest source
- rl-9.9.3rc1.patch -> rl-9.9.3rc2.patch
- bind99-opts.patch merged
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-05-13 12:50:46 +02:00
Tomas Hozza
d0fda06135
Include recursion Warning in named.conf and named.conf.sample ( #740894 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-05-03 12:50:12 +02:00
Adam Tkac
c9b9417fb2
Update to 9.9.3rc1
...
- bind-96-libtool2.patch has been merged
- fix bind tmpfiles.d for named.pid /run migration (#920713 )
Signed-off-by: Adam Tkac <atkac@redhat.com>
2013-04-16 15:42:36 +02:00
Tomas Hozza
31f953d106
New upstream patch version fixing CVE-2013-2266 ( #928032 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-03-27 12:57:26 +01:00
Adam Tkac
2043f0c3c9
Move pidfile to /run/named/named.pid
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2013-03-19 16:03:18 +01:00
Tomas Hozza
619831eeff
Corrected IP addresses in named.ca ( #901741 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-01-28 16:12:15 +01:00
Tomas Hozza
e73262808d
update to bind-9.9.2-P1
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2012-12-05 09:30:24 +01:00
Adam Tkac
d6323c1def
Update to 9.9.2
...
- bind97-rh714049.patch has been dropped
- patches merged
- bind98-rh816164.patch
Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-10-11 13:34:19 +02:00
Adam Tkac
51e3f36892
Update to bind-9.9.1-P3
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-09-13 17:16:08 +02:00
Adam Tkac
06bfaa4fef
Update to 9.9.1-P2
...
Signed-off-by: Adam Tkac <vonsch@gmail.com>
2012-07-26 13:55:23 +02:00
Adam Tkac
cf5dc7323a
Update to 9.9.1-P1 (CVE-2012-1667)
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-06-04 15:59:21 +02:00
Adam Tkac
475645f00d
Update to 9.9.1
...
- bind99-coverity.patch merged
- bind-9.5-overflow.patch merged
Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-05-24 14:50:55 +02:00
Adam Tkac
dabddcf2c7
Update to 9.9.0
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-03-05 13:50:52 +01:00
Adam Tkac
124c3fc2f1
Update to 9.9.0rc2
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-02-01 12:22:27 +01:00
Adam Tkac
c7d6bc15c0
Update to 9.9.0rc1
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-01-12 11:31:27 +01:00
Adam Tkac
8e38086c4b
Update to 9.9.0b2 (CVE-2011-4313)
...
Patches merged
- bind97-rh700097.patch
- bind99-cinfo.patch
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-11-22 13:57:57 +01:00
Adam Tkac
928d804219
Upload 9.9.0b1 tarball.
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-11-14 11:11:50 +01:00
Adam Tkac
771823363d
Update to 9.8.1 and fix some bugs
...
- ship /etc/trusted-key.key (needed by dig)
- use select instead of epoll in export libs (#735103 )
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-09-07 19:09:25 +02:00
Adam Tkac
86c080f6b6
Rebase to 9.8.1rc1 and update patches.
...
bind97-cleanup.patch, bind97-rh674334.patch and bind98-includes.patch were
merged.
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-08-31 15:00:04 +02:00
Adam Tkac
796ae3f199
Update to 9.8.0-P4
...
- bind98-libdns-export.patch merged
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-07-05 21:00:37 +02:00
Adam Tkac
136022b9f3
Update to 9.8.0-P2 (CVE-2011-1910)
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-05-27 10:24:33 +02:00
Adam Tkac
a3e9bb8bda
Update to 9.8.0-P1 (CVE-2011-1907).
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-05-06 11:18:17 +02:00
Adam Tkac
8bf97dc309
Update to 9.8.0.
...
- bind97-rh665971.patch merged
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-03-03 13:36:09 +01:00
Adam Tkac
5bc2b4b996
Update to 9.8.0rc1.
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-02-21 17:34:54 +01:00
Adam Tkac
9dbbf53ecc
Update to 9.7.3 + minor fixes.
...
- fix dig +trace on dualstack systems (#674334 )
- fix linkage order when building on system with older BIND (#665971 )
- reduce number of gcc warnings
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-02-18 15:41:12 +01:00
Adam Tkac
2ccdf60e3a
Update to 9.7.3rc1.
...
- bind97-krb5-self.patch merged
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-01-25 11:18:27 +01:00
Adam Tkac
bd297885de
Update to 9.7.3b1.
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-01-05 14:05:48 +01:00
Adam Tkac
3afaba74d9
Update to 9.7.2-P3.
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2010-12-02 10:02:35 +01:00
Adam Tkac
5751312c59
Update to 9.7.2-P2.
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2010-09-29 09:43:30 +02:00
Adam Tkac
9e44db5563
Re-add config-8.tar.bz2 into sources.
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2010-09-16 11:24:53 +02:00
Adam Tkac
85ba863cb7
Update to 9.7.2.
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2010-09-16 10:59:29 +02:00
Adam Tkac
be7323a92d
Update to 9.7.2rc1.
...
Signed-off-by: Adam Tkac <atkac@redhat.com>
2010-08-27 10:48:01 +02:00
Adam Tkac
62ad4d6446
- update to 9.7.2b1
...
- patches merged
- bind97-rh507429.patch
2010-08-03 15:00:08 +02:00
Adam Tkac
f9d514a29a
- supply root zone DNSKEY in default configuration
2010-07-19 14:24:14 +00:00
Adam Tkac
0ebd48a0e0
- update to 9.7.1-P2 (CVE-2010-0213)
2010-07-19 07:46:45 +00:00
Adam Tkac
6f55351f41
- update to 9.7.1-P1
2010-07-09 10:51:48 +00:00
Adam Tkac
de6201fdf2
- update to 9.7.1
...
- improve the "dnssec-conf" trigger
2010-06-28 11:23:34 +00:00
Adam Tkac
24bc8d6871
- upload the 9.7.1rc1 tarball and update sources and .cvsignore files
...
appropriately
2010-06-09 10:32:54 +00:00
Adam Tkac
5a5b2a1167
- update to 9.7.1b1
...
- make /var/named/dynamic as a default directory for managed DNSSEC keys
- add patch to get "managed-keys-directory" option working
- patches merged
- bind97-managed-keyfile.patch
- bind97-rh554316.patch
2010-05-31 16:51:40 +00:00