Commit Graph

88 Commits

Author SHA1 Message Date
Petr Menšík
4b42a5c162 5200. [security] tcp-clients settings could be exceeded in some cases,
which could lead to exhaustion of file descriptors.
                        (CVE-2018-5743) [GL #615]
2019-05-02 14:49:56 +02:00
Petr Menšík
2aa49f0cec Update to 9.11.6
Update lastest release, patches not yet adepted for it.
2019-03-05 14:35:50 +01:00
Petr Menšík
321554b987 Update to BIND 9.11.5-P4
Add also PGP signature as part of repository.
2019-02-22 19:40:00 +01:00
Petr Menšík
6fee3d63e9 Remove revoked KSK 19164 from trusted root keys 2019-02-15 19:50:20 +01:00
Petr Menšík
13f8f23ec5 Update to 9.11.5-P1 2019-01-28 00:47:11 +01:00
Petr Menšík
ad7b3b8f12 Update to 9.11.5
Bump to higher version, update sources.

More fixes to rebased BIND. Many patches are affected by stdbool change.
Update libraries so versions.
2018-11-05 18:12:29 +01:00
Petr Menšík
0b3ef49c00 Update to bind-9.11.4-P2 2018-09-20 11:38:06 +02:00
Petr Menšík
35334375ff Update to 9.11.4-P1
- Fixes CVE-2018-5740
- Adds root key sentinel mechanism support
- incremental zone transfer limit to prevent journal corruption
- rndc reload memory leak
2018-08-09 13:13:02 +02:00
Petr Menšík
a38c250807 Update to 9.11.4
- Use more recent kyua, upstream bind now requires parallelism.
- Make global so version variables for libraries with multiple builds.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-07-13 14:14:38 +02:00
Petr Menšík
b8176e5eb4 Update named.ca 2018-04-05 16:38:16 +02:00
Petr Menšík
86ff90b834 Rebase to 9.11.3
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-03-21 17:59:41 +01:00
Petr Menšík
cb2172301b Rebase to 9.11.3b1
Remove merged upstream patches

Signed-off-by: Petr Menšík <pemensik@redhat.com>

Update new so names
2018-02-17 09:29:59 +01:00
Petr Menšík
7556fb076a Fix CVE-2017-3145, rebase to 9.11.2-P1
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2018-01-16 23:38:29 +01:00
Petr Menšík
5d8eb8cf1d Update named.ca, move named.conf out of config archive 2017-08-16 22:47:09 +02:00
Petr Menšík
7584e54e6c Update to 9.11.2 2017-08-14 12:17:30 +02:00
Petr Menšík
79d28ed32a Update to 9.11.2b1 2017-08-08 17:14:41 +02:00
Petr Menšík
e42c700db9 Update to 9.11.1-P3 2017-07-10 10:21:43 +02:00
Petr Menšík
85d0fb613e Update to 9.11.1-P2 2017-06-30 16:06:24 +02:00
Petr Menšík
08bdf0ebe6 Update to 9.11.1-P1 2017-06-15 17:19:36 +02:00
Petr Menšík
09e4b5788e - Update to 9.11.0-P5
- Use BINDVERSION for upstream version

Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-04-18 10:51:38 +02:00
Petr Menšík
bbe4229562 Update to 9.11.0-P3 2017-02-10 09:20:33 +01:00
Petr Menšík
f696d69809 Update to 9.11.0-P2
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-01-12 16:09:05 +01:00
Michal Ruprich
d886cd072d Update to 9.11.0-P1 2016-11-16 08:46:09 +01:00
Petr Menšík
e94c66494e Update to 9.10.4-P4 2016-11-08 16:31:48 +01:00
Tomas Hozza
27a8e54aa7 Update to 9.10.4-P3
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-09-29 10:23:55 +02:00
Michal Ruprich
02e0755d17 Update to 9.10.4-P2
Signed-off-by: Michal Ruprich <mruprich@redhat.com>
2016-07-20 13:51:14 +02:00
Tomas Hozza
3fed71e579 Update to 9.10.4-P1 2016-05-26 17:23:15 +02:00
Tomas Hozza
83466f11b9 Update to 9.10.3-P4 due to CVE-2016-1285 CVE-2016-1286 CVE-2016-2088
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-03-11 15:02:53 +01:00
Tomas Hozza
4f7493080f Update to 9.10.3-P3 due to CVE-2015-8704 and CVE-2015-8705 (#1300051) 2016-01-21 09:51:24 +01:00
Tomas Hozza
1a8262dde0 Commented out bindkeys-file statement in default configuration (#1223365#c3)
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2016-01-06 14:46:32 +01:00
Tomas Hozza
703982aa78 Update to 9.10.3-P2
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-12-16 15:39:32 +01:00
Tomas Hozza
caf3603af7 Update to 9.10.3 stable
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-09-17 16:17:35 +02:00
Tomas Hozza
a3771cee48 Update to 9.10.3rc1 (#1259690)
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-09-04 01:50:26 +02:00
Tomas Hozza
d6c0550f5c Update to 9.10.2-P3 to fix CVE-2015-5477
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-07-29 10:53:07 +02:00
Tomas Hozza
1d29922e18 Update to 9.10.2-P2
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-07-09 12:13:13 +02:00
Tomas Hozza
5196f25446 Update to 9.10.2-P1
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-06-19 20:48:19 +02:00
Tomas Hozza
71f9fb4731 Utilize system-wide crypto-policies (#1179925)
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-05-22 19:09:39 +02:00
Tomas Hozza
c501776f39 Don't use ISC's DLV by default (#1223365)
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-05-22 17:45:37 +02:00
Tomas Hozza
be760938ec update to 9.10.2 stable
- remove parallel-build patch after discussion with upstream [ISC-Bugs #38739]

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-03-05 13:01:25 +01:00
Tomas Hozza
f3967f6469 update to 9.10.2rc2
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-02-23 09:59:32 +01:00
Tomas Hozza
4e2098e221 update to 9.10.2rc1
- fix nsupdate server auto-detection (#1184151)
- drop merged patch bind99-rh985918.patch

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-02-02 12:39:57 +01:00
Tomas Hozza
4fa9972d29 Update to 9.10.1-P1 stable
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-01-14 12:47:51 +01:00
Tomas Hozza
460bee9b36 Update to 9.9.6-P1 (CVE-2014-8500)
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-12-09 19:01:49 +01:00
Tomas Hozza
b746061914 Update to 9.9.6
- drop merged patches and rebase some of existing patches

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-10-03 11:21:38 +02:00
Tomas Hozza
7809ef4347 Update to 9.9.5-P1
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-06-12 16:05:32 +02:00
Tomas Hozza
7ebf9a3e72 Update to 9.9.5 stable
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-02-13 09:31:31 +01:00
Tomas Hozza
fb62390fbb update to 9.9.5rc2
- merged patches dropped
- some patches rebased to the new version

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-01-24 13:08:12 +01:00
Tomas Hozza
abe4be5502 Update to bind-9.9.5b1
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-01-06 15:06:20 +01:00
Tomas Hozza
93a69bb161 Added session-keyfile statement into default named.conf since we use /run/named
Since we don't use default /var/run/named path for PID file, we should not
use it also for Dynamic DNS session key.

Therefore the following line was added into the named.conf:
session-keyfile "/run/named/session.key";

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-10-30 12:45:06 +01:00
Tomas Hozza
55d3302131 Update to bind-9.9.4 stable
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-09-23 09:26:20 +02:00