rpms/bind
7
0
Fork 1
Code Issues Pull Requests Releases Activity
The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
76 Commits 7 Branches 59 Tags 5.5 MiB
C 52.8%
Roff 23.8%
Shell 23.2%
Makefile 0.2%
7d262e3039
Go to file
Petr Menšík 7d262e3039 Allow runtime customization of CVE-2024-1737 limits 
Do not introduce new options into configuration file. But if limits are
hit in unexpected way, allow tuning them by environment variables
DNS_RDATASET_MAX_RECORDS and DNS_RBTDB_MAX_RTYPES. They accept number of
maximum records of types. Both defaults to 100.

These replaces max-records-per-type and max-types-per-name in later
versions. But can be configured only by environment and can be
configured only globally, not in each view or zone.

Related: RHEL-49900
2024-08-27 22:32:21 +02:00
tests Merged update from upstream sources 2021-01-12 20:05:29 +00:00
.gitignore Update 9.16.23 2021-11-23 11:26:51 +01:00
bind93-rh490837.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind97-exportlib.patch RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
bind97-rh645544.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.5-dlz-64bit.patch RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
bind-9.5-PIE.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.9.1-P2-dlz-libdb.patch RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
bind-9.10-dist-native-pkcs11.patch Update to 9.16.16 2021-07-22 00:31:03 +02:00
bind-9.11-feature-test-named.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.11-fips-disable.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.11-fips-tests.patch Update to 9.16.13 2021-05-04 14:08:10 +02:00
bind-9.11-kyua-pkcs11.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.11-rh1666814.patch Remove merged changes and update changed patch 2021-11-23 11:27:00 +01:00
bind-9.11-tests-variants.patch Update to 9.16.16 2021-07-22 00:31:03 +02:00
bind-9.11.12.tar.gz.asc RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
bind-9.14-config-pkcs11.patch Update to 9.16.13 2021-05-04 14:08:10 +02:00
bind-9.14-json-c.patch Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.14.7.tar.gz.asc Merged update from upstream sources 2021-01-22 20:42:08 +00:00
bind-9.16-CVE-2021-25220-test.patch Add tests for forwarder cache poisoning scenarios 2022-04-11 18:07:08 +02:00
bind-9.16-CVE-2021-25220.patch Tighten cache protection against record from forwarders 2022-04-11 18:00:59 +02:00
bind-9.16-CVE-2022-0396.patch [CVE-2022-0396] Resolve #3112 TCP sockets stuck in CLOSE_WAIT 2022-03-25 21:03:37 +01:00
bind-9.16-CVE-2022-2795.patch Bound the amount of work performed for delegations 2022-10-04 19:52:37 +02:00
bind-9.16-CVE-2022-3080.patch Fix CVE-2022-3080 2022-09-22 22:14:55 +02:00
bind-9.16-CVE-2022-3094-1.patch Fix small differences to upstream patches 2023-02-25 03:10:37 +01:00
bind-9.16-CVE-2022-3094-2.patch Prevent flooding with UPDATE requests 2023-02-08 18:47:31 +01:00
bind-9.16-CVE-2022-3094-3.patch Prevent flooding with UPDATE requests 2023-02-08 18:47:31 +01:00
bind-9.16-CVE-2022-3094-test.patch Fix small differences to upstream patches 2023-02-25 03:10:37 +01:00
bind-9.16-CVE-2022-3736.patch Handle RRSIG queries when server-stale is active 2023-02-09 17:28:30 +01:00
bind-9.16-CVE-2022-3924.patch Fix crash when soft-quota is reached and serve-stale is active 2023-02-09 17:52:04 +01:00
bind-9.16-CVE-2022-38177.patch Fix CVE-2022-38177 2022-09-22 22:14:56 +02:00
bind-9.16-CVE-2022-38178.patch Fix CVE-2022-38178 2022-09-22 22:14:56 +02:00
bind-9.16-CVE-2023-2828.patch Fix CVE-2023-2828 2023-07-19 18:09:09 +02:00
bind-9.16-CVE-2023-2911-1.patch Fix CVE-2023-2911 2023-07-19 18:24:02 +02:00
bind-9.16-CVE-2023-2911-2.patch Fix CVE-2023-2911 2023-07-19 18:24:02 +02:00
bind-9.16-CVE-2023-2911-3.patch Fix CVE-2023-2911 2023-07-19 18:24:02 +02:00
bind-9.16-CVE-2023-3341.patch Fix CVE-2023-3341 2023-09-20 13:22:16 +02:00
bind-9.16-CVE-2023-4408-test1.patch Import tests for large DNS messages fix 2024-03-26 12:05:32 +01:00
bind-9.16-CVE-2023-4408-test2.patch Import tests for large DNS messages fix 2024-03-26 12:05:32 +01:00
bind-9.16-CVE-2023-4408.patch Prevent increased CPU load on large DNS messages 2024-03-26 12:05:22 +01:00
bind-9.16-CVE-2023-5517.patch Prevent assertion failure when nxdomain-redirect is used with 2024-03-26 12:05:32 +01:00
bind-9.16-CVE-2023-5679.patch Prevent assertion failure if DNS64 and serve-stale is used 2024-03-26 12:05:32 +01:00
bind-9.16-CVE-2023-6516-test.patch Stop crashes at masterformat system tests 2024-03-26 12:05:32 +01:00
bind-9.16-CVE-2023-6516.patch Specific recursive query patterns may lead to an out-of-memory condition 2024-03-26 12:05:32 +01:00
bind-9.16-CVE-2023-50387.patch Prevent increased CPU consumption in DNSSEC validator 2024-03-26 12:05:32 +01:00
bind-9.16-CVE-2024-1737-runtime-env.patch Allow runtime customization of CVE-2024-1737 limits 2024-08-27 22:32:21 +02:00
bind-9.16-CVE-2024-1737.patch Resolve CVE-2024-1737 2024-08-27 22:29:25 +02:00
bind-9.16-CVE-2024-1975.patch Resolve CVE-2024-1975 2024-08-27 22:27:20 +02:00
bind-9.16-isc_hp-additional.patch Increase size of hazard pointer array 2024-07-09 16:36:12 +02:00
bind-9.16-isc_hp-CVE-2023-50387.patch Downstream specific changes related to KeyTrap 2024-03-26 12:05:32 +01:00
bind-9.16-isc-mempool-attach.patch Add mctx attach/detach when creating/destroying a memory pool 2024-03-26 12:05:32 +01:00
bind-9.16-redhat_doc.patch Update to 9.16.13 2021-05-04 14:08:10 +02:00
bind-9.16-rh2101712.patch fixup! Have dns_zt_apply lock the zone table 2023-02-27 14:44:05 +01:00
bind-9.16-rh2133889.patch Add include to rwlocktype_t to dns/zt.h 2023-01-21 00:03:05 +01:00
bind-9.16-system-test-cds.patch Define variables used for test variants 2024-03-26 12:05:32 +01:00
bind-9.16-update-b.root-servers.net.patch Update addresses of b.root-servers.net 2023-12-07 15:20:38 +01:00
bind-9.18-CVE-2024-4076.patch Resolve CVE-2024-4076 2024-08-27 22:30:26 +02:00
bind.spec Allow runtime customization of CVE-2024-1737 limits 2024-08-27 22:32:21 +02:00
bind.tmpfiles.d RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
Changes.md Merged update from upstream sources 2021-01-22 20:42:08 +00:00
ci.fmf Merged update from upstream sources 2021-01-12 20:05:29 +00:00
codesign2021.txt Merged update from upstream sources 2021-01-22 20:42:08 +00:00
gating.yaml Update gating for RHEL9 2021-08-26 12:45:34 +02:00
generate-rndc-key.sh Merged update from upstream sources 2021-01-22 20:42:08 +00:00
ldap2zone.c RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
makefile-replace-libs.py RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named-chroot-setup.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named-chroot.files Propagate system emphemeral ports to chroot 2021-10-13 12:27:59 +02:00
named-chroot.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named-pkcs11.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named-setup-rndc.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.conf Merged update from upstream sources 2021-01-22 20:42:08 +00:00
named.conf.sample Merged update from upstream sources 2021-01-22 20:42:08 +00:00
named.empty RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.localhost RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.logrotate RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.loopback RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.rfc1912.zones RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.root Update addresses of b.root-servers.net 2023-12-07 15:20:38 +01:00
named.root.key Merged update from upstream sources 2021-01-22 20:42:08 +00:00
named.rwtab RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.service RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
named.sysconfig RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
README.md Merged update from upstream sources 2021-01-22 20:42:08 +00:00
setup-named-chroot.sh RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
setup-named-softhsm.sh RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
softhsm2.conf.in RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00
sources Update 9.16.23 2021-11-23 11:26:51 +01:00
trusted-key.key RHEL 9.0.0 Alpha bootstrap 2020-10-14 22:16:50 +02:00

README.md

BIND 9

BIND (Berkeley Internet Name Domain) is a complete, highly portable implementation of the DNS (Domain Name System) protocol.

Internet Systems Consortium (https://www.isc.org), a 501(c)(3) public benefit corporation dedicated to providing software and services in support of the Internet infrastructure, developed BIND 9 and is responsible for its ongoing maintenance and improvement.

More details about upstream project can be found on their gitlab. This repository contains only upstream sources and packaging instructions for Fedora Project.

Subpackages

The package contains several subpackages, some of them can be disabled on rebuild.

  • bind -- named daemon providing DNS server
  • bind-utils -- set of tools to analyse DNS responses or update entries (dig, host)
  • bind-doc -- documentation for current bind, BIND 9 Administrator Reference Manual.
  • bind-license -- Shared license for all packages but bind-export-libs.
  • bind-pkcs11 -- named daemon built with native PKCS#11 support. Can be disabled by --without PKCS11.
  • bind-libs and bind-libs-lite -- Shared libraries used by some others programs
  • bind-devel -- Development headers for libs.
  • bind-dlz-* -- Dynamic loadable DLZ plugins with support for external databases

Optional features

  • GSSTSIG -- Support for Kerberos authentication in BIND.
  • LMDB -- Support for dynamic database for managing runtime added zones. Provides faster removal of added zone with much less overhead. But requires lmdb linked to base libs.
  • DLZ -- Support for dynamic loaded modules providing support for features bind-sdb provides, but only small module is required.