buildroot/package/bind/bind.hash, branch 2016.11

bind: security bump to version 9.11.0-P1

2016-11-02T16:26:58+00:00

Fixes: CVE-2016-8864 - denial-of-service vector which can potentially be exploited against BIND 9 servers. Signed-off-by: Gustavo Zacarias [Thomas: fix hash URL in .hash file, noticed by Vicente.] Signed-off-by: Thomas Petazzoni

bind: bump version to 9.11.0

2016-10-15T09:46:33+00:00

- With the release of BIND 9.11.0, ISC is changing the open source license for BIND from the ISC license to the Mozilla Public License (MPL 2.0). See release notes: http://ftp.isc.org/isc/bind9/9.11.0/RELEASE-NOTES-bind-9.11.0.html - Explicitly enable/disable zlib support, otherwise the configure script will fail like this: checking for zlib library... yes checking for library containing deflate... no configure: error: found zlib include but not library. Signed-off-by: Vicente Olivert Riera Signed-off-by: Peter Korsgaard

bind: bump version to 9.10.4-P3

2016-09-28T11:39:18+00:00

Signed-off-by: Vicente Olivert Riera Signed-off-by: Peter Korsgaard

bind: bump version to 9.10.4-P2

2016-07-19T09:50:22+00:00

Security fixes: CVE-2016-2775 Signed-off-by: Vicente Olivert Riera Signed-off-by: Thomas Petazzoni

bind: security bump to version 9.10.4

2016-05-04T20:47:43+00:00

Fixes: CVE-2016-2088 - Duplicate EDNS COOKIE options in a response could trigger an assertion failure. Drop libressl support patch since it's upstream now. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

bind: security bump to version 9.10.3-P4

2016-03-10T19:49:52+00:00

Fixes: CVE-2016-1285 - An error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c CVE-2016-1286 - A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c CVE-2016-2088 - A response containing multiple DNS cookies causes servers with cookie support enabled to exit with an assertion failure. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

bind: security bump to version 9.10.3-P3

2016-01-26T22:05:40+00:00

Fixes: CVE-2015-8704 - apl_42.c in ISC BIND 9.x before 9.9.8-P3 and 9.9.x and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record. CVE-2015-8705 - buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

bind: bump to version 9.10.3-P2

2015-12-30T13:54:10+00:00

Leave the LTS series for the latest stable version for libressl compatibility. Unfortunately this means threads are now required, but this shouldn't be a problem for a fully-featured resolver. Drop 0001-disable-tests.patch since it's no longer required, genrandom isn't run unless the tests are called upon. Signed-off-by: Gustavo Zacarias Signed-off-by: Thomas Petazzoni

bind: security bump to version 9.9.8-P2

2015-12-17T21:48:46+00:00

Fixes: Named is potentially vulnerable to the OpenSSL vulnerabilty described in CVE-2015-3193. CVE-2015-8461 - Incorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. CVE-2015-8000 - Insufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. Signed-off-by: Gustavo Zacarias Signed-off-by: Thomas Petazzoni

bind: bump to version 9.9.8

2015-10-09T13:23:46+00:00

Signed-off-by: Gustavo Zacarias Reviewed-by: Vicente Olivert Riera Tested-by: Vicente Olivert Riera Signed-off-by: Thomas Petazzoni