aboutsummaryrefslogtreecommitdiffstats
path: root/dns/bind96/distinfo
Commit message (Collapse)AuthorAgeFilesLines
* Update to 9.6-ESV-R8erwin2012-10-191-4/+4
| | | | Feature safe: yes
* Upgrade to the latest BIND patch level:erwin2012-10-101-4/+4
| | | | | | | A deliberately constructed combination of records could cause named to hang while populating the additional section of a response. Security: http://www.vuxml.org/freebsd/57a700f9-12c0-11e2-9f86-001d923933b6.html
* Upgrade to the latest BIND patch level:dougb2012-09-191-4/+4
| | | | | | | | | | | | | | | | | | | Prevents a crash when queried for a record whose RDATA exceeds 65535 bytes. Prevents a crash when validating caused by using "Bad cache" data before it has been initialized. ISC_QUEUE handling for recursive clients was updated to address a race condition that could cause a memory leak. This rarely occurred with UDP clients, but could be a significant problem for a server handling a steady rate of TCP queries. A condition has been corrected where improper handling of zero-length RDATA could cause undesirable behavior, including termination of the named process. For more information: https://kb.isc.org/article/AA-00788
* Heavy DNSSEC Validation Load Can Cause a "Bad Cache" Assertion Failuredougb2012-07-251-4/+4
| | | | | | | | | | | in BIND9 High numbers of queries with DNSSEC validation enabled can cause an assertion failure in named, caused by using a "bad cache" data structure before it has been initialized. CVE: CVE-2012-3817 Posting date: 24 July, 2012
* Upgrade to 9.6-ESV-R7-P1, 9.7.6-P1, 9.8.3-P1, and 9.9.1-P1, the latestdougb2012-06-051-4/+4
| | | | | | | | | | | | | | | | from ISC. These patched versions contain a critical bugfix: Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers may crash on restart after transferring a zone containing these records. Master servers may corrupt zone data if the zone option "auto-dnssec" is set to "maintain". Other unexpected problems that are not listed here may also be encountered. All BIND users are strongly encouraged to upgrade.
* Upgrade to BIND versions 9.9.1, 9.8.3, 9.7.6, and 9.6-ESV-R7,dougb2012-05-231-4/+4
| | | | | | | | | | | | | | | | | | | | the latest from ISC. These versions all contain the following: Feature Change * BIND now recognizes the TLSA resource record type, created to support IETF DANE (DNS-based Authentication of Named Entities) [RT #28989] Bug Fix * The locking strategy around the handling of iterative queries has been tuned to reduce unnecessary contention in a multi- threaded environment. Each version also contains other critical bug fixes. All BIND users are encouraged to upgrade to these latest versions.
* Update to version 9.6-ESV-R6, the latest from ISC, which contains numerous ↵dougb2012-04-051-4/+4
| | | | | | | | | | bug fixes. For the port, switch to using the PORTDOCS macro. Also, switch to the (identical) pkg-message in ../bind97 which was apparently missed when the other ports were converted. Feature safe: yes
* Upgrade to the latest security patch releases to address thedougb2011-11-171-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | following DDOS bug: Recursive name servers are failing with an assertion: INSIST(! dns_rdataset_isassociated(sigrdataset)) At this time it is not thought that authoritative-only servers are affected, but information about this bug is evolving rapidly. Because it may be possible to trigger this bug even on networks that do not allow untrusted users to access the recursive name servers (perhaps via specially crafted e-mail messages, and/or malicious web sites) it is recommended that ALL operators of recursive name servers upgrade immediately. For more information see: https://www.isc.org/software/bind/advisories/cve-2011-tbd which will be updated as more information becomes available. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313 Feature safe: yes
* Update to version 9.6-ESV-R5 which contains various bug fixesdougb2011-08-021-4/+4
| | | | | | and improvements: ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5/RELEASE-NOTES-BIND-9.6-ESV.html
* Update to versions 9.7.3-P3, and 9.6-ESV-R4-P3.dougb2011-07-061-4/+4
| | | | | | | | | | | | | | | | | | | | | | ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY This update addresses the following vulnerability: CVE-2011-2464 ============= Severity: High Exploitable: Remotely Description: A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 https://www.isc.org/software/bind/advisories/cve-2011-2464
* Upgrade to 9.6-ESV-R4-P1 and 9.7.3-P1, which address the following issues:dougb2011-05-281-4/+4
| | | | | | | | | | | | | | | | 1. Very large RRSIG RRsets included in a negative cache can trigger an assertion failure that will crash named (BIND 9 DNS) due to an off-by-one error in a buffer size check. This bug affects all resolving name servers, whether DNSSEC validation is enabled or not, on all BIND versions prior to today. There is a possibility of malicious exploitation of this bug by remote users. 2. Named could fail to validate zones listed in a DLV that validated insecure without using DLV and had DS records in the parent zone. Add a patch provided by ru@ and confirmed by ISC to fix a crash at shutdown time when a SIG(0) key is being used.
* Update to BIND 9.6.3, the latest from ISC on the 9.6 branch.dougb2011-02-051-4/+4
| | | | | | | | | | | | | | | | All 9.6 users with DNSSEC validation enabled should upgrade to this version, or the latest version in the 9.7 branch, prior to 2011-03-31 in order to avoid validation failures for names in .COM as described here: https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record In addition the fixes for this and other bugs, there are also the following: * Various fixes to kerberos support, including GSS-TSIG * Various fixes to avoid leaking memory, and to problems that could prevent a clean shutdown of named Feature safe: yes
* Update to version 9.6-ESV-R3, the latest from ISC, which addressesdougb2010-12-041-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the following security vulnerabilities. For more information regarding these issues please see: http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories 1. Cache incorrectly allows ncache and rrsig for the same type http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 Affects resolver operators whose servers are open to potential attackers. Triggering the bug will cause the server to crash. This bug applies even if you do not have DNSSEC enabled. 2. Using "allow-query" in the "options" or "view" statements to restrict access to authoritative zones has no effect. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 Affects authoritative server operators who wish to generally restrict queries to their authoritative zones, and are running 9.6.2-P2 or any version of 9.7.x. The bug will allow unauthorized end users to receive answers to queries they should not. For the port: 1. Add CONFLICT for the ../bind-tools port 2. Remove CONFLICT for the removed ../bind9 port 3. Remove OPTION for threads on < RELENG_7 4. Switch to pkg-install to create the symlinks to /etc/namedb/ as requested in [1] PR: ports/151635 [1] Submitted by: Benjamin Lee <ben@b1c1l1.com> [1]
* Update to 9.6-ESV-R2, the latest from ISC.dougb2010-10-311-6/+4
| | | | | | This version contains bug fixes that are relevant to any caching/resolving name server; as well as DNSSEC-related fixes.
* Update to the latest patch set from ISC, which addresses the following:dougb2010-05-201-6/+6
| | | | | Named could return SERVFAIL for negative responses from unsigned zones.
* Update to the latest patchfix releases to deal with the problemsdougb2010-03-171-6/+6
| | | | | | | | related to the handling of broken DNSSEC trust chains. This fix is only necessary for those who have DNSSEC validation enabled and configure trust anchors from third parties, either manually, or through a system like DLV.
* Upgrade to version 9.6.2. This version includes all previously releaseddougb2010-03-021-6/+6
| | | | | | | | | | security patches to the 9.6.1 version, as well as many other bug fixes. Due to the fact that the DNSSEC algorithm that will be used to sign the root zone is only included in this version and in 9.7.x those who wish to do validation MUST upgrade to one of these prior to July 2010. Feature safe: yes
* Upgrade to BIND 9.4.3-P5, 9.5.2-P2, and 9.6.1-P3. These versions addressdougb2010-01-251-6/+6
| | | | | | | | | | | | | | | | | | | | | the following vulnerabilities: BIND 9 Cache Update from Additional Section https://www.isc.org/advisories/CVE-2009-4022v6 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 A nameserver with DNSSEC validation enabled may incorrectly add unauthenticated records to its cache that are received during the resolution of a recursive client query BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses https://www.isc.org/advisories/CVE-2010-0097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 There was an error in the DNSSEC NSEC/NSEC3 validation code that could cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records proven by NSEC or NSEC3 to exist) to be cached as if they had validated correctly These issues only affect systems with DNSSEC validation enabled.
* Update to the latest patchlevels for BINDs 9.[456]. The vulnerabilitydougb2009-11-301-6/+6
| | | | | | | this is designed to fix is related to DNSSEC validation on a resolving name server that allows access to untrusted users. If your system does not fall into all 3 of these categories you do not need to update immediately.
* Update the hashes of the PGP signature files for the new releases.dougb2009-07-301-2/+2
| | | | | | | The previous signatures were derived from the wrong key. The new signatures all verify correctly. No changes to the hashes for the software itself.
* Update to patched versions which address a remote DoS vulnerability:dougb2009-07-291-6/+6
| | | | | | | | | | | | Receipt of a specially-crafted dynamic update message may cause BIND 9 servers to exit. This vulnerability affects all servers -- it is not limited to those that are configured to allow dynamic updates. Access controls will not provide an effective workaround. More details can be found here: https://www.isc.org/node/474 All BIND users are encouraged to update to a patched version ASAP.
* Update to version 9.6.1, the latest from ISC. This version containsdougb2009-06-191-6/+6
| | | | | | | numerous bug fixes and updates, especially in the DNSSEC code, including the new NSEC3 protocol. Full details are available at: http://oldwww.isc.org/sw/bind/view/?release=9.6.1&noframes=1
* Update to the -P1 versions of the current BIND ports which containdougb2009-01-081-6/+6
| | | | | | | | | | | | | | | | | | | | | | | the fix for the following vulnerability: https://www.isc.org/node/373 Description: Return values from OpenSSL library functions EVP_VerifyFinal() and DSA_do_verify() were not checked properly. Impact: It is theoretically possible to spoof answers returned from zones using the DNSKEY algorithms DSA (3) and NSEC3DSA (6). In short, if you're not using DNSSEC to verify signatures you have nothing to worry about. While I'm here, address the issues raised in the PR by adding a knob to disable building with OpenSSL altogether (which eliminates DNSSEC capability), and fix the configure arguments to better deal with the situation where the user has ssl bits in both the base and LOCALBASE. PR: ports/126297 Submitted by: Ronald F.Guilmette <rfg@tristatelogic.com>
* Update after repo-copy for BIND 9.6.0dougb2009-01-041-6/+6
|
* Upgrade to version 9.5.1 which includes numerous bug fixes and performancedougb2008-12-301-6/+6
| | | | | | | | | improvements, including, "Additional support for query port randomization including performance improvement and port range specification." When building on amd64 ports' configure doesn't properly recognize our arch, so help it along a bit. [1] Submitted by: ivan jr sy <ivan_jr@yahoo.com> [1]
* All -P2 versions now have PGP signatures with ISC's standarddougb2008-08-091-3/+3
| | | | | | | signing key. PR: ports/126389 (for bind9) Submitted by: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
* Update to patchlevel 2 for all versions:dougb2008-08-021-6/+6
| | | | | | | | | | - performance improvement over the P1 releases, namely + significantly remedying the port allocation issues + allowing TCP queries and zone transfers while issuing as many outstanding UDP queries as possible + additional security of port randomization at the same level as P1 - also includes fixes for several bugs in the 9.5.0 base code
* Upgrade to the -P1 versions of each port, which add stronger randomizationdougb2008-07-101-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | of the UDP query-source ports. The server will still use the same query port for the life of the process, so users for whom the issue of cache poisoning is highly significant may wish to periodically restart their server using /etc/rc.d/named restart, or other suitable method. In order to take advantage of this randomization users MUST have an appropriate firewall configuration to allow UDP queries to be sent and answers to be received on random ports; and users MUST NOT specify a port number using the query-source[-v6] option. The avoid-v[46]-udp-ports options exist for users who wish to eliminate certain port numbers from being chosen by named for this purpose. See the ARM Chatper 6 for more information. Also please note, this issue applies only to UDP query ports. A random ephemeral port is always chosen for TCP queries. This issue applies primarily to name servers whose main purpose is to resolve random queries (sometimes referred to as "caching" servers, or more properly as "resolving" servers), although even an "authoritative" name server will make some queries, primarily at startup time. This update addresses issues raised in: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 http://www.kb.cert.org/vuls/id/800113 http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience
* Update for 9.5.0dougb2008-07-031-6/+6
| | | | | | | | | | | | | | | | | | | | | Some of the important features of BIND 9 are: DNS Security: DNSSEC (signed zones), TSIG (signed DNS requests) IP version 6: Answers DNS queries on IPv6 sockets, IPv6 resource records (AAAA) Experimental IPv6 Resolver Library DNS Protocol Enhancements: IXFR, DDNS, Notify, EDNS0 Improved standards conformance Views: One server process can provide multiple "views" of the DNS namespace, e.g. an "inside" view to certain clients, and an "outside" view to others. Multiprocessor Support, including working threads in this version BIND 9.5 has a number of new features over previous versions, including: GSS-TSIG support (RFC 3645), DHCID support Experimental http server and statistics support for named via xml More detailed statistics counters, compatible with the ones supported in BIND 8 Faster ACL processing Efficient LRU cache cleaning mechanism. NSID support (RFC 5001).
* Update to BIND 9.4.2. Many bugs are fixed, please see the CHANGESdougb2007-12-021-6/+6
| | | | | | file for more details. Approved by: portmgr (erwin)
* Update to 9.4.1-P1, which has fixes for the following:dougb2007-07-251-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | 1. The default access control lists (acls) are not being correctly set. If not set anyone can make recursive queries and/or query the cache contents. See also: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 2. The DNS query id generation is vulnerable to cryptographic analysis which provides a 1 in 8 chance of guessing the next query id for 50% of the query ids. This can be used to perform cache poisoning by an attacker. This bug only affects outgoing queries, generated by BIND 9 to answer questions as a resolver, or when it is looking up data for internal uses, such as when sending NOTIFYs to slave name servers. All users are encouraged to upgrade. See also: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
* Update to version 9.4.1, a security update from ISC:dougb2007-05-011-6/+6
| | | | | | | | 2172. [bug] query_addsoa() was being called with a non zone db. [RT #16834] If you are running BIND 9.4.0 (either pre-release or final), you are advised to upgrade as soon as possible to BIND 9.4.1.
* Update to the release version of 9.4.0.dougb2007-02-261-6/+6
|
* Complete the update for bind94 after the repocopy, and hook it up.dougb2007-01-291-6/+6
|
* Upgrade to version 9.3.4, the latest from ISC, which addresses thedougb2007-01-251-6/+6
| | | | | | | | | | | | | | | | | | | | | | | following security issues. All users of BIND are encouraged to upgrade to this version. 2126. [security] Serialise validation of type ANY responses. [RT #16555] 2124. [security] It was possible to dereference a freed fetch context. [RT #16584] 2089. [security] Raise the minimum safe OpenSSL versions to OpenSSL 0.9.7l and OpenSSL 0.9.8d. Versions prior to these have known security flaws which are (potentially) exploitable in named. [RT #16391] 2088. [security] Change the default RSA exponent from 3 to 65537. [RT #16391] 2066. [security] Handle SIG queries gracefully. [RT #16300] 1941. [bug] ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642]
* Upgrade to version 9.3.3, the latest from ISC. This isdougb2006-12-101-6/+6
| | | | | | | | a maintenance release, with the usual round of bug and security fixes. All users of BIND 9 are encouraged to upgrade to this version.
* Update to version 9.3.2-P2, which addresses the vulnerabilitydougb2006-11-031-6/+6
| | | | | | | | | | | | | | | | | | | | | | announced by ISC dated 31 October (delivered via e-mail to the bind-announce@isc.org list today): Description: Because of OpenSSL's recently announced vulnerabilities (CAN-2006-4339, CVE-2006-2937 and CVE-2006-2940) which affect named, we are announcing this workaround and releasing patches. A proof of concept attack on OpenSSL has been demonstrated for CAN-2006-4339. OpenSSL is required to use DNSSEC with BIND. Fix for version 9.3.2-P1 and lower: Upgrade to BIND 9.2.3-P2, then generate new RSASHA1 and RSAMD5 keys for all old keys using the old default exponent and perform a key rollover to these new keys. These versions also change the default RSA exponent to be 65537 which is not vulnerable to the attacks described in CAN-2006-4339.
* Upgrade to version 9.3.2-P1, which addresses the following securitydougb2006-09-071-6/+6
| | | | | | | | | | | | | vulnerabilities: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en 2066. [security] Handle SIG queries gracefully. [RT #16300] http://www.kb.cert.org/vuls/id/697164 1941. [bug] ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] All users of BIND 9 are encouraged to upgrade to this version.
* Update to 9.3.2, the latest from ISCdougb2005-12-281-6/+6
|
* Add SHA256 checksums to my portsdougb2005-11-241-0/+2
|
* Upgrade to 9.3.1, the latest version from ISC. This version containsdougb2005-03-131-8/+4
| | | | | | | | | | | | | | | | | | several important fixes, including a remote (although unlikely) exploit. See the CHANGES file for details. All users of BIND 9 are highly encouraged to upgrade to this version. Changes to the port include: 1. Remove ISC patch to 9.3.0 that addressed the remote exploit 2. Change to OPTIONS, and thereby 3. --enable-threads is now the default. Users report that the new thread code in 9.3.x works significantly better than the old on all versions of FreeBSD. 4. Add a temporary shim for the old PORT_REPLACES_BASE_BIND9 option. The OPTIONS framework requires knobs to start with WITH_ or WITHOUT_ 5. Remove patch that shoehorned named.conf.5 into the right place, it has been fixed in the code.
* Include a patch from ISC to deal with the following vulnerability:dougb2005-01-291-0/+4
| | | | | | | | | | | | | | | | | | | | | | | Name: BIND: Self Check Failing [Added 2005.25.01] Versions affected: BIND 9.3.0 Severity: LOW Exploitable: Remotely Type: Denial of Service Description: An incorrect assumption in the validator (authvalidated) can result in a REQUIRE (internal consistancy) test failing and named exiting. Workarounds: Turn off dnssec validation (off by default) at the options/view level. dnssec-enable no; Active Exploits: None known Bump PORTREVISION accordingly. It should be noted that the vast majority of users would not have DNSSEC enabled, and therefore are not vulnerable to this bug.
* Update to BIND 9.3.0, the latest from ISC. This version has severaldougb2004-09-241-2/+4
| | | | | | | | | | | | | | | | significant updates, not the least of which is the new and improved DNSSEC code based on the latest standards (including DS). Various updates to the port, including: 1. Download the PGP signature 2. If running on ${OSVERSION} >= 503000, configure with threads 3. Update pkg-descr re IPv6 RRs 4. Update pkg-message to reflect a world with 6-current There is also a patch to correct a man page installation error. This problem should be fixed in the next release. Approved by: portmgr (marcus)
* Now that the SIZE thing has stabilized, add it to the ports I maintain.dougb2004-03-141-0/+1
|
* Upgrade to the 9.2.3 release versiondougb2003-10-251-1/+1
|
* Upgrade to version 9.2.3rc4.dougb2003-09-251-1/+1
| | | | | | | | The 9.2.3 code has many many bugs fixed from 9.2.2, check CHANGES for more information. The rc4 code has the delegation-only options. Check the ARM for information on how to enable it.
* * Update to version 9.2.2, the latest from ISC. This version contains nodougb2003-03-041-1/+1
| | | | | | | new features compared to 9.2.1, only bug fixes. Users of BIND 9 are highly encouraged to upgrade. * Switch to Makefile COMMENT
* Upgrade to 9.2.2rc1. This version has been available for several months, anddougb2003-01-261-1/+1
| | | | | | | | | is widely considered to be more stable than 9.2.1. I would have preferred a -REL version, but better is better. * Clean up the Makefile a little * Just say no to threads * Add the PORT_REPLACES_BASE magic, similar to the bind8 port
* Update to the latest release versiondougb2002-05-221-1/+1
|
* Upgrade to 9.2.1rc2, the latest from ISC. Numerous bugs were fixed,dougb2002-04-081-1/+1
| | | | see /usr/local/share/doc/bind9/CHANGES after installation for details.
* Upgrade to the latest release candidate, 9.2.1rc1. Numerous 9.x bugsdougb2002-03-171-1/+1
| | | | | | | | | | are fixed in this version, however BIND 9 is still recommended only for early adopters, and those that have time to closely monitor their name service. * Change PORTNAME to bind9 so that 'pkg_add -r bind' does the right thing * Use the local version of openssl, and disable threads on all but the most recent -current. Thread support is still considered experimental.
* Update port version to ISC's latest stable releasedougb2001-07-251-1/+1
|
* Upgrade to 9.1.3rc1, whose most significant change is a fix fordougb2001-05-281-1/+1
| | | | some IXFR problems.
* Upgrade to BIND 9.1.2-Release. There is no newe functionality, butdougb2001-05-091-1/+1
| | | | | it is highly recommended that all users of BIND 9 upgrade to this maintenance release.
* Update to the actual release version of 9.1.1. If you're usingdougb2001-04-031-1/+1
| | | | bind 9, upgrade to this version.
* Latest bug fixes, FOR GREAT JUSTICE !!dougb2001-03-271-1/+1
|
* Latest bug fixes and documentation updates.dougb2001-03-231-1/+1
|
* Latest bug fixes, no features added.dougb2001-03-191-1/+1
|
* Upgrade to ISC's latest. No new features, but a few useful bug fixes.dougb2001-03-111-1/+1
|
* Update to ISC's latestdougb2001-02-271-1/+1
|
* Latest update from ISC. Truly just bugfixes.dougb2001-02-131-1/+1
|
* Update to ISC's bug fix release. For those who wish to (or need to)dougb2001-02-081-1/+1
| | | | use BIND 9 this upgrade is highly recommended.
* Update to 9.1.0; replace Makefile.in patch with perl regex.will2001-01-211-1/+1
| | | | Requested by: Joong Hyun Kim <better@ns1.betterbox.net>
* Update to 9.0.1dougb2000-11-201-1/+1
| | | | | PR: ports/22941 Submitted by: Leif Neland, leifn@neland.dk
* Update to BIND version 9.0.0, now with better DNSSEC support among lotswill2000-10-291-0/+1
| | | | | | of other neat things like that. Sorry for the delay. Repo-copy by: asami
* Temporarily remove bind9, it is a repo-copy from bind8 not updated.asami2000-10-221-2/+0
| | | | | The history is safe, so just "cvs add" the files back when bind9 is ready to be committed.
* Upgrade to 8.2.2 patch 5jseger1999-11-151-3/+2
|
* Upgrade to bind-8.2.2.p3 + patch4. Fixes some security issues.jseger1999-11-121-2/+3
| | | | | Many people submitted patches for this one, and a combination of them were used.
* Upgrade to bind 8.2.1jseger1999-08-091-3/+2
| | | | | Submitted by: ust@cert.siemens.de PR: ports/12875
* Bring back bind8, even -CURRENT only has 8.1.2, this port is more up-to-date.billf1999-06-291-0/+3
| | | | Requested By: a bazillion people both on mailing lists and #FreeBSD.
* Nuke bind8, it's been in the base system for a while now.jseger1999-06-261-3/+0
|
* Use latest patches from ISC.jseger1999-06-011-0/+1
| | | | PR: ports/11784
* Upgrade to bind 8.2jseger1999-04-041-2/+2
| | | | | Submitted by: Brad Hendrickse <bradh@uunet.co.za> PR: ports/10861
* Upgrade to version 8.1.2.jseger1998-05-211-2/+2
| | | | Submitted by: Studded@dal.net
* Import of bind 8.1.1 port.jseger1997-11-261-0/+2
PR: ports/4118