| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
had both lines:
Author: ...
WWW: ....
So standardize on that, and move them to the end of the file when necessary.
Also fix some more whitespace, and remove more "signature tags" of varying
forms, like -- name, etc.
s/AUTHOR/Author/
A few other various formatting issues
|
|
|
|
|
|
|
|
| |
- Name
em@i.l
or variations thereof. While I'm here also fix some whitespace and other
formatting errors, including moving WWW: to the last line in the file.
|
|
|
|
|
|
|
|
| |
my ports in the past 3 weeks while ports were broken on any 10.x
machines, which means I'm unable to maintain them. So let people know
that there's no available support for them until things are back to
normal (which also means that anyone with spare time will be able
to fix them without getting approval).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to new upstream regression fix release 2.59:
Fix regression in 2.58 which caused failure to start up
with some combinations of dnsmasq config and IPv6 kernel
network config. Thanks to Brielle Bruns for the bug
report.
Improve dnsmasq's behaviour when network interfaces are
still doing duplicate address detection (DAD). Previously,
dnsmasq would wait up to 20 seconds at start-up for the
DAD state to terminate. This is broken for bridge
interfaces on recent Linux kernels, which don't start DAD
until the bridge comes up, and so can take arbitrary
time. The new behaviour lets dnsmasq poll for an arbitrary
time whilst providing service on other interfaces. Thanks
to Stephen Hemminger for pointing out the problem.
Note the 2.59.tar.lzma tarball causes the startup banner to print
2.59rc1 which I deem harmless.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
no one has stepped up to deal with:
archivers/pecl-phar Vulnerable since 2011-01-13
comms/libsyncml Depends on devel/libsoup22, which is FORBIDDEN
databases/mysql323-server Vulnerable since 2006-10-29
databases/mysql323-client Vulnerable since 2006-10-29
databases/mysql323-scripts Vulnerable since 2006-10-29
databases/mysql40-server Vulnerable since 2006-10-29
databases/mysql40-client Vulnerable since 2006-10-29
databases/mysql40-scripts Vulnerable since 2006-10-29
databases/p5-DBD-mysql40
Depends on databases/mysql40-server, which is FORBIDDEN
deskutils/buoh Depends on devel/libsoup22, which is FORBIDDEN
deskutils/libopensync-plugin-syncml
Depends on comms/libsyncml, which is DEPRECATED
devel/libsoup22 Vulnerable since 2011-07-28
dns/bind9-sdb-ldap Vulnerable since 2011-06-04
dns/bind9-sdb-postgresql Vulnerable since 2011-06-04
ftp/wgetpro Vulnerable since 2004-12-14
games/quake2forge Vulnerable since 2005-01-21
graphics/linux-tiff Vulnerable since 2004-10-13
japanese/mutt Vulnerable since 2007-07-29
japanese/asterisk14-sounds Depends on net/asterisk14, which is FORBIDDEN
net/asterisk14 Vulnerable since 2011-06-25
net/isc-dhcp31-client Vulnerable since 2011-04-10
net/isc-dhcp31-server Vulnerable since 2011-04-10
net/isc-dhcp31-relay Vulnerable since 2011-04-10
net/asterisk-app-ldap Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-app-notify Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-oh323
Depends on net/asterisk14, which is FORBIDDEN, does not compile on sparc64
net/asterisk14-addons Depends on net/asterisk14, which is FORBIDDEN
net/astfax Depends on net/asterisk14, which is FORBIDDEN
net-mgmt/nagios2 Vulnerable since 2009-06-30
www/gforge Vulnerable since 2005-08-09
www/linux-flashplugin7 Vulnerable since at least 2008-05-30
www/opera-devel Vulnerable since 2010-06-25, does not fetch
www/plone3 Vulnerable and unsupported upstream
www/serendipity-devel Vulnerable since 2008-04-25
www/ziproxy Vulnerable since 2010-06-15
www/asterisk-gui Depends on net/asterisk14, which is FORBIDDEN
x11-toolkits/linux-pango Vulnerable since 2009-05-13
|
|
|
|
|
|
|
| |
radns.c:164: error: redefinition of 'struct nd_opt_rdnss'
radns.c:177: error: redefinition of 'struct nd_opt_dnssl'
Reported by: pointyhat
|
| |
|
| |
|
|
|
|
|
|
|
| |
- Pet portlint(1)
PR: ports/161336
Submitted by: Simon Olofsson <simon@olofsson.de>
|
|
|
|
|
|
|
| |
- Fix up whitespace
PR: ports/161133
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This version of nsd is end of life since 2007 and unsupported.
See the details at http://nlnetlabs.nl/projects/nsd/nsd-v2.html.
The current version also contains a vulnerability. It is much
more sensible to move to a supported version (as available in
the port dns/nsd).
PR: ports/161122
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DEPRECATED without EXPIRATION_DATE, and the ports that depend
on them.
audio/mt-daapd
Use audio/firefly instead
databases/p5-DBIx-Class-Validation
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
devel/p5-Class-Data-Accessor
Please consider using p5-Class-Accessor-Grouped or p5-Moose
graphics/libflash
gplflash is no longer supported. Please use gnash instead
graphics/flashplayer
Depends on DEPRECATED graphics/libflash
japanese/p5-FormValidator-Simple-Plugin-Number-Phone-JP
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
net/p5-OAuth-Lite
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
net-mgmt/py-snmp
use net-mgmt/py-snmp4 instead
net-mgmt/py-twistedSNMP
Relies on net-mgmt/py-snmp, which is DEPRECATED
net-p2p/gift
unmaintained upstream for several years
net-p2p/giftcurs
unmaintained upstream for several years
net-p2p/giftoxic
unmaintained upstream for several years
net-p2p/giftui
unmaintained upstream for several years
net-p2p/apollon
Depends on net-p2p/gift, which is DEPRECATED
textproc/p5-FormValidator-Simple
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/flashplugin-mozilla
gplflash is no longer supported. Please use graphics/gnash, \
www/p5-HTML-Widget
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/p5-Catalyst-Plugin-AutoRestart
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/p5-Catalyst-Example-InstantCRUD
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/p5-Catalyst-Plugin-FormValidator-Simple
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
www/p5-Catalyst-Plugin-HTML-Widget
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/asterisk-fop
Depends on www/flashplugin-mozilla which is DEPRECATED
www/p5-Handel
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
www/p5-DBIx-Class-HTMLWidget
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/p5-HTML-Widget-DBIC
Disappear from CPAN
x11-wm/fvwm24
No longer supported by fvwm.org
|
|
|
|
|
|
|
|
|
|
|
|
| |
radns is an IPv6 DNS server address autoconfiguration client. It
listens for IPv6 Router Advertisements with the Recursive DNS Server
(RDNSS) and the DNS Search List (DNSSL) options and stores the search
list and address(es) in a file in the same syntax as resolv.conf(5).
WWW: http://hack.org/mc/hacks/radns/
PR: ports/159626
Submitted by: Michael Cardell Widerkrantz <mc@hack.org>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
2 weeks according to portaudit (ranging from 23 days to 7 years).
The maintainers were notified by mail that this action would be taken
on 2011-09-03. (Ports for which maintainers responded have been/will be
dealt with separately.)
Also mark DEPRECATED ports that rely on the FORBIDDEN ports, and a few
ports that rely on those DEPRECATED ports.
|
| |
|
|
|
|
|
|
| |
http://lists.freebsd.org/pipermail/cvs-all/2011-July/341217.html
Approved by: maintainer timeout (2 months)
|
|
|
|
|
|
|
|
|
| |
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead
PR: 157936
Submitted by: myself
Exp-runs by: pav
Approved by: pav
|
|
|
|
|
| |
PR: ports/160828
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
| |
Pointy hat to: vsevolod
|
|
|
|
| |
With hat: perl
|
| |
|
|
|
|
|
| |
PR: ports/159920
Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu> (maintainer)
|
|
|
|
|
| |
PR: 160677
Submitted by: sthalik@tehran.lain.pl
|
|
|
|
|
|
|
|
|
| |
postgresql.
WWW: https://www.isc.org/software/bind/
PR: ports/157752
Submitted by: Josh Carroll <josh.carroll@gmail.com>
|
|
|
|
|
|
|
|
| |
- Update files/pkg-message.in [1]
PR: ports/160441
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
Approved by: maintainer ([1] via mail)
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Net-Domain-TLD/Changes
|
|
|
|
|
|
|
| |
See http://wiki.freebsd.org/Perl for details.
- Change maintainership from ports@ to perl@ for ports in this changeset.
With perl@ hat
|
|
|
|
| |
Thank you for volunteering.
|
|
|
|
|
|
|
|
| |
- Update MASTER_SITES
- Add LICENSE
Reviewed by: lwhsu@
Approved by: jadawin@ (mentor)
|
|
|
|
|
| |
PR: ports/160344
Submitted by: Viktor Gal <wiking@maeth.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2011-09-01 deskutils/xopps: No more public distfiles
2011-09-01 devel/adocman: No more public distfiles
2011-09-01 devel/bisongen: No more public distfiles
2011-09-01 devel/crow: BROKEN for more than 6 month
2011-09-01 devel/p5-Config-INI-MVP: Disappear from CPAN
2011-09-01 devel/p5-Date-Set: Disappear from CPAN
2011-09-01 devel/p5-File-FTS: No more public distfiles
2011-09-01 devel/p5-PerlMenu: No more public distfiles
2011-09-01 devel/p5-Proc-PIDFile: No more public distfiles
2011-09-01 devel/p5-UNIVERSAL-exports: Disappear from CPAN
2011-09-01 devel/ruby-rbtree: No Master Site
2011-09-01 dns/host: No more public distfiles
2011-09-01 emulators/linux-padjoy: No more public distfiles
2011-09-01 emulators/mame-extras: No more public distfiles
2011-09-01 emulators/snespp: BROKEN for more than 6 month
2011-09-01 emulators/xgs: No more public distfiles
2011-09-01 ftp/gproftpd: No more public distfiles
2011-09-01 ftp/muddleftpd: No more public distfiles
|
|
|
|
|
|
|
|
| |
https://deepthought.isc.org/article/AA-00446/81/
or
/usr/local/share/doc/bind98/CHANGES
Remove the patch incorporated upstream, and add new include to plist.
|
| |
|
|
|
|
|
|
| |
Changes: http://thekelleys.org.uk/dnsmasq/CHANGELOG
Suggested by: Loic Pefferkorn.
|
|
|
|
| |
Approved by: bapt (mentor)
|
|
|
|
| |
Approved by: bapt (mentor)
|
|
|
|
|
|
|
|
|
| |
- Pass maintainership to submitter (thank you for volunteering)
- Add LICENSE
- Unbreak -- fix dependencies
PR: ports/158948
Submitted by: Jason Helfman <jhelfman@experts-exchange.com>
|
|
|
|
|
| |
PR: ports/159741
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
|
|
|
|
|
|
| |
mid 2008.
PR: ports/159624
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
|
|
|
|
|
|
|
| |
- Fixes compilation on systems that don't have math/gmp installed
PR: ports/159617
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
|
|
|
|
| |
PR: ports/159349
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
|
|
|
|
|
|
|
|
| |
- Make use of CPAN:USER macro
- Correct LICENSE (ART10 instead of ART20)
- Pet portlint(1) by reordering LICENSE section
PR: ports/159314
Submitted by: Jase Thew <freebsd@beardz.net> (maintainer)
|
|
|
|
| |
With hat: ruby@
|
|
|
|
|
| |
PR: ports/159394
Submitted by: ports@eitanadler.com
|
|
|
|
|
|
| |
- Add LICENSE (Artistic 1 & GPLv1)
Changes: http://search.cpan.org/dist/Net-DNS-Lite/Changes
|
| |
|
| |
|
|
|
|
| |
ftp://ftp.isc.org/isc/bind9/9.7.4/RELEASE-NOTES-BIND-9.7.4.html
|
| |
|
|
|
|
|
|
| |
and improvements:
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5/RELEASE-NOTES-BIND-9.6-ESV.html
|
| |
|
|
|
|
|
|
|
|
| |
Add LICENSE
PR: ports/159199
Submitted by: Rob Farmer <rfarmer@predatorlabs.net> (maintainer) [1]
Approved by: tabthorpe (mentor)
|
|
|
|
| |
2011-07-25 dns/dhid: Unmaintained, distfile has changed with no explanation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
remove support for them from bsd.java.mk. As Jikes is not available in Java 1.5
or higher, remove it from bsd.java.mk too (suggested by hq@) and from the ports
which used it (only occurences were USE_JIKES=no). Support for the Blackdown VM
is also removed, as it is not available in Java 1.5 and higher.
Also remove the mapping from Java 1.1-1.4 to Java 1.5+ in bsd.java.mk to detect
old, broken ports; therefore bump the minimal value of JAVA_VERSION to 1.5.
While here, replace static values of JAVA_VERSION in files/*.in by
%%JAVA_VERSION%% .
PR: ports/158969
Submitted by: rene
Tested on: pointyhat-west -exp
|
|
|
|
|
|
|
|
| |
- Stop clobbering config files on deinstall
PR: ports/157854
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com>
Approved by: rene (mentor, implicit), maintainer timeout (14 days)
|
|
|
|
|
|
|
| |
Problem pointed out in the PR
PR: conf/155006
Submitted by: Helmut Schneider <jumper99@gmx.de>
|
| |
|
|
|
|
| |
Approved by: wxs@ (mentor)
|
|
|
|
|
|
| |
PR: ports/158865
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Approved by: bapt (mentor)
|
|
|
|
|
| |
- Disable GOST by default
- Depend on dns/ldns
|
|
|
|
|
|
| |
PR: ports/158785
Submitted by: Hung-Yi Chen <gaod@hychen.org> (maintainer)
Approved by: bapt (mentor, implicit)
|
|
|
|
|
| |
PR: ports/156029
Approved by: rene (mentor, implicit), maintainer (linimon, in PR close message)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add SPF support
- Added rotation of name servers - SF Patch ID: 2795929.
- Address sourceforge patch requests 2981978, 2795932 to add revlookupall
and raise DNSError instead of IndexError on server fail.
- Use blocking IO with timeout for TCP replies.
- Don't try to close socket when never opened.
- Clarify CNRI (academic-style) license.
PR: ports/156029
Submited by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
|
|
|
|
|
|
| |
PR: ports/157597
Submitted by: crees (me)
Reviewed by: rene (mentor, implicit), maintainer timeout (sem, 34 days)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ALL BIND USERS ENCOURAGED TO UPGRADE IMMEDIATELY
This update addresses the following vulnerabilities:
CVE-2011-2464
=============
Severity: High
Exploitable: Remotely
Description:
A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code location
of the defect makes it impossible to protect BIND using ACLs configured
within named.conf or by disabling any features at compile-time or run-time.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
https://www.isc.org/software/bind/advisories/cve-2011-2464
CVE-2011-2465
=============
Severity: High
Exploitable: Remotely
Description:
A defect in the affected versions of BIND could cause the "named" process
to exit when queried, if the server has recursion enabled and was
configured with an RPZ zone containing certain types of records.
Specifically, these are any DNAME record and certain kinds of CNAME
records.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2465
https://www.isc.org/software/bind/advisories/cve-2011-2465
Additional changes in this version:
* If named is configured to be both authoritative and resursive and
receives a recursive query for a CNAME in a zone that it is
authoritative for, if that CNAME also points to a zone the server
is authoritative for, the recursive part of name will not follow
the CNAME change and the response will not be a complete CNAME
chain. [RT #24455]
Thus the patch for this bug has been removed from the port
* Using Response Policy Zone (RPZ) to query a wildcard CNAME label
with QUERY type SIG/RRSIG, it can cause named to crash. Fix is
query type independant. [RT #24715] [CVE-2011-1907]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY
This update addresses the following vulnerability:
CVE-2011-2464
=============
Severity: High
Exploitable: Remotely
Description:
A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code location
of the defect makes it impossible to protect BIND using ACLs configured
within named.conf or by disabling any features at compile-time or run-time.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
https://www.isc.org/software/bind/advisories/cve-2011-2464
|
|
|
|
|
| |
PR: ports/157601
Approved by: rene (mentor, implicit)
|
|
|
|
|
|
| |
PR: ports/157587
Submitted by: Chris Rees <utisoft@gmail.com>
Approved by: rene (mentor)
|
| |
|
|
|
|
|
| |
Add missing #include <string.h> in dns.c (adds files/patch-dns.c)
Fix obvious format string error in html.c (adds files/patch-html.c)
|
|
|
|
|
|
| |
PR: ports/157578
Submitted by: Chris Rees (utisoft@gmail.com)
Approved by: tabthorpe (co-mentor)
|
|
|
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Net-Amazon-Route53/Changes
PR: ports/158288
Submitted by: Jin-Sih Lin <linpct@gmail.com>
Approved by: Jui-Nan Lin <jnlin@csie.nctu.edu.tw> (maintainer)
|
|
|
|
|
|
|
|
|
| |
directly
Expires in one month
PR: ports/157603
Approved by: rene (mentor)
|
|
|
|
| |
- Save redirects s/http/https/ for github
|
|
|
|
|
| |
PR: ports/158180
Submitted by: Niclas Zeising <niclas.zeising@gmail.com>
|
|
|
|
|
|
|
|
| |
- Add LICENSE.
PR: ports/157675
Submitted by: Ryan Steinmetz <rpsfa@rit.edu>
Approved by: maintainer timeout
|
|
|
|
|
|
|
| |
See http://wiki.freebsd.org/Perl for details.
- Change maintainership from ports@ to perl@ for ports in this changeset.
- Remove MD5 checksum
- Utilize CPAN macro
|
|
|
|
|
|
| |
See http://wiki.freebsd.org/Perl for details.
- Change maintainership from ports@ to perl@ for ports in this changeset.
- Remove MD5 checksum
|
|
|
|
|
|
|
|
|
| |
OO interface and an extensible API
WWW: http://rubygems.org/gems/net-dns
PR: ports/158012
Submitted by: rpsfa at rit.edu
|
| |
|
| |
|
|
|
|
|
|
| |
While I am here, use GOOGLE_CODE instead of ${MASTER_SITE_GOOGLE_CODE}
Approved by: bapt (mentor)
|
|
|
|
|
|
| |
- Add build depend to silence build warning
Changes: http://search.cpan.org/dist/Net-Domain-ExpireDate/Changes
|
|
|
|
|
|
|
|
|
| |
implementation of applications for domain name checking.
WWW: http://search.cpan.org/dist/Net-DNS-Check/
PR: ports/157445
Submitted by: Ryan Steinmetz <rpsfa@rit.edu>
|
|
|
|
|
| |
PR: ports/157478
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
|
|
| |
Submitted by: Craig Leres <leres@ee.lbl.gov>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.
This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.
2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.
Add a patch provided by ru@ and confirmed by ISC to fix a crash at
shutdown time when a SIG(0) key is being used.
Add a patch from ISC that will be in 9.8.1 to handle intermittent
failure of recursive queries involving CNAMEs and previously cached
responses.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.
This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.
2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.
Add a patch provided by ru@ and confirmed by ISC to fix a crash at
shutdown time when a SIG(0) key is being used.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.
This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.
2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.
|
|
|
|
| |
* CVE-2011-1922 VU#531342 fixed
|
| |
|
|
|
|
| |
gracefully provided by danfe.
|
|
|
|
|
|
|
|
|
| |
blacklist for quick and non browser plugin based ad blocking.
WWW: http://opensource.conformal.com/wiki/Adsuck
PR: ports/156644
Submitted by: Philippe Pepiot <phil@philpep.org>
|
|
|
|
|
|
|
|
|
| |
Certain response policy zone configurations could trigger an INSIST
when receiving a query of type RRSIG.
https://www.isc.org/CVE-2011-1907
This vulnerability is only possible if you have enable the new RPZ feature.
|
| |
|
|
|
|
|
|
|
| |
- Add LICENSE
PR: ports/156804
Submitted by: Jase Thew <freebsd@beardz.net> (maintainer)
|
|
|
|
| |
- Bump PORTREVISION
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Net::Amazon::Route53 Perl module allows you to manage DNS
records for your domains via Amazon's Route 53 service.
For more information, visit http://aws.amazon.com/route53/
WWW: http://search.cpan.org/dist/Net-Amazon-Route53/
PR: ports/156611, ports/156661
Submitted by: Jui-Nan Lin <jnlin@csie.nctu.edu.tw>
|
| |
|
|
|
|
|
| |
PR: 156419
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
|
|
|
| |
- Improve ident for syslog messages to only show "maradns:" instead of "/usr/local/sbin/maradns:"
- Bump PORTREVISION
Submitted by: n j <nino80@gmail.com>
|
|
|
|
|
|
| |
PR: 156069
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
Approved by: maintainer
|
|
|
|
|
|
|
| |
discovery. This method of service discovery is branded as Bonjour by
Apple Computer.
WWW: http://search.cpan.org/dist/Net-Bonjour/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2011-04-01 accessibility/linux-f8-atk: End of Life since Jan 7, 2009
2011-04-01 archivers/linux-f8-ucl: End of Life since Jan 7, 2009
2011-04-01 archivers/linux-f8-upx: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-alsa-lib: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-arts: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-esound: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-freealut: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libaudiofile: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libogg: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libvorbis: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-mikmod: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-nas-libs: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-openal: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-sdl_mixer: End of Life since Jan 7, 2009
2011-04-01 databases/linux-f8-sqlite3: End of Life since Jan 7, 2009
2011-04-02 databases/postgresql81-server: EOL see http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql73-server: EOL see http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql74-server: EOL see http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql80-server: EOL see http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-01 devel/linux-f8-libglade: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-sdl12: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-allegro: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-libsigc++20: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-libglade2: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-nspr: End of Life since Jan 7, 2009
2011-04-01 dns/linux-f8-libidn: End of Life since Jan 7, 2009
2011-04-01 emulators/linux_base-f8: End of Life since Jan 7, 2009
2011-04-01 emulators/linux_base-f9: End of Life since Jul 10, 2009
2011-04-01 emulators/linux_base-fc6: End of Life since December 7, 2007
2011-04-01 emulators/linux_base-f7: End of Life since June 13, 2008
2011-04-01 ftp/linux-f8-curl: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-sdl_image: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-ungif: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-imlib: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-cairo: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-dri: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-gdk-pixbuf: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-jpeg: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-png: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-libGLU: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-libmng: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-png10: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-tiff: End of Life since Jan 7, 2009
2011-04-01 lang/linux-f8-libg2c: End of Life since Jan 7, 2009
2011-04-01 lang/linux-f8-tcl84: End of Life since Jan 7, 2009
2011-04-01 multimedia/linux-f8-libtheora: End of Life since Jan 7, 2009
2011-04-02 net-p2p/dcd: No fetch sources and looks like project abandoned
2011-03-31 net/straw: abandoned upstream and does not work with python 2.6+
2011-04-01 security/linux-f8-libssh2: End of Life since Jan 7, 2009
2011-04-01 security/linux-f8-nss: End of Life since Jan 7, 2009
2011-04-01 security/linux-f8-openssl: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-libxml2: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-scim-gtk: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-scim-libs: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-expat: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-libxml: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-aspell: End of Life since Jan 7, 2009
2011-04-01 www/linux-f8-flashplugin10: End of Life since Jan 7, 2009
2011-03-30 www/mediawiki112: abandoned upstream
2011-03-30 www/mediawiki113: abandoned upstream
2011-03-30 www/mediawiki114: abandoned upstream
2011-03-30 www/mediawiki16: abandoned upstream
2011-04-01 x11-fonts/linux-f8-fontconfig: End of Life since Jan 7, 2009
2011-03-01 x11-themes/gnome-icons-cool-gorilla: "no mastersite"
2011-04-01 x11-themes/linux-f8-hicolor-icon-theme: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-gtk: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-gtk2: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-openmotif: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-pango: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-qt33: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-tk84: End of Life since Jan 7, 2009
2011-04-01 x11/linux-f8-xorg-libs: End of Life since Jan 7, 2009
|
|
|
|
| |
Appoved by maintainer via mail
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bugfixes:
Do setusercontext before chroot, otherwise login.conf etc. are required inside chroot.
Bugfix #216: Fix leak of compressiontable when the domain table increases in size.
Bugfix #348: Don't include header/library path if OpenSSL is in /usr.
Bugfix #350: Refused notifies should log client ip.
Bugfix #352: Fix hard coded paths in man pages.
Bugfix #354: The realclean target deletes a bit too much.
Bugfix #357, make xfrd quit with many zones.
Bugfix #362: outgoing-interface and v4 vs. v6 leads to spurious warning messages.
Bugfix #363: nsd-checkconf -v does not print outgoing-interface ok.
Bugfix: nsd-checkconf -o outgoing-interface omits NOKEY.
Undo Bugfix #235: Don't skip dname compression, messes up packets that do need compression.
PR: ports/155785
Submitted by: Jaap Akkerhuis <jaap _at_ nlnetlabs.nl> (maintainer)
|
|
|
|
|
|
|
| |
interface list [1]
PR: 155974 [1]
Submitted by: David Naylor <naylor.b.david@gmail.com> [1]
|
|
|
|
| |
Reported by: pointyhat
|
| |
|
|
|
|
|
| |
PR: ports/155889
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
| |
|
| |
|
|
|
|
| |
Submitted by: "Wessels, Duane" <dwessels@verisign.com>
|
|
|
|
| |
Reported by: pointyhat (pav)
|
|
|
|
|
|
|
| |
- Add LICENSE information (GPLv2)
PR: ports/155191 [1]
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru> [1]
|
| |
|
| |
|
| |
|
|
|
|
| |
Approved by: jadawin@ (mentor)
|
|
|
|
|
| |
PR: 155630
Submitted by: maintainer
|
|
|
|
|
| |
PR: ports/155613
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
| |
while here remove md5
|
| |
|
| |
|
|
|
|
|
| |
PR: ports/153499
Submitted by: Hung-Yi Chen <gaod@hychen.org> (maintainer)
|
|
|
|
|
|
|
|
| |
- fix error with undefined variables on some services. This is upstream ticket #2:
http://sourceforge.net/apps/trac/ddclient/ticket/2
PR: ports/155486
Submitted by: Rob Farmer (maintainer)
|
|
|
|
| |
Submitted by: rfarmer@predatorlabs.net (new maintainer, via email)
|
|
|
|
|
|
|
| |
- Drop MD5
PR: ports/155424 [1]
Submitted by: Radek Kozlowski <radek@raadradd.com> (previous maintainer) [1]
|
|
|
|
| |
PR: 155351
|
|
|
|
|
|
|
|
|
|
| |
and it's the first publicly released forwarding implementation
that implements the DNSCurve protocol.
WWW: http://curvedns.on2it.net/
PR: ports/153881
Submitted by: Leo Vandewoestijne <freebsd at dns-lab.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New features versus previous release candidates include:
* There is a new option in dig, +onesoa, that allows the final SOA
record in an AXFR response to be suppressed. [RT #20929
* There is additional information displayed in the recursing log
(qtype, qclass, qid and whether we are following the original
name). [RT #22043]
* Added option 'resolver-query-timeout' in named.conf (max query
timeout in seconds) to set a different value than the default (30
seconds). A value of 0 means 'use the compiled in default';
anything longer than 30 will be silently set to 30. [RT #22852]
* For Mac OS X, you can now have the test interfaces used during
"make test" stay beyond reboot. See bin/tests/system/README for
details.
There are also numerous bug fixes and enhancements. See
http://ftp.isc.org/isc/bind9/9.8.0/RELEASE-NOTES-BIND-9.8.html
for more information.
|
|
|
|
|
|
|
|
|
| |
ports. All of them are End of Life (no security updates) since a loooong time.
As they are not the default, I decided to go with a short expiration date (one
month). The maintainer of the few ports which depend upon the f8 infrastructure
is informed to take action (update to the default f10 infrastructure, or to
deprecate).
|
|
|
|
| |
resolver.
|
| |
|
|
|
|
| |
Reminded by: miwi
|
|
|
|
| |
- While here kick md5 support
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Start before named, to unbreak named_wait if /etc/resolv.conf points
to dnsmasq (when named is the resolver that dnsmasq forwards to).
Is also more robust/maintenance friendly if other scripts depend on "named".
- Track if the configuration has changed since start, and upgrade reload
to restart by default in that case (can be disabled with
dnsmasq_restart="NO" in /etc/rc.conf[.local]), to work around dnsmasq
shortcoming
- Add a "logstats" action to the rcscript, and document it.
- Document the "reload" action and the new dnsmasq_restart variable.
- Properly quote variable expansions.
- Enhance pkg-message to point to the rcfile for feature documentation.
- Bump PORTREVISION to 2.
|
|
|
|
|
|
|
| |
- depend on named, in case dnsmasq uses named as resolver
- start before ntpdate and rpcbase (which require named).
Bump PORTREVISION.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove support for FreeBSD releases 6.X.
Allow build with IDN but without NLS (this requires that dns/libidn
is also built WITHOUT_NLS) to expose an upstream change. Useful for embedded
devices.
Warn user if this is requested but libidn needs NLS libraries
because in that case dnsmasq inherits the NLS dependencies from libidn.
Remove files/patch-aa, it was a preview patch from a 2.57 test release,
fixing a regression in 2.56 that caused hex constants to be rejected in
the configuratino if they contained the '*' wildcard.
Further upstream changes:
- use own header for DNS protocol, rather than using arpa/nameser.h
- correct ctype.h function argument casts (isdigit(), isxdigit(), etc.)
- Accept extra empty arguments on command line to avoid libvirt breakage.
|
|
|
|
|
|
| |
PR: 154535
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
Approved by: maintainer
|
| |
|
| |
|
|
|
|
| |
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2011q1/004750.html
|
|
|
|
|
|
|
| |
Replace uni-paderborn.de master site by MASTER_SITE_LOCAL.
Add LICENSE=GPLv2.
Changelog:
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
|
|
|
|
|
|
|
|
|
|
|
| |
* The ADB hash table stores informations about which authoritative
servers to query about particular domains. Previous versions of
BIND had the hash table size as a fixed value. On a busy recursive
server, this could lead to hash table collisions in the ADB cache,
resulting in degraded response time to queries. Bind 9.8 now has a
dynamically scalable ADB hash table, which helps a busy server to
avoid hash table collisions and maintain a consistent query
response time.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Zones may be dynamically added and removed with the "rndc addzone"
and "rndc delzone" commands. These dynamically added zones are
written to a per-view configuration file. Do not rely on the
configuration file name nor contents as this will change in a
future release. This is an experimental feature at this time.
* A new command "rndc secroots" was added to dump a combined summary
of the currently managed keys combined with statically configured
trust anchors.
* Added support to load new keys into managed zones without signing
immediately with "rndc loadkeys". Added support to link keys with
"dnssec-keygen -S" and "dnssec-settime -S".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All 9.6 users with DNSSEC validation enabled should upgrade to this
version, or the latest version in the 9.7 branch, prior to 2011-03-31 in
order to avoid validation failures for names in .COM as described here:
https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record
In addition the fixes for this and other bugs, there are also the following:
* Various fixes to kerberos support, including GSS-TSIG
* Various fixes to avoid leaking memory, and to problems that could prevent
a clean shutdown of named
Feature safe: yes
|
|
|
|
|
|
|
|
| |
- Remove MD5 checksum
Submitted by: n j <nino80 at gmail dot com>
Security: 8015600f-2c80-11e0-9cc1-00163e5bf4f9
Feature safe: yes
|
|
|
|
|
|
|
|
|
| |
2011-01-24 dns/staticcharge: abandoned by author
2011-01-21 shells/bash3-static: Use shells/bash or shells/bash-static instead
shells/bash3 is still used by devel/quilt
Feature safe: yes
|
|
|
|
|
|
| |
PR: ports/154269
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
|
|
|
|
|
|
| |
PR: ports/154264
Submitted by: Jaap Akkerhuis <jaap@nlnetlabs.nl> (maintainer)
Feature safe: yes
|
|
|
|
|
|
| |
PR: ports/154268
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the following new features:
* BIND now supports a new zone type, static-stub. This allows the
administrator of a recursive nameserver to force queries for a
particular zone to go to IP addresses of the administrator's choosing,
on a per zone basis, both globally or per view.
* BIND now supports Response Policy Zones, a way of expressing
"reputation" in real time via specially constructed DNS zones. See the
draft specification here:
http://ftp.isc.org/isc/dnsrpz/isc-tn-2010-1.txt
* Dynamically Loadable Zones (DLZ) now support dynamic updates.
Contributed by Andrew Tridgell of the Samba Project.
* Added a "dlopen" DLZ driver, allowing the creation of external DLZ
drivers that can be loaded as shared objects at runtime rather than
having to be linked with named at compile time. Currently this is
switched on via a compile-time option, "configure --with-dlz-dlopen".
Note: the syntax for configuring DLZ zones is likely to be refined in
future releases. Contributed by Andrew Tridgell of the Samba Project.
* numerous GSS-TSIG improvements
* There is a new update-policy match type "external". This allows
named to decide whether to allow a dynamic update by checking with an
external daemon. Contributed by Andrew Tridgell of the Samba Project.
* many other improvements
Feature safe: yes
|
|
|
|
|
|
| |
PR: ports/154026
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
|
|
|
|
|
| |
PR: 153737
Submitted by: Mahlon E. Smith
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Data-Validate-Domain/Changes
|
|
|
|
|
|
|
| |
Changes: http://dns.measurement-factory.com/tools/dnstop/src/CHANGES
PR: ports/153806
Submitted by: Mark Foster <mark AT foster.cc> (maintainer)
Approved by: sahil@/wen@ (mentors, implicit)
|
|
|
|
| |
https://lists.isc.org/pipermail/bind-users/2011-January/082285.html
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2010-12-30 databases/p5-sqlrelay: broken and upstream disapeared
2010-12-30 devel/php-dbg2: No upstream support
2010-12-30 dns/fourcdns: upstream has disapeared
2010-12-31 emulators/win4bsd: Development has ceased and distfile is no longer available
2010-12-31 french/mozilla-flp: www/seamonkey port is deprecated. Consider using the www/firefox-i18n.
2010-12-31 french/xtel: Minitel services will be discontinued at the end of 2010.
2010-12-30 ftp/ftpq: upstream has disapeared
2010-12-30 graphics/paintlib: does not compile with new tiff and no more maintained upstream
2010-12-30 graphics/g3dviewer: does not build with gcc 4.2, upstream disapeared
2010-12-30 lang/scriba: Does not compile with gcc 4.2+, looks like abandonware
2010-12-30 math/rascal: Broken on every arch since 2008, looks like an abandonware
2010-12-31 net-mgmt/nrg: Project has vanished. Use cacti instead.
2010-12-31 security/hostsentry: Project is dead.
2010-12-31 sysutils/kcube: Project has vanished
2010-12-31 www/cybercalendar: has been unmaintained since 2001 and is unusable with dates after 2010 (see ports/150974)
2010-12-31 www/flock: Flock 3 moves from Firefox to Chromium
2010-12-31 www/linux-flock: Flock 3 moves from Firefox to Chromium
2010-12-30 x11-clocks/xtu: Looks like abandonware
Leave java/tya in for now, as it has outstanding PRs.
|
|
|
|
|
|
|
| |
PR: ports/153292
Submitted by: myself (pgollucci)
Tested by: -exp run by pav
Approved by: portmgr (pav)
|
| |
|
|
|
|
|
|
| |
timeouts.
Hat: portmgr
|
|
|
|
|
|
| |
PR: ports/153446
Submitted by: Hung-Yi Chen <gaod at hychen.org> (maintainer)
Approved by: sahil@/wen@ (mentors, implicit)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- patch includes fix for PR ports/153165
port dns/ldns fails to build with config (EXAMPLES=on and GOST=off)
- bump PORTREVISION
PR: ports/153228 ports/153165
Submitted by: Jaap Akkerhuis <jaap _at_ NLnetLabs.nl> (new maintainer)
Approved by: Konstantin Saurbier <konstantin _at_ saurbier.net> (old maintainer)
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
DEPRECATED= Past EOL
EXPIRATION_DATE= 2011-01-01
While I'm here, update CONFLICTS for bind98.
|
|
|
|
|
|
|
| |
DEPRECATED= Reaches EOL May 2011
EXPIRATION_DATE= 2011-04-30
While I'm here update CONFLICTS for bind98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
with DNS64. Once 9.8.0 is released officially the -devel tag will be
removed.
BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND
architecture. Some of the important features of BIND 9 are:
DNS Security: DNSSEC (signed zones), TSIG (signed DNS requests)
IP version 6: Answers DNS queries on IPv6 sockets, IPv6 resource records (AAAA)
Experimental IPv6 Resolver Library
DNS Protocol Enhancements: IXFR, DDNS, Notify, EDNS0
Improved standards conformance
Views: One server process can provide multiple "views" of the DNS namespace,
e.g. an "inside" view to certain clients, and an "outside" view to others.
Multiprocessor Support
BIND 9.8 includes a number of changes from BIND 9.7 and earlier releases,
including:
Preliminary DNS64 support (AAAA synthesis only initially)
See the CHANGES file for more information on features.
WWW: https://www.isc.org/software/bind
|
|
|
|
|
|
| |
PR: ports/153192
Submitted by: Jaap Akkerhuis <jaap at NLnetLabs.nl>
Approved by: sahil@/wen@ (mentors, implicit)
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
- Bump PORTREVISION
- Remove MD5 checksum from distinfo
PR: ports/152542
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
|
|
|
| |
PR: ports/152578
Submitted by: Jaap Akkerhuis (jaap@NLnetLabs.nl)
Approved by: Konstantin Saurbier (konstantin@saurbier.net) (maintainer)
itetcu (mentor) (implicit)
|
|
|
|
| |
is apparently having some trouble with email.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the following security vulnerability.
For more information regarding these issues please see:
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
Key algorithm rollover
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614
Affects resolver operators who are validating with DNSSEC,
and querying zones which are in a key rollover period.
The bug will cause answers to incorrectly be marked as insecure.
For the port:
1. Add CONFLICT for the ../bind-tools port
2. Remove CONFLICT for the removed ../bind9 port
3. Remove OPTION for threads on < RELENG_7
4. Remove MD5 from distinfo
5. Switch to pkg-install to create the symlinks to /etc/namedb/ as
requested in [1]
PR: ports/151635 [1]
Submitted by: Benjamin Lee <ben@b1c1l1.com> [1]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the following security vulnerabilities.
For more information regarding these issues please see:
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
1. Cache incorrectly allows ncache and rrsig for the same type
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613
Affects resolver operators whose servers are open to potential
attackers. Triggering the bug will cause the server to crash.
This bug applies even if you do not have DNSSEC enabled.
2. Using "allow-query" in the "options" or "view" statements to
restrict access to authoritative zones has no effect.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615
Affects authoritative server operators who wish to generally
restrict queries to their authoritative zones, and are running
9.6.2-P2 or any version of 9.7.x. The bug will allow unauthorized
end users to receive answers to queries they should not.
For the port:
1. Add CONFLICT for the ../bind-tools port
2. Remove CONFLICT for the removed ../bind9 port
3. Remove OPTION for threads on < RELENG_7
4. Switch to pkg-install to create the symlinks to /etc/namedb/ as
requested in [1]
PR: ports/151635 [1]
Submitted by: Benjamin Lee <ben@b1c1l1.com> [1]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Add CONFLICT for the ../bind-tools port
2. Remove CONFLICT for the removed ../bind9 port
3. Remove OPTION for threads on < RELENG_7
4. Remove MD5 from distinfo
5. Switch to pkg-install to create the symlinks to /etc/namedb/ as
requested in [1]
PR: ports/151635 [1]
Submitted by: Benjamin Lee <ben@b1c1l1.com> [1]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the following security vulnerabilities.
For more information regarding these issues please see:
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
1. Cache incorrectly allows ncache and rrsig for the same type
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613
Affects resolver operators whose servers are open to potential
attackers. Triggering the bug will cause the server to crash.
This bug applies even if you do not have DNSSEC enabled.
2. Using "allow-query" in the "options" or "view" statements to
restrict access to authoritative zones has no effect.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615
Affects authoritative server operators who wish to generally
restrict queries to their authoritative zones, and are running
9.6.2-P2 or any version of 9.7.x. The bug will allow unauthorized
end users to receive answers to queries they should not.
3. Key algorithm rollover
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614
Affects resolver operators who have 9.7.2-P2 installed,
are validating with DNSSEC, and querying zones which are
in a key rollover period. The bug will cause answers to
incorrectly be marked as insecure.
For the port:
1. Add CONFLICT for the ../bind-tools port
2. Switch to pkg-install to create the symlinks to /etc/namedb/ as
requested in [1]
PR: ports/151635 [1]
Submitted by: Benjamin Lee <ben@b1c1l1.com> [1]
|
| |
|
|
|
|
|
|
|
|
| |
Remove CONFLICTS for the now-removed BIND 9.3
Remove OPTION for threads on < RELENG_7
Remove MD5 from distinfo
|
|
|
|
| |
of the long-EOL and now-removed one. :)
|
|
|
|
| |
EOL of RELENG_6.
|
|
|
|
|
|
|
|
|
|
|
| |
References:
- ports/150525
- http://www.robtex.com/dns/netleader.com.au.html
- http://www.robtex.com/dns/downtools.com.au.html
PR: ports/152392
Submitted by: Jarrod Sayers <jarrod@downtools.com.au>
Approved by: Jarrod Sayers <jarrod@netleader.com.au> (maintainer)
|
|
|
|
|
|
|
|
|
| |
with support for timeouts.
WWW: http://search.cpan.org/dist/Net-DNS-Lite/
PR: ports/152591
Submitted by: Gea-Suan Lin <gslin at gslin.org>
|
|
|
|
|
|
|
| |
PR: ports/152138
Submitted by: Gea-Suan Lin <gslin@gslin.org>
Approved by: maintainer timeout (clsung ; 15 days)
Changes: http://search.cpan.org/dist/Net-Domain-ExpireDate/Changes
|
|
|
|
|
|
|
|
|
| |
- while here remove MD5 entry
bump port revision
PR: ports/152565
Submitted by: eli <elij.mx _at_ gmail.com>
Approved by: Jaap Akkerhuis <jaap _at_ nlnetlabs.nl>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- support reload command
- use nsdc cli has command and let it perform the actual start,stop,... of the daemon
- at start check if the database exists if not built it (this prevent the daemon to fail at starting)
- remove the now userless sleep in stop command
bump portrevision
PR: ports/152331
Submitted by: Philippe Pepiot <phil _at_ philpep.org>
Approved by: Jaap Akkerhuis <jaap _at_ NLnetLabs.nl> (maintainer)
|
|
|
|
|
| |
With Hat: ruby@
Sponsored by: RideCharge Inc. / TaxiMagic
|
|
|
|
|
| |
* It uses GOST by default and depends on port's openssl 1.0.0
(may be turned off by an option).
|
| |
|
|
|
|
|
|
| |
This version contains bug fixes that are relevant to any
caching/resolving name server; as well as DNSSEC-related
fixes.
|
|
|
|
|
|
| |
ports (ports@) that are broken and which seems abandonned upstream and
are broken for long or only build on 6.x which will be unsupported at that
time
|
| |
|
|
|
|
|
| |
PR: ports/151787
Submitted by: Chris St Denis <chris@ctgameinfo.com> (maintainer)
|
|
|
|
|
|
|
|
|
|
| |
using PHP5 objects, exceptions for error handling, better sockets support.
This release is (in most cases) 2x - 10x faster than Net_DNS, as well as
includes more RR's (including DNSSEC RR's), and improved sockets and streams
support.
WWW: http://pear.php.net/package/Net_DNS2/
|
| |
|
| |
|
|
|
|
| |
EXPIRATION_DATE= 2010-11-30
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
- Reset maintainer:
<rscheckelhoff@fourcalorieservers.com>: host fwd1.hosts.co.uk[85.233.160.23]
said: 550 Administrative prohibition (in reply to RCPT TO command)
|
|
|
|
|
| |
PR: 150981
Submitted by: Sten Spans <sten@blinkenlights.nl> (maintainer)
|
|
|
|
| |
Approved by: beat (co-mentor, implicit)
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
so standarize and remove it
With Hat: perl@
|
|
|
|
| |
With Hat: perl@
|
|
|
|
| |
Approved by: pgollucci (mentor)
|
|
|
|
|
| |
With Hat: ruby@
Sponsored by: RideCharge Inc. / TaxiMagic
|
|
|
|
| |
Explicitly depend on p5-Digest-SHA only if PERL_LEVEL < 501000
|
|
|
|
|
| |
Approved by: portmgr (for Mk/bsd.port.mk part)
Tested by: Multiple -exp runs
|
| |
|
|
|
|
|
| |
PR: ports/150487
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
|
| |
PR: 150439
Submitted by: skreuzer
|
| |
|
|
|
|
|
|
| |
PR: ports/143265
Submitted by: Hung-Yi Chen <gaod@hychen.org>
Approved by: maintainer timeout (krion ; 219 days)
|
|
|
|
|
| |
PR: ports/150248
Submitted by: Jaap Akkerhuis <japp@nlnetlabs.nl> (maintainer)
|
|
|
|
|
|
|
|
|
| |
- Add GHOST option
- While here add license
PR: ports/149975
Submitted by: Jaap Akkerhuis <jaap _at_ NLnetLabs.nl>
Approved by: Konstantin Saurbier <konstantin _at_ saurbier.net> (maintainer)
|
|
|
|
|
|
|
|
|
|
|
|
| |
hopefully also understand the workings of the Domain Name System. When used to
check an domain (aka zone) is submitted to DNSCheck, it will investigate the
general health by performing various tests and sanity checks.
WWW: http://dnscheck.iis.se/
PR: ports/148370
Submitted by: dnscheckengine-port at academ.com (Stan Barber)
Approved by: tabthorpe (mentor)
|
|
|
|
|
|
| |
PR: ports/147396
Reported by: myself (pgollucci)
Submitted by: "Zane C.B." <vvelox@vvelox.net> (maintainer)
|
|
|
|
|
| |
PR: ports/149971
With Hat: ruby@
|
|
|
|
|
| |
Approved by: wen
With Hat: ruby
|
|
|
|
|
|
| |
PR: ports/149784
Submitted by: lwhsu
Approved by: Neal Nelson <neal AT nelson.name> (maintainer)
|
|
|
|
|
|
|
|
| |
- Submitter is now maintainer
- Remove useless patch file
PR: ports/149529
Submitted by: Sofian Brabez <sbrabez _AT_ gmail.com>
|
|
|
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Net-Domain-ExpireDate/Changes
PR: ports/147614
Submitted by: pgollucci (myself)
Approved by: maintainer timeout (clsung; > 2.5 months)
|
| |
|
|
|
|
|
| |
PR: ports/149656
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
|
|
|
|
|
|
| |
- connect to license framework
- add special patch from glarkin to ensure daemon detach from tty,
change some printf to use the warning function instead.
PR: 148586
Submitted by: Chris Howey <howeyc _at_ gmail.com>
Approved by: maintainer, glarkin (mentor)
|
|
|
|
|
|
| |
PR: 148887
Submitted by: Ruben van Staveren <ruben@verweg.com>
Approved by: maitainer
|
|
|
|
|
| |
PR: ports/148309
Submitted by: Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
|
|
|
|
| |
Approved by: miwi (mentor)
|