| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
PR: 179592
Submitted by: Ports Fury
|
|
|
|
|
|
|
|
|
|
| |
- Improve COMMENT and pkg-descr
- Remove obsolete knob NO_INSTALL_MANPAGES
- NOPORTDOCS -> PORT_OPTIONS:MDOCS
PR: ports/178979
Submitted by: Kevin Zheng <kevinz5000@gmail.com>
Approved by: maintainer (timeout)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Update to 1.3.0r1 [1]
- Drop port.pre.mk in favor of port.options.mk
- Unmute install commands
Changes:
https://gitweb.labs.nic.cz/?p=knot.git;a=blob_plain;f=NEWS;hb=b83f1e9f
PR: ports/179428 [1]
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
Approved by: culot / jpaetzel (mentors, implicit)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Rename to sysutils/liburcu (according to upstream)
- Update MOVED
- Remove userspace-rcu from sysutils/Makefile
- Add liburcu to sysutils/Makefile
- Update dns/knot LIB_DEPENDS dependency
While I'm here:
- Update to 0.7.6
- Add CONFIGURE_ARGS for correct --docdir
- Add regression-test: target
- Update COMMENT
- Re-order USE_* section
- pkg-descr: Tab->space in WWW:
- Update WWW: URL
Changes:
2013-01-09 Userspace RCU 0.7.6
* Discourage use of pthread_atfork() for call_rcu handlers
* Fix call_rcu fork handling
* test: fork handling
* Fix TLS detection: test with linker, add --disable-compiler-tls
* Cleanup: cast pthread_self() return value to unsigned long
* Fallback mechanism not working on platform where TLS is unsupported
PR: ports/179358
Approved by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security Fixes
Prevents exploitation of a runtime_check which can crash named
when satisfying a recursive query for particular malformed zones.
(CVE-2013-3919) [RT #33690]
Now supports NAPTR regular expression validation on all platforms,
and avoids memory exhaustion compiling pathological regular
expressions. (CVE-2013-2266) [RT #32688]
Prevents named from aborting with a require assertion failure
on servers with DNS64 enabled. These crashes might occur as a
result of specific queries that are received. (CVE-2012-5688)
[RT #30792 / #30996]
Prevents an assertion failure in named when RPZ and DNS64 are
used together. (CVE-2012-5689) [RT #32141]
See release notes for further features and bug fixes:
https://kb.isc.org/article/AA-00970/0/BIND-9.9.3-P1-Extended-Support-Version-Release-Notes.html
Security: CVE-2013-3919
CVE-2013-2266
CVE-2012-5688
CVE-2012-5689
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security Fixes
Prevents exploitation of a runtime_check which can crash named
when satisfying a recursive query for particular malformed zones.
(CVE-2013-3919) [RT #33690]
A deliberately constructed combination of records could cause
named to hang while populating the additional section of a
response. (CVE-2012-5166) [RT #31090]
Now supports NAPTR regular expression validation on all platforms,
and avoids memory exhaustion compiling pathological regular
expressions. (CVE-2013-2266) [RT #32688]
Prevents named from aborting with a require assertion failure
on servers with DNS64 enabled. These crashes might occur as a
result of specific queries that are received. (CVE-2012-5688)
[RT #30792 / #30996]
Prevents an assertion failure in named when RPZ and DNS64 are
used together. (CVE-2012-5689) [RT #32141]
See release notes for further features and bug fixes:
https://kb.isc.org/article/AA-00969/0/BIND-9.8.5-P1-Release-Notes.html
Security: CVE-2013-3919
CVE-2012-5166
CVE-2013-2266
CVE-2012-5688
CVE-2012-5689
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security Fixes
Prevents exploitation of a runtime_check which can crash named
when satisfying a recursive query for particular malformed zones.
(CVE-2013-3919) [RT #33690]
Prevents a named assert (crash) when validating caused by using
"Bad cache" data before it has been initialized. [CVE-2012-3817]
[RT #30025]
A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process. [CVE-2012-1667] [RT #29644]
See release notes for further features and bug fixes:
https://kb.isc.org/article/AA-00968/0/BIND-9.6-ESV-R9-P1-Release-Notes.html
Security: CVE-2013-3919
CVE-2012-3817
CVE-2012-1667
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Better SOFTHSM option description
- Fix build of AUDITOR option with ruby 1.9
Changes: http://www.opendnssec.org/2013/05/16/opendnssec-1-3-14/
PR: ports/178860 [1]
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Approved by: culot (mentor)
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add PORTDOCS
- Install extra migration files
- Preserve 1.3.x as dns/opendnssec13
Changes: https://wiki.opendnssec.org/display/DOCS/New+in+OpenDNSSEC+1.4
PR: ports/178861 [1]
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> [1]
Approved by: culot (mentor), maintainer
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- address the issue raised by Bob Harold. RRL on recursive servers
applies rate limits after waiting for recursion except on
sub-domains of domains for which the server is authoritative.
- fix the bug reported by Roy Arends in which "slipped" NXDOMAIN
responses had rcode values of 0 (NoError) instead of 3 (NXDOMAIN).
- move reports of RRL drop and slip actions from the "queries"
log category to the "query-errors" category. Because they are not
in the "queres" category, enabling or disabling query logging no
longer affects them.
|
|
|
|
|
| |
PR: ports/178750
Submitted by: Rodrigo (ros) OSORIO <rodrigo@bebik.net> (maintainer)
|
| |
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Mozilla-PublicSuffix/Changes
|
|
|
|
| |
third-party patch and makes the version number go "backwards".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog is here:
http://doc.powerdns.com/html/changelog.html#changelog-recursor-3.5.1
Also pet the Makefile:
- Change ${LOCALBASE} to ${PREFIX} where applicable
- Fix overwrite of recursor.conf by changing to bsd.port.pre/post.mk (and
thus fixing ${PREFIX})
PR: ports/178340
Submitted by: Ralf van der Enden <tremere@cainites.net>
Approved by: Sten Spans <sten@blinkenlights.nl> (maintainer)
|
|
|
|
|
| |
PR: ports/178541
Submitted by: Rodrigo (ros) OSORIO <rodrigo@bebik.net> (maintainer)
|
|
|
|
|
| |
This fixes 'pretty-print-config' not including the CRYPTOPP
option in its output.
|
|
|
|
| |
Approved by: culot (mentor)
|
| |
|
|
|
|
| |
- Trim header
|
|
|
|
|
|
|
|
|
|
|
| |
- define license (CNRI)
- limit python version to 2.x only (print/except)
- convert to optionsng (DOCS case)
- clean-up pkg-descr
- bump PORTREVISION because of license file addition
PR: 177794 (based on)
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
|
|
|
|
| |
- Trim header
|
|
|
|
| |
Submitted by: Alexander Yerenkow <yerenkow@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for domain name registries/registrars/resellers
what Perl DBI is for databases.
Net::DRI offers a uniform API to access services.
It can be used by registrars to access registries.
It can be used by clients to access registrars and/or resellers.
It can be used by anonyone to do whois, DAS or IRIS DCHK queries.
WWW: http://search.cpan.org/dist/Net-DRI/
PR: ports/178298
Submitted by: Mark Felder <feld@feld.me>
|
|
|
|
|
| |
PR: 178200
Submitted by: Rodrigo (ros) OSORIO <rodrigo@bebik.net> (maintainer)
|
|
|
|
|
| |
Note: Upstream did not provide any changelog, but this update adds
support for the TLSA DNS record type.
|
|
|
|
|
|
|
| |
- Trim Makefile's header
- Pet portlint(1) by replacing tab by space in WWW link
Changes: http://search.cpan.org/dist/Net-DNS-ToolKit/Changes
|
| |
|
|
|
|
|
|
| |
While here:
- trim headers
- convert to new options framework
|
|
|
|
|
| |
PR: ports/178218
Submitted by: Jan Beich <jbeich at tormail.org>
|
|
|
|
|
| |
PR: ports/178192
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
|
|
|
|
|
|
|
| |
- Trim Makefile's header
- Pet portlint(1) by using space instead of tab in WWW link
Changes: http://search.cpan.org/dist/Net-DNS-Lite/Changes
|
|
|
|
|
|
| |
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig while here
Reviewed by: bapt, kwm
|
|
|
|
|
|
|
| |
While here:
- Trim headers
- Remove some useless pre.mk/post.mk
- Convert to optionsng
|
|
|
|
| |
Approved by: portmgr (bapt)
|
|
|
|
|
| |
PR: 177910
Submitted by: Ports Fury
|
|
|
|
| |
Approved by: portmgr (bapt)
|
|
|
|
|
|
|
|
|
| |
This is done in a similar manner as the old bind-tools, but uses bind99
instead of bind97 as master port.
Change bind99 to facilitate the bind-tools slave, in a simlar way as was
done for bind97.
Approved by: erwin (maintainer)
|
|
|
|
| |
Changes: http://search.cpan.org/dist/POE-Component-Server-DNS/Changes
|
|
|
|
|
|
| |
connections.
It is needed for the latest version of dns/p5-POE-Component-Server-DNS.
|
| |
|
|
|
|
|
| |
2013-04-12 dns/bind97-sdb: No longer supported by ISC, use Bind 9.8 or 9.9
2013-04-12 dns/bind-tools: No longer supported by ISC, use Bind 9.8 or 9.9
|
| |
|
|
|
|
|
| |
port and not include the one from the deprecated bind97 port, which is
to be removed.
|
|
|
|
|
| |
ports and not include the one from the deprecated bind97 port, which is
to be removed.
|
| |
|
|
|
|
|
|
| |
PR: 177981
Submitted by: maintainer
Feature safe: yes
|
|
|
|
|
|
|
|
| |
- Convert tab to space in pkg-descr
PR: ports/177975
Submitted by: Danilo Egea Gondolfo <danilogondolfo@gmail.com> (maintainer)
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
|
|
|
|
| |
New DHCPv6 stuff, ability to act as authoritative server for local data.
Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The change makes "slip 1;" send only truncated (TC=1) responses.
Without the change, "slip 1;" is the same as the default of "slip 2;".
That default, which alternates truncated with dropped responses
when the rate limit is exceeded, is better for authoritative DNS
servers, because it further reduces the amplification of an attack
from about 1X to about 0.5X.
DNS RRL is not recommended for recursive servers.
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
| |
leases file for IPv6 records. The closest evidence to a changelog is
the mailing list message at
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2013q2/007028.html
(and a few prior messages in that same thread).
PR: ports/177788
Approved by: portmgr (bdrewery)
|
|
|
|
| |
source is on a different filesystem.
|
|
|
|
|
| |
- Fix COMMENT
- Trim header
|
|
|
|
| |
Most contributors copy an existing port when writing their own so reduce the number of bad examples in the tree.
|
|
|
|
|
|
| |
- While here trim header
Reported by: pointyhat
|
|
|
|
|
|
|
|
|
| |
Removed the check for regex.h in configure in order
to disable regex syntax checking, as it exposes
BIND to a critical flaw in libregex on some
platforms. [RT #32688]
Security: CVE-2013-2266
|
|
|
|
|
|
|
|
|
| |
Removed the check for regex.h in configure in order
to disable regex syntax checking, as it exposes
BIND to a critical flaw in libregex on some
platforms. [RT #32688]
Security: CVE-2013-2266
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
console/service/daemon dynamic DNS client.
It gives the possibility to have your own fixed hostname registered on the
internet, although your IP might be changing. It checks periodically whether
the IP address stored by the DNS server is the real current IP address of the
machine that is running it.
WWW: http://sourceforge.net/projects/inadyn-mt/
PR: ports/177149
Submitted by: William Grzybowski <william88@gmail.com>
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Tie-DNS/Changes
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Net-Domain-ExpireDate/Changes
|
|
|
|
| |
Approved by: portmgr (bapt)
|
|
|
|
|
| |
(except for `databases/tdbc' and `devel/py-mercurialserver', where it looks
like they're being used deliberately).
|
| |
|
|
|
|
|
|
|
|
| |
working files that should not have been in the patches[1]
Also move to a versioned filename for the patches[2]
Submitted by: Robert Sargent <robtsgt@gmail.com> [1],
Vernon Schryver <vjs@rhyolite.com> [2]
|
|
|
|
|
|
|
|
| |
working files that should not have been in the patches[1]
Also move to a versioned filename for the patches[2]
Submitted by: Robert Sargent <robtsgt@gmail.com> [1],
Vernon Schryver <vjs@rhyolite.com> [2]
|
|
|
|
| |
- Trim header
|
|
|
|
|
|
| |
PR: ports/176472
Submitted by: Linus Lee <csosstudy@gmail.com>
Approved by: Maintainer timeout
|
|
|
|
|
|
|
| |
and recommend planning to move to newer versions before
June 2013.
http://www.isc.org/software/bind/versions
|
|
|
|
| |
http://www.isc.org/software/bind/versions
|
| |
|
|
|
|
| |
Submitted by: bapt@
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Mozilla-PublicSuffix/Changes
|
| |
|
|
|
|
|
|
| |
- Trim header
Reviewed by: bapt
|
|
|
|
|
|
|
| |
- Pass maintainership to submitter.
PR: ports/176655
Submitted by: Danilo Egea Gondolfo <danilogondolfo@gmail.com>
|
|
|
|
| |
Submitted by: Bertrand Petit <elrond@phoe.frmug.org> (by mail)
|
|
|
|
|
|
| |
PR: ports/176156
Submitted by: Darren Pilgrim <darren.pilgrim@gmail.com>
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
| |
dns/p5-Net-DNS.
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Mozilla-PublicSuffix/Changes
|
|
|
|
|
| |
PR: 176303
Submitted by: maintainer
|
| |
|
|
|
|
|
| |
Submitted by: avl via IM
Approved by: avl via IM
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Mozilla-PublicSuffix/Changes
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Net-Nslookup/Changes
|
| |
|
|
|
|
| |
support. This is a requirement for Samba4 port.
|
|
|
|
|
| |
PR: 175480
Submitted by: maintainer
|
|
|
|
| |
Approved by: portmgr
|
|
|
|
|
| |
PR: ports/175900
Submitted by: Hung-Yi Chen <gaod@hychen.org> (maintainer)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Features
* Support for ILNP RR types: NID, L32, L64, LP (RFC6742).
* RRL, --enable-ratelimit at configure time and config options.
* TSIG initialization only fails when there is no digest found at all.
Bugfixes
* Bugfix #478: Declaration after statement (for gcc 2.95).
* Bugfix #483: Better error message in case of TSIG error.
* Bugfix #485: TTL should not be greater than 2^31 - 1.
* Fix RCODE when CNAME loop final answer does not exist,
should return NXDOMAIN as stated by RFC 6604.
* Fix --disable-full-prehash bug, where after multiple incoming IXFRs,
NSEC3 can be removed unjustified.
PR: 175837
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A serious Multiple Zone Response Policy Zone (RPZ2)
Speed Improvement bug has been fixed.
`./configure --enable-rpz-nsip --enable-rpz-nsdname`
is now the default.
Responses affected by the all-per-second parameter
are always dropped. The slip value has no effect on them.
There are improved log messages for responses that aredropped or "slipped," because they would require an
excessive identical referral.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A serious Multiple Zone Response Policy Zone (RPZ2)
Speed Improvement bug has been fixed.
`./configure --enable-rpz-nsip --enable-rpz-nsdname`
is now the default.
Responses affected by the all-per-second parameter
are always dropped. The slip value has no effect on them.
There are improved log messages for responses that are
dropped or "slipped," because they would require an
excessive identical referral.
|
|
|
|
|
| |
PR: 175699
Submitted by: Edmondas Girkantas <eg@fbsd.lt> (maintainer)
|
|
|
|
| |
Approved by: portmgr (bapt)
|
| |
|
|
|
|
|
|
|
|
| |
- Sort TEST_DEPENDS
- Remove OPTIONS_DEFAULT: bsd.options.mk turns IPV6 on by default
- Sort MAN3
- Reformat pkg-descr
- Sort PLIST
|
|
|
|
| |
- Fix and sort PLIST: %%SITE_PERL%%/Net/DNS/RR/SIG does not exist
|
|
|
|
| |
Changes: http://search.cpan.org/dist/POE-Component-Server-DNS/Changes
|
|
|
|
| |
Changes: http://search.cpan.org/dist/POE-Component-Client-DNS-Recursive/Changes
|
|
|
|
|
| |
- Pacify portlint
- Convert header
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Net-Domain-ExpireDate/Changes
|
|
|
|
| |
- Fix fetching
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add a patch to fix ECDSA keys (algorithms 13 & 14) for DNSSEC operation;
will be part of RC5.
- Fix CONFIGURE_ARGS for DNSSEC option (was CONFIGURE_FLAGS for some
mysterious reason) so cryptopp is actually compiled in.
Changelog: http://rtfm.powerdns.com/changelog.html#changelog-auth-3-2
PR: ports/175185
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
|
|
|
|
| |
PR: ports/174318
Submitted by: Rafal Lesniak <fbsd@grid.einherjar.de> (maintainer)
|
|
|
|
| |
- Reset maintainer
|
|
|
|
|
| |
PR: 175207
Submitted by: Simon Krenz <simon.krenz@ghostbsd.de>
|
|
|
|
|
|
| |
avoid problems with the older dialog(1) on FreeBSD 8.x
Noticed by: Terry Kennedy <terry@tmk.com>
|
|
|
|
|
| |
- Trim headers while I am here
- Clean up some trailing whitespace
|
|
|
|
|
|
|
|
|
|
|
| |
released version of January 5, 2013.
This also includes performance patches to the BIND9
Response Policy Zones (DNS RPZ), Single Zone Response
Policy Zone (RPZ) Speed Improvement, in the same
patch.
More information: http://ss.vix.su/~vjs/rrlrpz.html
|
| |
|
| |
|
|
|
|
| |
- Changelog: http://cpansearch.perl.org/src/HARDAKER/Net-DNS-ZoneFile-Fast-1.18/Changes
|
|
|
|
| |
- Changelog: http://cpansearch.perl.org/src/NLNETLABS/Net-DNS-0.72/Changes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- update MASTER_SITES list [1,2]
- add hidden devel/libexecinfo dependency (reported by pawel@)
while here:
- trim Makefile header
- convert to optionsng (PORTDOCS case)
- tab -> space change in pkg-descr:WWW
PR: 173190 [1]
PR: 174514 [2]
Submitted by: csosstudy <csosstudy@gmail.com> [1], Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer) [2]
|
|
|
|
| |
Submitted by: Baptiste Daroussin <bapt@FreeBSD.org>
|
|
|
|
| |
Approved by: portmgr
|
|
|
|
|
| |
PR: ports/174619
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
|
|
|
|
|
|
|
|
|
| |
- Use CXXFLAGS, PTHREAD_LIBS during build
- Fix typo in pkg-descr
- Give maintainership to submitter
PR: ports/174005 [1]
Submitted by: Rodrigo (ros) OSORIO <rodrigo@bebik.net>
|
|
|
|
|
|
|
| |
- Convert tab -> space WWW: line
PR: ports/174317 [1]
Submitted by: Rafal Lesniak <fbsd@grid.einherjar.de> (maintainer)
|
|
|
|
| |
- Changelog: http://cpansearch.perl.org/src/DESPAIR/Net-Domain-ExpireDate-1.09/Changes
|
|
|
|
|
|
|
|
|
| |
and no longer seems neccessary.
- Remove superfluous PORTVERSION and space
- Remove COPYING from PORTDOCS since LICENSE is defined
- Drop ABI version from LIB_DEPENDS
- Tab -> space in pkg-descr WWW line
- Remove FreeBSD keyword from pkg-plist
|
|
|
|
| |
- Changelog: http://cpansearch.perl.org/src/NLNETLABS/Net-DNS-0.71/Changes
|
|
|
|
|
|
|
| |
- Several fixes: http://www.knot-dns.cz/
PR: ports/174515
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
|
|
|
|
| |
lang/perl5.8 and lang/5.10 will be removed from ports tree soon.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream changes:
Fix regression which broke forwarding of queries sent via
TCP which are not for A and AAAA and which were directed to
non-default servers. Thanks to Niax for the bug report.
Fix failure to build with DHCP support excluded. Thanks to
Gustavo Zacarias for the patch.
Fix nasty regression in 2.64 which completely broke cacheing.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream changes:
TCP which are not for A and AAAA and which were directed to
non-default servers. Thanks to Niax for the bug report.
Fix failure to build with DHCP support excluded. Thanks to
Gustavo Zacarias for the patch.
Fix nasty regression in 2.64 which completely broke cacheing.
|
| |
|
|
|
|
|
|
|
|
| |
- This also allows more than one DLZ option
to be set.[2]
Submitted by: bapt [1] (as RADIO)
Suggested by: az [2] (thus GROUP instead)
|
|
|
|
|
| |
PR: ports/174396
Approved by: Mark Foster <mark@foster.cc>
|
|
|
|
| |
- Convert to new options framework
|
|
|
|
|
|
| |
For dns/openresolv give proper attribution. This was a copy/paste
mistake the submitter made, which incorrectly gave me attribution
for that file. I did not create it.
|
|
|
|
| |
- Changelog: http://cpansearch.perl.org/src/NLNETLABS/Net-DNS-0.70/Changes
|
|
|
|
| |
suppress any reference to JAVA_VERSION= 1.5+ (part2)
|
|
|
|
|
| |
Reported by: portscout
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BIND 9 nameservers using the DNS64 IPv6 transition mechanism are
vulnerable to a software defect that allows a crafted query to
crash the server with a REQUIRE assertion failure. Remote
exploitation of this defect can be achieved without extensive
effort, resulting in a denial-of-service (DoS) vector against
affected servers.
Security: 2892a8e2-3d68-11e2-8e01-0800273fe665
CVE-2012-5688
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Feature safe: yes
Changelog for version 2.64:
Handle DHCP FQDN options with all flag bits zero and --dhcp-client-update set.
Thanks to Bernd Krumbroeck for spotting the problem.
Finesse the check for /etc/hosts names which conflict with DHCP names.
Previously a name/address pair in /etc/hosts which didn't match the
name/address of a DHCP lease would generate a warning. Now that only
happesn if there is not also a match. This allows multiple addresses for
a name in /etc/hosts with one of them assigned via DHCP.
Fix broken vendor-option processing for BOOTP. Thanks to Hans-Joachim
Baader for the bug report.
Don't report spurious netlink errors, regression in 2.63. Thanks to
Vladislav Grishenko for the patch.
Flag DHCP or DHCPv6 in starup logging. Thanks to Vladislav Grishenko for
the patch.
Add SetServersEx method in DBus interface. Thanks to Dan Williams for
the patch.
Add SetDomainServers method in DBus interface. Thanks to Roy Marples for
the patch.
Fix build with later Lua libraries. Thansk to Cristian Rodriguez for the
patch.
Add --max-cache-ttl option. Thanks to Dennis Kaarsemaker for the patch.
Fix breakage of --host-record parsing, resulting in infinte loop at
startup. Regression in 2.63. Thanks to Haim Gelfenbeyn for spotting
this.
Set SO_REUSEADDRESS and SO_V6ONLY options on the DHCPv6 socket, this
allows multiple instances of dnsmasq on a single machine, in the same
way as for DHCPv4. Thanks to Gene Czarcinski and Vladislav Grishenko for
work on this.
Fix DHCPv6 to do access control correctly when it's configured with
--listen-address. Thanks to Gene Czarcinski for sorting this out.
Add a "wildcard" dhcp-range which works for any IPv6 subnet,
--dhcp-range=::,static Useful for Stateless DHCPv6. Thanks to Vladislav
Grishenko for the patch.
Don't include lease-time in DHCPACK replies to DHCPINFORM queries, since
RFC-2131 says we shouldn't. Thanks to Wouter Ibens for pointing this
out.
Makefile tweak to do dependency checking on header files. Thanks to
Johan Peeters for the patch.
Check interface for outgoing unsolicited router advertisements, rather
than relying on interface address configuration. Thanks to Gene
Czarinski for the patch.
Handle better attempts to transmit on interfaces which are still doing
DAD, and specifically do not just transmit without setting source
address and interface, since this can cause very puzzling effects when a
router advertisement goes astray. Thanks again to Gene Czarinski.
Get RA timers right when there is more than one dhcp-range on a subnet.
|
|
|
|
|
|
|
|
| |
Add a patch to build with clang.
PR: ports/173861
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
Feature safe: yes
|
|
|
|
|
|
|
| |
- Cleanup Makefile header
Changes: http://search.cpan.org/dist/Mozilla-PublicSuffix/Changes
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
| |
while here:
- trim Makefile header
- remove trailin dots from options descriptions
PR: 174094
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
|
|
|
|
|
| |
- remove Author field, while here
PR: 172886
Submitted by: Aldis Berjoza <graudeejs@gmail.com>
Approved by: maintainer timeout (1 month+)
Feature safe: yes
|
|
|
|
|
| |
Submitted by: Kazunori Fujiwara <fujiwara@jprs.co.jp>
Feature safe: yes
|
|
|
|
|
|
| |
provide any additional security.
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2012-11-26 irc/tr-ircd: No more public distfiles
2012-11-26 lang/imp-interpreter: No more public distfiles
2012-11-26 games/xquarto: No more public distfiles
2012-11-26 games/six: No more public distfiles
2012-11-26 finance/gfp: No more public distfiles
2012-11-26 games/44bsd-hunt: No more public distfiles
2012-11-26 graphics/ale: No more public distfiles
2012-11-26 german/digibux: No more public distfiles
2012-11-26 java/eclipse-clay-core: No more public distfiles
2012-11-26 games/xbloody: No more public distfiles
2012-11-26 dns/sqldjbdns: No more public distfiles
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
| |
- Fix a typo in the OPTIONSNG conversion
- Add FIXED_RRSET option
- Add RPZ options (9.8 and 9.8 only)
PR: 172586
Submitted by: Craig Leres <leres@ee.lbl.gov>
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
| |
Bugfixes:
* Fixed crash on reload when config contained duplicate zones.
* Fixed scheduling of transfers.
* Fixed debug message.
PR: 173422
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
| |
ldns 1.6.14 and ldns 1.6.15 had a bug in creating empty
bitmaps for NSEC3 on empty non-terminals; and were
unable to build a loadable pyldns module.
This release has those two bugs resolved.
PR: 173626
Submitted by: Geoffroy Desvernay <dgeo@centrale-marseille.fr>
Approved by: maintainer
Feature safe: yes
|
|
|
|
|
| |
Notified by: ak@ravenloft.kiev.ua (via irc)
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
|
|
|
|
| |
- Use github macros
- Update WWW, project moved to github
- Trim header
Feature safe: yes
|
|
|
|
|
|
|
| |
is required for the upcoming dns/sshfp update
- Register CONFLICTS and PKGNAMEPREFIX in dns/ldns
Feature safe: yes
|
|
|
|
|
|
| |
PR: ports/173709
Submitted by: Ilya Bakulin <webmaster at kibab.com>
Feature safe: yes
|
|
|
|
| |
Feature safe: yes (leaf port)
|
|
|
|
|
|
|
| |
- do not bumping PORTREVISION because it's not default
Submitted by: bapt (by mail)
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
| |
pre-OptionsNG status quo
- Shorten GOST option description, to fit in old dialog's line restrictions on 8.x
- Use standard EXAMPLES/DOXYGEN descriptions
- Remove quotes from option descriptions
Approved by: Jaap Akkerhuis <jaap at NLnetLabs.nl> (maintainer)
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Trim header
Changes:
* Bugfixes
* New Feature: Use of writev, to improve TCP response time
PR: ports/173261
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
|
|
|
|
|
|
|
|
|
| |
chroot (NanoBSD for example). So use truncate -s... instead of dd
if=/dev/zero... to initialise the pdns DB.
PR: pors/172268
Submitted by: n_hibma
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add an entry to UPDATING about binary incompatibility in previous version of ldns
- Fix OptionsNG
- Bump PORTREVISION for all ports dependent on dns/ldns
- Remove ABI version numbers from LIB_DEPENDS while I'm here
PR: ports/173080 [1]
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) [1]
Approved by: portmgr (erwin)
Feature safe: yes
|
|
|
|
|
|
| |
PR: 172590
Submitted by: Hirohisa Yamaguchi (umq.876-gmail.com)
Feature safe: yes
|
|
|
|
|
|
|
| |
PR: ports/172556
Submitted by: pgj
Approved by: maintainer
Feature safe: yes
|
|
|
|
|
|
|
| |
public distfiles are available, or for which are -devel version with a more
recent stable version for long
Feature safe: yes
|
|
|
|
|
|
|
| |
avoid problems with the older dialog(1) on FreeBSD 8.x
Noticed by: Terry Kennedy <terry@tmk.com>
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2012-10-20 games/xripple: No more public distfiles
2012-10-20 games/wolf3d: No more public distfiles
2012-10-20 games/pets: No more public distfiles
2012-10-20 games/linux-enemyterritory-fortress: No more public distfiles
2012-10-20 games/linux-enemyterritory-etpub: No more public distfiles (for the .pk3)
2012-10-20 games/freesci: No more public distfiles
2012-10-20 dns/gresolver: No more public distfiles
2012-10-20 devel/vb2c: No more public distfiles
2012-10-20 devel/portlet-api: No more public distfiles
2012-10-20 devel/libsigc++: Abandoned upstream, no more depending ports
2012-10-20 devel/klassmodeler: Abandonware, depends on the deprecated wxGTK 2.4
2012-10-20 devel/ecos-tools: Depends on an obsolete version of wx, broken with gcc4.2 for long
2012-10-20 devel/datadesigner: Abandonware, depends on the deprecated wxGTK 2.4
Feature safe: yes
|
|
|
|
|
|
| |
- Turn on IPv6 support by default
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
| |
- Shrink pkg-desc to make portlint happy
- Trim Makefile headers
- Cleanup CLANG patch
- Drop maintainership
PR: ports/172949
Submitted by: Takefu <takefu@airport.fm>
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
| |
- Convert to OptionsNG [2]
Changes: http://www.nlnetlabs.nl/svn/ldns/tags/release-1.6.14/Changelog
PR: ports/173003 [1]
ports/171934 [2]
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) [1]
Takefu <takefu@airport.fm> [2]
Feature safe: yes
|
|
|
|
|
|
|
| |
PR: 172903
Submitted by: me
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
|
| |
Submitted by: zeising
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- add dns/py-dnspython to RUN_DEPENDS too, because easyzone will not
work w/o it
- remove some redundant python specific knobs: PYDISTUTILS_NOEGGINFO,
PYDISTUTILS_PKGNAME
- use PYEASYINSTALL_EGG in pkg-plist instead of redundant passing
PORTVERSION and PYTHON_VER there
- bump PORTREVISION because of dependencies change
PR: 172446
Submitted by: rm (myself)
Approved by: Attila Nagy <bra at fsn dot hu> (maintainer, by mail)
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
| |
Feature safe: yes
|
|
|
|
|
| |
- Trim header
- Use USE_GITHUB for fetching
|
|
|
|
|
|
|
| |
A deliberately constructed combination of records could cause named
to hang while populating the additional section of a response.
Security: http://www.vuxml.org/freebsd/57a700f9-12c0-11e2-9f86-001d923933b6.html
|
|
|
|
| |
security releases.
|
|
|
|
|
|
|
|
| |
various ports that I've created.
I bid fond fare well
A chapter closes for me
What opens for you?
|
| |
|
|
|
|
|
|
| |
options dialog every time (to let him actually save the chosen options)
Reported by: bapt
|
|
|
|
| |
Approved by: maintainer, freebsd@dns-lab.com
|
|
|
|
|
| |
PR: 172303
Submitted by: maintainer, freebsd@dns-lab.com
|
| |
|
|
|
|
|
|
| |
Mark opendd broken
Approved by: maintainer timeout (>= 3 months)
|
|
|
|
|
| |
Note: Upstream did not provide any changelog, but this update allows to
deal with new bind output formats.
|
|
|
|
| |
- Convert to new Makefile format
|
|
|
|
|
|
|
|
|
|
|
|
| |
- convert to optionsng
while here:
- limit python version to 2.x only
- remove deprecated attribution in pkg-descr
PR: 171786
Submitted by: William Grzybowski <william88 at gmail dot com>
Approved by: Andy Greenwood <greenwood.andy at gmail dot com> (prev maintainer)
|
| |
|
| |
|
|
|
|
| |
distilator
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevents a crash when queried for a record whose RDATA exceeds
65535 bytes.
Prevents a crash when validating caused by using "Bad cache" data
before it has been initialized.
ISC_QUEUE handling for recursive clients was updated to address
a race condition that could cause a memory leak. This rarely
occurred with UDP clients, but could be a significant problem
for a server handling a steady rate of TCP queries.
A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process.
For more information: https://kb.isc.org/article/AA-00788
|
|
|
|
|
|
|
|
|
|
| |
- Update WWW to new location [1]
- Switch to GNU_CONFIGURE so that PREFIX is
properly respected on install, when not
set to LOCALBASE
PR: ports/170817 [1]
Submitted by: Stefan Caunter <stef@scaleengine.com> (maintainer)
|
|
|
|
|
| |
PR: ports/171526
Submitted by: Jaap Akkerhuis <jaap at NLnetLabs.nl>
|
|
|
|
| |
Submitted by: Anton Yuzhaninov <citrin at citrin.ru>
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Mozilla-PublicSuffix/Changes
|
|
|
|
|
| |
PR: ports/170964
Submitted by: Jui-Nan Lin <jnlin@csie.nctu.edu.tw> (maintainer)
|
|
|
|
|
| |
PR: ports/171024
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
|
|
|
|
|
|
|
| |
PR: ports/170794
Submitted by: Artis Caune <Artis.Caune@gmail.com>
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Approved by: eadler (mentor)
|
| |
|
|
|
|
| |
Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
|
| |
|
|
|
|
| |
Maintainer timeout: 10 days
|
| |
|
|
|
|
|
| |
Changes: http://search.cpan.org/dist/POE-Component-Resolver/CHANGES
Approved by: flo (mentor)
|
|
|
|
|
| |
files is unversioned, so it conflicts with the name of the rc.d script in
WRKDIR after SUB_FILES is applied.
|
|
|
|
|
|
|
|
|
|
| |
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}
is already the default, so for those ports where we are doing:
@${MV} ${WRKDIR}/${PORTNAME} ${WRKSRC}
to avoid the problem of conflicts with the rc.d script of the same
name it is not necessary to define WRKSRC separately.
Clean up this mistake of mine, and standardize for the others.
|
|
|
|
|
|
|
|
|
| |
validation in the DNS notify/transfer-chain.
WWW: http://www.nlnetlabs.nl/projects/credns/
PR: ports/169732
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
|
|
|
|
|
| |
PR: ports/170544
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
|
|
| |
Now uses .tar.xz suffix.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
1.23
https://lists.gnu.org/archive/html/info-gnu/2011-11/msg00014.html
1.24
https://lists.gnu.org/archive/html/info-gnu/2012-01/msg00008.html
1.25
https://lists.gnu.org/archive/html/info-gnu/2012-05/msg00010.html
Submitted by: Hung-Yi Chen <gaod@hychen.org> (maintainer)
PR: ports/170428
Approved by: eadler (mentor)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This port is based on dns/dnsmasq 2.62_1,1 and has been updated to 2.63rc2.
Description (by Simon Kelley, the upstream maintainer):
Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server.
It is designed to provide DNS and, optionally, DHCP, to a small network. It
can serve the names of local machines which are not in the global DNS. The
DHCP server integrates with the DNS server and allows machines with
DHCP-allocated addresses to appear in the DNS with names configured either
in each host or in a central configuration file. Dnsmasq supports static and
dynamic DHCP leases and BOOTP/TFTP/PXE for network booting of diskless
machines.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
command=foo >/dev/null 2>&1
|
v
command=foo
command_args='>/dev/null 2>&1'
This is clearly what should have been done, for several reasons.
No PORTREVISION bump because the old version simply ignored everything
after the space, and does not seem to have done any harm. However
it's good to clean these up so that similar errors aren't pasted into
a new script where they might actually matter.
|
|
|
|
|
|
| |
Where necessary add $FreeBSD$ to the file
No PORTREVISION bump necessary because this is a no-op
|
|
|
|
|
|
|
|
|
| |
- Whitespace fixes in pkg-descr
- Remove SF from MASTER_SITES
- Fix CC definition (fixes CLANG builds)
PR: ports/170322
Submitted by: Takefu <takefu@airport.fm>
|
|
|
|
|
|
|
| |
I've also updated MASTER_SITES as the maintainer's site doesn't have version 1.0.
This can be changed back if/when the maintainer comes back.
Maintainer timeout after: 5 days
|
| |
|
|
|
|
|
| |
- Enforce the now clarified rules from the Porter's Handbook (e.g. no dots, no
A/An, etc.)
|
|
|
|
| |
Reminded by: bsam
|
|
|
|
| |
Thanks for the pointer: bryan@shatow.net
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
dns/powerdns
- Convert to new OptionsNG
- Add DNSSEC knob by popular demand. Disabling this will disable DNSSEC algorithms 13 and 14 and remove dependency on libcryptopp.
- Disabled botan support since it's broken with 1.8. When 1.10 becomes part of the ports tree it can be enabled again.
PR: ports/170196
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
|
|
|
|
|
|
|
|
|
| |
- Convert to new OptionsNG
- Add DNSSEC knob by popular demand. Disabling this will disable DNSSEC algorithms 13 and 14 and remove dependency on
libcryptopp.
- Also disabled botan support since it's broken with 1.8. When 1.10 becomes part of the ports tree it can be enabled again.
PR: ports/170195
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
|
|
|
|
|
|
|
|
| |
- Cleanup whitespace
- Document vulnerability in dns/nsd (CVE-2012-29789)
PR: ports/170208
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Security: 17f369dc-d7e7-11e1-90a2-000c299b62e1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
are no more self hosting so we are stuck with 0.25 version while pkgconf provide
the same set of features as 0.27 and a compatible frontend. A symlink to
pkg-config has been added for convenience and compatibility
This also introduces a new macro to use pkgconf in your ports:
USE_PKGCONFIG
it can take the following arguments:
- yes (meaning build only dep)
- build (meaning build only dep)
- run (meaning run only dep)
- both (meaning run and build dep)
From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG
The old gnome macro has been modified to use pkgconf but still the sameway: run
and build dep to avoid large breakage.
While here fix some ports relying on pkg-config but not specifying it, fix some
ports broken because testing wrong .pc files, and fix ports using pkg-config
--version to determine pkg-config version instead of
pkg-config --modversion pkg-config like recommanded by pkg-config
With Hat: portmgr
Exp-runs by: bapt (pointhat-west), beat (pointyhat)
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
in BIND9
High numbers of queries with DNSSEC validation enabled can cause an
assertion failure in named, caused by using a "bad cache" data structure
before it has been initialized.
CVE: CVE-2012-3817
Posting date: 24 July, 2012
|
|
|
|
|
|
|
| |
PR: ports/170007
Reported by: Alexey Kouznetsov <alexey@kouznetsov.com>
Submitted by: crees
Approved by: sem (maintainer)
|
|
|
|
|
|
|
|
|
|
|
| |
BUG FIXES:
- Fix for VU#624931 CVE-2012-2978: NSD denial of service
vulnerability from non-standard DNS packet from any host
on the internet.
PR: ports/170001
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Security: CVE-2012-2978
|
|
|
|
| |
I'll host the (contrived) distfile for now.
|
|
|
|
|
|
|
|
| |
- Update maintainer e-mail
PR: ports/169899
Submitted by: Hrant Dadivanyan <ran@styx.aic.net>
Approved by: maintainer
|
|
|
|
|
|
|
|
| |
constantly disabled.
PR: ports/169952
Spotted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Approved by: flo (mentor)
|