| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
- Update maintainer address
Changes: http://search.cpan.org/dist/POE-Component-Resolver/CHANGES
Approved by: flo, culot (mentors)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
from ISC. These patched versions contain a critical bugfix:
Processing of DNS resource records where the rdata field is zero length
may cause various issues for the servers handling them.
Processing of these records may lead to unexpected outcomes. Recursive
servers may crash or disclose some portion of memory to the client.
Secondary servers may crash on restart after transferring a zone
containing these records. Master servers may corrupt zone data if the
zone option "auto-dnssec" is set to "maintain". Other unexpected
problems that are not listed here may also be encountered.
All BIND users are strongly encouraged to upgrade.
|
| |
|
|
| |
- Reassign maintainership from ports@ to perl@
|
| | |
|
| | |
|
| |
|
|
| |
Approved by: maintainer (tobez@ via IM)
|
| | |
|
| |
|
|
|
|
| |
${SITE_PERL}/foo/bar/file.pm
http://wiki.freebsd.org/PortsLongtermTargets#Use_of_SITE_PERL_in_dependencies
|
| |
|
|
| |
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
|
| |
PR: 168394
Submitted by: maintainer
|
| |
|
|
|
|
|
| |
* Use ECDSA by default
* Add a hack to build ldns with ECDSA support if it's not installed
Feature safe: Yes
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is mostly a bugfix release. Most notable new features are ECDSA
support (RFC 6605) and command-line options for ldns-verify-zone for
validating against given keys and for safety margins on signatures
inception and expiration times.
- The examples and drill programs will now built by default.
PR: ports/168296
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Approved by: itetcu (mentor)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the latest from ISC. These versions all contain the following:
Feature Change
* BIND now recognizes the TLSA resource record type, created to
support IETF DANE (DNS-based Authentication of Named Entities)
[RT #28989]
Bug Fix
* The locking strategy around the handling of iterative queries
has been tuned to reduce unnecessary contention in a multi-
threaded environment.
Each version also contains other critical bug fixes.
All BIND users are encouraged to upgrade to these latest versions.
|
| | |
|
| |
|
|
|
|
|
|
| |
- set NO_LATEST_LINK
- while I'm here, add LICENSE (GPL2) and remove mention of it from pkg-descr
PR: 168192
Submitted by: Ralf van der Enden <tremere at cainites dot net> (maintainer)
|
| |
|
|
|
|
|
|
|
| |
- while I'm here, add LICENSE (GPL2) and remove mention of it from pkg-descr
changelog: http://doc.powerdns.com/changelog.html#changelog-auth-3-1
PR: 168198
Submitted by: Ralf van der Enden <tremere at cainites dot net> (maintainer)
|
| |
|
|
|
|
|
|
|
| |
- fix build fix clang
- mark MAKE_JOBS_SAFE
PR: 168014
Submitted by: Hirohisa Yamaguchi <umq at ueo.co dot jp>
Approved by: freebsd at dns-lab dot com (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Net::DNS::Zone::Parser should be considered a preprocessor that "normalizes"
a zonefile.
It will read a zonefile in a format conforming to the relevant RFCs with the
addition of BIND's GENERATE directive from disk and will write fully specified
resource records (RRs) to a filehandle. Whereby:
- All comments are stripped
- There is one RR per line
- Each RR is fully expanded i.e. all domain names are fully qualified
(canonicalised) and the CLASS and TTLs are specified.
- Some RRs may be 'stripped' from the source or otherwise processed. For details
see the 'read' method.
Note that this module does not have a notion of what constitutes a valid zone,
it only parses. For example, the parser will happilly parse RRs with ownernames
that are below in another zone because a NS RR elsewhere in the zone.
WWW: http://search.cpan.org/dist/Net-DNS-Zone-Parser/
PR: ports/167708
Submitted by: Jimmy Bergman <jimmy@sigint.se>
|
| |
|
|
|
|
|
|
| |
- Add option for PGSQL support [1]
- Switch to bsd.port.options
PR: ports/167841 [1]
Submitted by: Edmondas Girkantas <eg@fbsd.lt> (maintainer) [1]
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
should use to boost online privacy and security. It works
by encrypting all DNS traffic between the user and OpenDNS,
preventing any spying, spoofing or man-in-the-middle attacks.
WWW: https://www.opendns.com/technology/dnscrypt/
PR: ports/167833
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com>
|
| |
|
|
|
|
| |
Changes: http://search.cpan.org/dist/POE-Component-Resolver/CHANGES
PR: ports/167929
Submitted by: Jase Thew <freebsd@beardz.net> (maintainer)
|
| |
|
|
|
|
| |
PR: ports/167045
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
Obtained from: http://doc.powerdns.com/changelog.html#changelog-auth-3-1
|
| | |
|
| |
|
|
|
|
| |
PR: ports/167255
Submitted by: bapt
Approved by: maintainer timeout (14d)
|
| |
|
|
| |
Approved by: clsung via IRC
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Re-write interface discovery code on *BSD to use getifaddrs. This
is more portable, more straightforward, and allows us to find the
prefix length for IPv6 addresses.
Add ra-names, ra-stateless and slaac keywords for DHCPv6. Dnsmasq
can now synthesise AAAA records for dual-stack hosts which get IPv6
addresses via SLAAC. It is also now possible to use SLAAC and
stateless DHCPv6, and to tell clients to use SLAAC addresses as
well as DHCP ones. Thanks to Dave Taht for help with this.
Add --dhcp-duid to allow DUID-EN uids to be used.
Explicity send DHCPv6 replies to the correct port, instead of relying
on clients to send requests with the correct source address, since
at least one client in the wild gets this wrong. Thanks to Conrda
Kostecki for help tracking this down.
Send a preference value of 255 in DHCPv6 replies when --dhcp-authoritative
is in effect. This tells clients not to wait around for other DHCP
servers.
Better logging of DHCPv6 options.
Add --host-record. Thanks to Rob Zwissler for the suggestion.
Invoke the DHCP script with action "tftp" when a TFTP file transfer
completes. The size of the file, address to which it was sent and
complete pathname are supplied. Note that version 2.60 introduced
some script incompatibilties associated with DHCPv6, and this is a
further change. To be safe, scripts should ignore unknown actions,
and if not IPv6-aware, should exit if the environment variable
DNSMASQ_IAID is set. The use-case for this is to track netboot/install.
Suggestion from Shantanu Gadgil.
Update contrib/port-forward/dnsmasq-portforward to reflect the
above.
Set the environment variable DNSMASQ_LOG_DHCP when running the
script id --log-dhcp is in effect, so that script can taylor their
logging verbosity. Suggestion from Malte Forkel.
Arrange that addresses specified with --listen-address work even
if there is no interface carrying the address. This is chiefly
useful for IPv4 loopback addresses, where any address in 127.0.0.0/8
is a valid loopback address, but normally only 127.0.0.1 appears
on the lo interface. Thanks to Mathieu Trudel-Lapierre for the idea
and initial patch.
Fix crash, introduced in 2.60, when a DHCPINFORM is received from
a network which has no valid dhcp-range. Thanks to Stephane Glondu
for the bug report.
Add a new DHCP lease time keyword, "deprecated" for --dhcp-range.
This is only valid for IPv6, and sets the preffered lease time for
both DHCP and RA to zero. The effect is that clients can continue
to use the address for existing connections, but new connections
will use other addresses, if they exist. This makes hitless renumbering
at least possible.
Fix bug in address6_available() which caused DHCPv6 lease aquisition
to fail if more than one dhcp-range in use.
Provide RDNSS and DNSSL data in router advertisements, using the
settings provided for DHCP options option6:domain-search and
option6:dns-server.
Tweak logo/favicon.ico to add some transparency. Thanks to SamLT
for work on this.
Don't cache data from non-recursive nameservers, since it may
erroneously look like a valid CNAME to a non-exitant name. Thanks
to Ben Winslow for finding this.
Call SO_BINDTODEVICE on the DHCP socket(s) when doing DHCP on exactly
one interface and --bind-interfaces is set. This makes the OpenStack
use-case of one dnsmasq per virtual interface work. This is only
available on Linux; it's not supported on other platforms. Thanks
to Vishvananda Ishaya and the OpenStack team for the suggestion.
Updated French translation. Thanks to Gildas Le Nadan.
Give correct from-cache answers to explict CNAME queries. Thanks
to Rob Zwissler for spotting this.
Add --tftp-lowercase option. Thanks to Oliver Rath for the patch.
Ensure that the DBus DhcpLeaseUpdated events are generated when a
lease goes through INIT_REBOOT state, even if the dhcp-script is
not in use. thanks to Antoaneta-Ecaterina Ene for the patch.
Fix failure of TFTP over IPv4 on OpenBSD platform. Thanks to Brad
Smith for spotting this.
|
| | |
|
| |
|
|
|
| |
PR: 167299
Submitted by: Hirohisa Yamaguchi <umq at-symbol ueo.co.jp>
|
| |
|
|
|
| |
PR: ports/167241
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
|
| |
|
|
| |
PERL_LEVEL against 501400)
|
| |
|
|
|
|
|
|
|
|
|
| |
was noticed by ISC at:
https://lists.isc.org/pipermail/bind-users/2012-April/087345.html
and verified by me both by comparing the contents of the old and new
distfiles and by verifying the PGP signature on the new distfile.
No PORTREVISION bump because these files were not installed.
|
| |
|
|
|
|
| |
- Update MASTER_SITES
- Add LICENSE information
- Remove obsolete patches
|
| | |
|
| |
|
|
| |
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
| |
bug fixes.
For the port, switch to using the PORTDOCS macro.
Also, switch to the (identical) pkg-message in ../bind97 which was apparently missed
when the other ports were converted.
Feature safe: yes
|
| |
|
|
|
|
| |
For the port, switch to using the PORTDOCS macro.
Feature safe: yes
|
| |
|
|
|
|
| |
For the port, switch to using the PORTDOCS macro.
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mozilla::PublicSuffix provides a single function that returns the public suffix
of a domain name by referencing a parsed copy of Mozilla's Public Suffix List.
From the official website at http://publicsuffix.org:
A "public suffix" is one under which Internet users can directly register names.
Some examples of public suffixes are .com, .co.uk and pvt.k12.wy.us. The Public
Suffix List is a list of all known public suffixes.
A copy of the official list is bundled with the distribution. As the official
list continues to be updated, the bundled copy will inevitably fall out of date.
Therefore, if the bundled copy of found to be over thirty days old, this
distribution's installer provides the option to check for a new version of the
list and download/use it if one is found.
WWW: http://search.cpan.org/dist/Mozilla-PublicSuffix/
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
maintainer, wrote in message <4F70361B.7080306@thekelleys.org.uk>:
A bug has been found in dnsmasq 2.60 that can cause crashes. This is
configuration dependent: it either crashes frequently or not at all.
The configuration required is one which allows dnsmasq to receive
DHCPINFORM requests for which there is no valid dhcp-range. This is
rare.
Adding the patch he offers for download.
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
| |
- Pass maintainership to python@
Changes: http://twistedmatrix.com/trac/browser/tags/releases/twisted-12.0.0/twisted/names/topfiles/NEWS
PR: ports/165732
Submitted by: sunpoet (myself)
Approved by: Neal Nelson <neal@nicandneal.net> (maintainer)
Feature safe: yes
|
| |
|
|
|
|
|
| |
- Add LICENSE
- Add additional MASTER_SITE
Feature safe: yes
|
| |
|
|
|
|
| |
PR: 166125
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl>(maintainer)
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
|
| |
- Add back cat pkg-message
- Add knot.full.conf to ETCDIR and pkg-plist
- Bump PORTREVISON
PR: ports/165798
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
Approved by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
Feature safe: yes
|
| |
|
|
| |
Feature safe: yes
|
| |
|
|
|
|
|
|
|
| |
- No PORTREVISION bump
PR: ports/165798
Submitted by: mexas@bristol.ac.uk
Approved by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer, implicit)
Feature safe: yes
|
| |
|
|
|
|
|
|
|
| |
- No PORTREVISION bump
PR: ports/165787
Reported by: Anton Shterenlikht <mexas@bristol.ac.uk>
Approved by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer, implicit)
Feature safe: yes
|
| |
|
|
|
|
|
| |
PR: ports/165798
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com>
Approved by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer)
Feature safe: yes
|
| |
|
|
|
|
|
|
|
| |
Note: devel/p5-B-Size and devel/p5-Devel-Arena
where intentionally not restored.
PR: ports/165605
Approved by: portmgr (bapt)
Feature safe: yes (I sure hope so)
|
| |
|
|
| |
Feature safe: yes
|
| |
|
|
|
|
|
|
|
| |
- The LUA port option enables Lua support for DHCP lease-change scripts
- DHCPv6 support
- IPv6 Router Advertisement support
Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Feature safe: yes
|
| |
|
|
|
|
|
|
|
| |
While I'm here, reduce the number of docs variables.
PR: ports/165930 [1]
Submitted by: Alexey Markov <redrat@mail.ru> [1]
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
devel/p5-Devel-Arena)
- Remove conditionals for PERL_LEVEL < 501200
- Remove regression-test targets b/c this will be centralized in Mk/bsd.perl.mk
- Other minor cleanups
RUN_DEPENDS = ${BUILD_DEPENDS} -> RUN_DEPENDS:= ${BUILD_DEPENDS}
PR: ports/165605
Submitted by: pgollucci (myself)
Approved by: portmgr (linimon)
Exp Run by: linimon
Tested by: make index
|
| |
|
|
|
|
| |
- Sort *_DEPENDS
Changes: http://search.cpan.org/dist/POE-Component-Server-DNS/Changes
|
| |
|
|
|
|
| |
Changes: http://search.cpan.org/dist/POE-Component-Resolver/CHANGES
PR: ports/165718
Submitted by: Jase Thew <freebsd@beardz.net> (maintainer)
|
| |
|
|
| |
WWW: http://search.cpan.org/dist/POE-Component-Client-DNSBL/
|
| |
|
|
|
|
| |
- Sort *_DEPENDS
Changes: http://search.cpan.org/dist/POE-Component-Client-DNS-Recursive/Changes
|
| | |
|
| |
|
|
|
| |
- Add TEST_DEPENDS to enable testing
- Add patch to fix tests, submitted upstream
|
| |
|
|
| |
- Bump PORTREVISION due to new RUN_DEPENDS changing package
|
| |
|
|
| |
WWW: http://search.cpan.org/dist/POE-Component-Client-DNS-Recursive/
|
| |
|
|
| |
Requested by: roam (on ports-developers@)
|
| | |
|
| |
|
|
| |
- Add additional MASTER_SITES
|
| |
|
|
| |
Approved by: roam@
|
| |
|
|
| |
Approved by: roam@
|
| |
|
|
|
|
|
|
|
|
| |
from packages.
PR: ports/165352
Reported by: Marat Bakeev <hawara@hawara.com>
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
Approved by: gabor (mentor, implicit)
Feature safe: yes
|
| | |
|
| |
|
|
|
|
|
|
| |
- Builds now on 9.x, drop conditional
- while here use include of bpm and loop on portdocs
PR: ports/165388
Submitted by: maintainer, mc@hack.org
|
| | |
|
| |
|
|
| |
PR: ports/164833
|
| |
|
|
|
| |
PR: ports/165216
Submitted by: maintainer, jaap at NLnetLabs.nl
|
| |
|
|
|
| |
PR: ports/165185
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Lots of fixes for older Perl versions, and several other bug fixes
The parse and data methods are renamed to decode and encode respectively
New feature: IDN query support, requires Net::LibIDN
New modules: Mailbox.pm, Text.pm
For the port:
* Add TEST_DEPENDS (probably won't work on its own due to CONFIGURE_ARGS)
* Add an OPTION for IDN support, off by default
* Use the PORTDOCS macro
* Move the OPTIONS= to the more standard location
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Easyzone is a package to manage the common record types of a zone file,
including SOA records. This module sits on top of the dnspython package
and provides a higher level abstraction for common zone file manipulation
use cases.
WWW: http://www.psychofx.com/easyzone/
PR: ports/164961
Submitted by: Attila Nagy <bra at fsn.hu>
|
| | |
|
| | |
|
| |
|
|
| |
* Bugfix release
|
| | |
|
| |
|
|
|
|
| |
Changes: http://www.opendnssec.org/2012/01/23/opendnssec-1-3-5/
PR: ports/164628
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
| |
- Use INSTALL_MAN for the man files and respect NO_INSTALL_MANPAGESÂ knob
- Use INSTALL_DATA for PORTDOCS file
- Hide post-extract and post-patch procedure
- Bump PORTREVISION
PR: ports/163942 [1]
Submitted by: Garrett Cooper <yanegomi AT gmail.com> [1]
Approved by: maintainer via private mail
|
| |
|
|
|
| |
PR: 164224
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
stay as a -devel until it's formally released, which should be soon'ish.
BIND 9.9 includes a number of changes from BIND 9.8 and earlier releases,
including:
NXDOMAIN redirection
Improved startup and reconfiguration time, especially with large
numbers of authoritative zones
New "inline-signing" option, allows named to sign zones completely
transparently, including static zones
Many other new features, especially for DNSSEC
See the CHANGES file for more information on features.
https://kb.isc.org/article/AA-00592
|
| |
|
|
| |
Submitted by: dougb
|
| |
|
|
|
|
| |
* Fixed a little memory leak
* Couple other bugs fixed
- Run unbound-checkconf before start.
|
| | |
|
| | |
|
| |
|
|
| |
Requested by: des
|
| |
|
|
|
|
|
|
|
|
| |
ports use BUILD_DEPENDS:= ${RUN_DEPENDS}. This patch fixes ports that are
currently broken. This is a temporary measure until we organically stop using
:= or someone(s) spend a lot of time changing all the ports over.
Explicit duplication > := > = and this just moves ports one step to the left
Approved by: portmgr
|
| |
|
|
|
| |
PR: ports/164233
Submitted by: Takefu <takefu@airport.fm>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
and generally improve the script (most of which was unneeded).
While I'm here, fix some other problems with the port:
1. Remove a dead MASTER_SITE
2. Make the rc.d script honor PREFIX
3. Install a link for /usr/local/bin/dnscheck-dispatcher so that
the rc.d script has something to start
Bump PORTREVISION due to package changes
|
| |
|
|
|
|
|
|
|
|
|
| |
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
|
| |
|
|
|
|
|
|
|
| |
This update fixes a Denial of Service Vulnerability, which affects versions < 3.0.1 (CVE-2012-0206)
Changes:
http://doc.powerdns.com/changelog.html#changelog-auth-3-0-1
PR: 164019
|
| |
|
|
|
|
| |
PR: ports/163734 [1]
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> [1]
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer), gabor (mentor, implicit)
|
| |
|
|
|
|
|
|
|
| |
- Thanks to crees@ for generating the initial patch
PR: ports/163521
Submitted by: Pedro Giffuni <pfg apache.org>
Hat: portmgr
Exp run by: pav
|
| |
|
|
| |
Changes: http://search.cpan.org/dist/Net-DNS-ZoneFile-Fast/Changes
|
| | |
|
| |
|
|
| |
Reported by: dougb
|
| |
|
|
|
|
|
| |
- Do not force the user to run ddclient as a daemon
PR: ports/163271
Submitted by: Rob Farmer <rfarmer@predatorlabs.net> (maintainer)
|
| | |
|
| | |
|
| |
|
|
| |
Feature safe: yes
|
| |
|
|
|
|
| |
- Fix WWW links in pkg-descr
Changes: https://github.com/weppos/public_suffix_service/blob/master/CHANGELOG.md
|
| |
|
|
| |
Approved by: crees (mentor)
|
| |
|
|
|
|
|
| |
- Add LICENSE
PR: ports/163325
Submitted by: Takefu <takefu@airport.fm>
|
| |
|
|
| |
- Add TEST_DEPENDS to enable testing
|
| | |
|
| |
|
|
| |
* CVE-2011-4528 fixed
|
| |
|
|
|
| |
PR: 163080
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
| |
Feature safe: yes
|
| |
|
|
| |
Feature safe: yes
|
| |
|
|
|
|
| |
PR: 162986
Submitted by: Armin Pirkovitsch <armin@frozen-zone.org>
Feature safe: yes
|
| |
|
|
|
|
| |
Submitted by: me
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
|
| |
|
|
|
|
| |
PR: 162782
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
APIs (libraries) for application developers to make softwares
IDNA2008-compliant, and also provides tools for system administrators
to process IDNs appropriately according to IDNA2008 specification.
The idnkit-2 is a toolkit revised by JPRS from the idnkit-1.0
developed by JPNIC, and it is released as an open source
free software modified to comply with IDNA2008.
idnkit-2 consists from its main part written in C and additional
API packages for other languages (Java, Python, and Perl).
WWW: http://jprs.co.jp/idn/index-e.html
PR: ports/162521
Submitted by: Rafal Lesniak <fbsd@grid.einherjar.de>
Feature safe: yes
|
| |
|
|
|
| |
Reported by: pointyhat
Feature safe: yes
|
| |
|
|
| |
Feature safe: yes
|
| |
|
|
|
| |
Pointyhat: erwin --> crees
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
following DDOS bug:
Recursive name servers are failing with an assertion:
INSIST(! dns_rdataset_isassociated(sigrdataset))
At this time it is not thought that authoritative-only servers
are affected, but information about this bug is evolving rapidly.
Because it may be possible to trigger this bug even on networks
that do not allow untrusted users to access the recursive name
servers (perhaps via specially crafted e-mail messages, and/or
malicious web sites) it is recommended that ALL operators of
recursive name servers upgrade immediately.
For more information see:
https://www.isc.org/software/bind/advisories/cve-2011-tbd
which will be updated as more information becomes available.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313
Feature safe: yes
|
| |
|
|
| |
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
APIs (libraries) for application developers to make softwares
IDNA2008-compliant, and also provides tools for system administrators
to process IDNs appropriately according to IDNA2008 specification.
The idnkit-2 is a toolkit revised by JPRS from the idnkit-1.0
developed by JPNIC, and it is released as an open source
free software modified to comply with IDNA2008.
idnkit-2 consists from its main part written in C and additional
API packages for other languages (Java, Python, and Perl).
WWW: http://jprs.co.jp/idn/index-e.html
PR: ports/162520
Submitted by: Rafal Lesniak <fbsd@grid.einherjar.de>
Feature safe: yes
|
| |
|
|
|
|
|
| |
- Bump PORTREVISION for package change
Reported by: pointyhat
Feature safe: yes
|
| |
|
|
|
| |
Approved by: novel (mentor)
Feature safe: yes
|
| |
|
|
|
|
|
|
| |
%%SITE_PERL%%/Net may be empty when this port is deinstalled,
so @dirrmtry it.
Poked by: pavmail
Feature safe: yes
|
| | |
|
| |
|
|
| |
Hat: portmgr
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Public Suffix Service is a Ruby domain name parser based on the Public Suffix
List.
The Public Suffix Service is a cross-vendor initiative to provide an accurate
list of domain name suffixes.
The Public Suffix Service is an initiative of the Mozilla Project, but is
maintained as a community resource. It is available for use in any software, but
was originally created to meet the needs of browser manufacturers.
A "public suffix" is one under which Internet users can directly register names.
Some examples of public suffixes are ".com", ".co.uk" and "pvt.k12.wy.us". The
Public Suffix List is a list of all known public suffixes.
WWW: http://www.simonecarletti.com/code/public_suffix_service/
WWW: https://github.com/weppos/public_suffix_service
WWW: https://rubygems.org/gems/public_suffix_service
|
| |
|
|
| |
freecode.com (for ports@ and ehaupt@).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
======
Suppress IO::Socket::INET(6)::peerhost usage with TCP. On some systems
it doesn't work after receiving data.
Prevent TCP accepts from blocking on unfinished 3-way handshakes.
Named nameserver should be reachable by IPv6 too.
Typo that prevented TCP traffic from being replied from the same
socket as it was received on.
Suppress warnings of the deprecated use of qw as parentheses in
perl 5.14.
Gracefully handle corrupted incoming packets in Net::DNS::Nameserver.
Make Net::DNS::Resolver load even if /etc/resolv.conf is unreadable.
Assembly of segmented TCP traffic.
Fix documentation to reflect code behaviour where on successful packet
creation, the error should be ignored.
A Net::DNS::Nameserver without a NotifyHandler now responds NOTIMP
to NOTIFY requests.
Documentation now reflects Net::DNS::Packet construction behaviour.
Replace TSIG key with the signature of the whole packet when signing
a packet, even when the TSIG key is not the first in the additional
section.
Various typo fixes.
Enhancements:
=============
Allow ReplyHandlers to indicate that no answer should be returned
by the Net::DNS::Nameserver.
Use a class method ReplyHandler for classes inheriting from
Net::DNS::Nameserver.
New improved version of the check_soa script in the contrib section.
Removed dependency on Net::IP
Perform presentation to wire format conversion more efficiently.
Manage serial numbers in SOA records in a modular and extensible way.
Three modules are provided. Strictly sequential, Date Encoded and
Time Encoded. A contribution from Dick Franks.
Provide a configurable IdleTimeout for Net::DNS::Namserver.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
PowerDNS with BIND backend
PR: ports/160308
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
audio/shoutcast Unfetchable; website rearranged
audio/linux-shoutcast Unfetchable; website rearranged
chinese/scim-chewing Does not configure
converters/py-cjkcodecs Integrated into every python version in the tree
databases/kpogre Does not compile
deskutils/mhc Does not fetch
deskutils/org-mode.el6 Does not fetch
deskutils/gemcal Does not fetch
devel/erlang-thrift Does not build
dns/domtools Does not fetch
editors/richtext Does not compile
games/vultures-claw Does not fetch
games/bomb Does not fetch
games/lgeneral-data Bad plist
games/linux-enemyterritory-jaymod Does not fetch
games/xphotohunter Does not fetch
graphics/gimpshop Fails to patch
graphics/lightspark-devel Does not compile
graphics/xmms-plazma Does not fetch
graphics/py-cgkit Does not fetch, does not compile on ia64, powerpc, or sparc64
japanese/rxvt Does not fetch, fails to build with new utmpx
japanese/epic4 Some distfiles do not fetch
java/jde Does not fetch
java/kaffe Does not fetch
korean/gdick HTMLs from the Yahoo! Korea Dictionary cannot be parsed, other runtime problems
korean/hanterm-xf86 Does not compile
korean/stardict2-dict-kr Does not fetch
lang/p5-JavaScript Does not fetch
lang/TenDRA Website disappeared; last release 2006, Does not compile on recent FreeBSD-9
mail/freepops Does not build
mail/itraxp Does not build
misc/tellico Leaves file behind on deinstall
net/gsambad Does not fetch
net/nocatauth-gateway Uses a UID registered to another port
net/nocatauth-server Uses a UID registered to another port
net/libosip2 Does not fetch
net/kmuddy Does not fetch
net/netboot Does not build
net-mgmt/jffnms Does not fetch
net-p2p/frostwire Does not fetch
net-p2p/azureus Does not fetch
news/cleanscore Does not fetch
news/nntpswitch Does not fetch
news/p5-NewsLib Does not fetch
russian/cyrproxy Does not fetch
science/gerris Does not fetch
security/opensaml Does not fetch
sysutils/wmbattery Does not fetch
sysutils/cpuburn No more public distfiles
textproc/tei-guidelines-p4 Does not fetch
textproc/tei-p4 Does not fetch
textproc/py-hyperestraier Does not fetch
textproc/tdtd.el Does not fetch
textproc/tei-lite Does not fetch
www/phpwiki13 Does not fetch
www/p5-Apache-Scoreboard Depends on mod_perl
www/p5-B-LexInfo Broken due the new mod_perl2 API
www/phpwiki Does not fetch
www/smb2www Apache13 is deprecated, migrate to 2.2.x+ now
www/spip Checksum is changing daily
www/monkey Does not fetch
x11-toolkits/jdic Does not fetch
x11-toolkits/py-kde Does not compile
|
| |
|
|
| |
Approved by: portmgr (miwi)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
had both lines:
Author: ...
WWW: ....
So standardize on that, and move them to the end of the file when necessary.
Also fix some more whitespace, and remove more "signature tags" of varying
forms, like -- name, etc.
s/AUTHOR/Author/
A few other various formatting issues
|
| |
|
|
|
|
|
|
| |
- Name
em@i.l
or variations thereof. While I'm here also fix some whitespace and other
formatting errors, including moving WWW: to the last line in the file.
|
| |
|
|
|
|
|
|
| |
my ports in the past 3 weeks while ports were broken on any 10.x
machines, which means I'm unable to maintain them. So let people know
that there's no available support for them until things are back to
normal (which also means that anyone with spare time will be able
to fix them without getting approval).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to new upstream regression fix release 2.59:
Fix regression in 2.58 which caused failure to start up
with some combinations of dnsmasq config and IPv6 kernel
network config. Thanks to Brielle Bruns for the bug
report.
Improve dnsmasq's behaviour when network interfaces are
still doing duplicate address detection (DAD). Previously,
dnsmasq would wait up to 20 seconds at start-up for the
DAD state to terminate. This is broken for bridge
interfaces on recent Linux kernels, which don't start DAD
until the bridge comes up, and so can take arbitrary
time. The new behaviour lets dnsmasq poll for an arbitrary
time whilst providing service on other interfaces. Thanks
to Stephen Hemminger for pointing out the problem.
Note the 2.59.tar.lzma tarball causes the startup banner to print
2.59rc1 which I deem harmless.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
no one has stepped up to deal with:
archivers/pecl-phar Vulnerable since 2011-01-13
comms/libsyncml Depends on devel/libsoup22, which is FORBIDDEN
databases/mysql323-server Vulnerable since 2006-10-29
databases/mysql323-client Vulnerable since 2006-10-29
databases/mysql323-scripts Vulnerable since 2006-10-29
databases/mysql40-server Vulnerable since 2006-10-29
databases/mysql40-client Vulnerable since 2006-10-29
databases/mysql40-scripts Vulnerable since 2006-10-29
databases/p5-DBD-mysql40
Depends on databases/mysql40-server, which is FORBIDDEN
deskutils/buoh Depends on devel/libsoup22, which is FORBIDDEN
deskutils/libopensync-plugin-syncml
Depends on comms/libsyncml, which is DEPRECATED
devel/libsoup22 Vulnerable since 2011-07-28
dns/bind9-sdb-ldap Vulnerable since 2011-06-04
dns/bind9-sdb-postgresql Vulnerable since 2011-06-04
ftp/wgetpro Vulnerable since 2004-12-14
games/quake2forge Vulnerable since 2005-01-21
graphics/linux-tiff Vulnerable since 2004-10-13
japanese/mutt Vulnerable since 2007-07-29
japanese/asterisk14-sounds Depends on net/asterisk14, which is FORBIDDEN
net/asterisk14 Vulnerable since 2011-06-25
net/isc-dhcp31-client Vulnerable since 2011-04-10
net/isc-dhcp31-server Vulnerable since 2011-04-10
net/isc-dhcp31-relay Vulnerable since 2011-04-10
net/asterisk-app-ldap Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-app-notify Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-oh323
Depends on net/asterisk14, which is FORBIDDEN, does not compile on sparc64
net/asterisk14-addons Depends on net/asterisk14, which is FORBIDDEN
net/astfax Depends on net/asterisk14, which is FORBIDDEN
net-mgmt/nagios2 Vulnerable since 2009-06-30
www/gforge Vulnerable since 2005-08-09
www/linux-flashplugin7 Vulnerable since at least 2008-05-30
www/opera-devel Vulnerable since 2010-06-25, does not fetch
www/plone3 Vulnerable and unsupported upstream
www/serendipity-devel Vulnerable since 2008-04-25
www/ziproxy Vulnerable since 2010-06-15
www/asterisk-gui Depends on net/asterisk14, which is FORBIDDEN
x11-toolkits/linux-pango Vulnerable since 2009-05-13
|
| |
|
|
|
|
|
| |
radns.c:164: error: redefinition of 'struct nd_opt_rdnss'
radns.c:177: error: redefinition of 'struct nd_opt_dnssl'
Reported by: pointyhat
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
- Pet portlint(1)
PR: ports/161336
Submitted by: Simon Olofsson <simon@olofsson.de>
|
| |
|
|
|
|
|
| |
- Fix up whitespace
PR: ports/161133
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This version of nsd is end of life since 2007 and unsupported.
See the details at http://nlnetlabs.nl/projects/nsd/nsd-v2.html.
The current version also contains a vulnerability. It is much
more sensible to move to a supported version (as available in
the port dns/nsd).
PR: ports/161122
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DEPRECATED without EXPIRATION_DATE, and the ports that depend
on them.
audio/mt-daapd
Use audio/firefly instead
databases/p5-DBIx-Class-Validation
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
devel/p5-Class-Data-Accessor
Please consider using p5-Class-Accessor-Grouped or p5-Moose
graphics/libflash
gplflash is no longer supported. Please use gnash instead
graphics/flashplayer
Depends on DEPRECATED graphics/libflash
japanese/p5-FormValidator-Simple-Plugin-Number-Phone-JP
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
net/p5-OAuth-Lite
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
net-mgmt/py-snmp
use net-mgmt/py-snmp4 instead
net-mgmt/py-twistedSNMP
Relies on net-mgmt/py-snmp, which is DEPRECATED
net-p2p/gift
unmaintained upstream for several years
net-p2p/giftcurs
unmaintained upstream for several years
net-p2p/giftoxic
unmaintained upstream for several years
net-p2p/giftui
unmaintained upstream for several years
net-p2p/apollon
Depends on net-p2p/gift, which is DEPRECATED
textproc/p5-FormValidator-Simple
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/flashplugin-mozilla
gplflash is no longer supported. Please use graphics/gnash, \
www/p5-HTML-Widget
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/p5-Catalyst-Plugin-AutoRestart
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/p5-Catalyst-Example-InstantCRUD
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/p5-Catalyst-Plugin-FormValidator-Simple
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
www/p5-Catalyst-Plugin-HTML-Widget
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/asterisk-fop
Depends on www/flashplugin-mozilla which is DEPRECATED
www/p5-Handel
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
www/p5-DBIx-Class-HTMLWidget
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/p5-HTML-Widget-DBIC
Disappear from CPAN
x11-wm/fvwm24
No longer supported by fvwm.org
|
| |
|
|
|
|
|
|
|
|
|
|
| |
radns is an IPv6 DNS server address autoconfiguration client. It
listens for IPv6 Router Advertisements with the Recursive DNS Server
(RDNSS) and the DNS Search List (DNSSL) options and stores the search
list and address(es) in a file in the same syntax as resolv.conf(5).
WWW: http://hack.org/mc/hacks/radns/
PR: ports/159626
Submitted by: Michael Cardell Widerkrantz <mc@hack.org>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
2 weeks according to portaudit (ranging from 23 days to 7 years).
The maintainers were notified by mail that this action would be taken
on 2011-09-03. (Ports for which maintainers responded have been/will be
dealt with separately.)
Also mark DEPRECATED ports that rely on the FORBIDDEN ports, and a few
ports that rely on those DEPRECATED ports.
|
| | |
|
| |
|
|
|
|
| |
http://lists.freebsd.org/pipermail/cvs-all/2011-July/341217.html
Approved by: maintainer timeout (2 months)
|
| |
|
|
|
|
|
|
|
| |
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead
PR: 157936
Submitted by: myself
Exp-runs by: pav
Approved by: pav
|
| |
|
|
|
| |
PR: ports/160828
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
| |
Pointy hat to: vsevolod
|
| |
|
|
| |
With hat: perl
|
| | |
|
| |
|
|
|
| |
PR: ports/159920
Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu> (maintainer)
|
| |
|
|
|
| |
PR: 160677
Submitted by: sthalik@tehran.lain.pl
|
| |
|
|
|
|
|
|
|
| |
postgresql.
WWW: https://www.isc.org/software/bind/
PR: ports/157752
Submitted by: Josh Carroll <josh.carroll@gmail.com>
|
| |
|
|
|
|
|
|
| |
- Update files/pkg-message.in [1]
PR: ports/160441
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
Approved by: maintainer ([1] via mail)
|
| |
|
|
| |
Changes: http://search.cpan.org/dist/Net-Domain-TLD/Changes
|
| |
|
|
|
|
|
| |
See http://wiki.freebsd.org/Perl for details.
- Change maintainership from ports@ to perl@ for ports in this changeset.
With perl@ hat
|
| |
|
|
| |
Thank you for volunteering.
|
| |
|
|
|
|
|
|
| |
- Update MASTER_SITES
- Add LICENSE
Reviewed by: lwhsu@
Approved by: jadawin@ (mentor)
|
| |
|
|
|
| |
PR: ports/160344
Submitted by: Viktor Gal <wiking@maeth.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2011-09-01 deskutils/xopps: No more public distfiles
2011-09-01 devel/adocman: No more public distfiles
2011-09-01 devel/bisongen: No more public distfiles
2011-09-01 devel/crow: BROKEN for more than 6 month
2011-09-01 devel/p5-Config-INI-MVP: Disappear from CPAN
2011-09-01 devel/p5-Date-Set: Disappear from CPAN
2011-09-01 devel/p5-File-FTS: No more public distfiles
2011-09-01 devel/p5-PerlMenu: No more public distfiles
2011-09-01 devel/p5-Proc-PIDFile: No more public distfiles
2011-09-01 devel/p5-UNIVERSAL-exports: Disappear from CPAN
2011-09-01 devel/ruby-rbtree: No Master Site
2011-09-01 dns/host: No more public distfiles
2011-09-01 emulators/linux-padjoy: No more public distfiles
2011-09-01 emulators/mame-extras: No more public distfiles
2011-09-01 emulators/snespp: BROKEN for more than 6 month
2011-09-01 emulators/xgs: No more public distfiles
2011-09-01 ftp/gproftpd: No more public distfiles
2011-09-01 ftp/muddleftpd: No more public distfiles
|
| |
|
|
|
|
|
|
| |
https://deepthought.isc.org/article/AA-00446/81/
or
/usr/local/share/doc/bind98/CHANGES
Remove the patch incorporated upstream, and add new include to plist.
|
| | |
|
| |
|
|
|
|
| |
Changes: http://thekelleys.org.uk/dnsmasq/CHANGELOG
Suggested by: Loic Pefferkorn.
|
| |
|
|
| |
Approved by: bapt (mentor)
|
| |
|
|
| |
Approved by: bapt (mentor)
|
| |
|
|
|
|
|
|
|
| |
- Pass maintainership to submitter (thank you for volunteering)
- Add LICENSE
- Unbreak -- fix dependencies
PR: ports/158948
Submitted by: Jason Helfman <jhelfman@experts-exchange.com>
|
| |
|
|
|
| |
PR: ports/159741
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
| |
|
|
|
|
|
| |
mid 2008.
PR: ports/159624
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
|
| |
|
|
|
|
|
| |
- Fixes compilation on systems that don't have math/gmp installed
PR: ports/159617
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
| |
|
|
|
| |
PR: ports/159349
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
| |
|
|
|
|
|
|
|
| |
- Make use of CPAN:USER macro
- Correct LICENSE (ART10 instead of ART20)
- Pet portlint(1) by reordering LICENSE section
PR: ports/159314
Submitted by: Jase Thew <freebsd@beardz.net> (maintainer)
|
| |
|
|
| |
With hat: ruby@
|
| |
|
|
|
| |
PR: ports/159394
Submitted by: ports@eitanadler.com
|
| |
|
|
|
|
| |
- Add LICENSE (Artistic 1 & GPLv1)
Changes: http://search.cpan.org/dist/Net-DNS-Lite/Changes
|
| | |
|
| | |
|
| |
|
|
| |
ftp://ftp.isc.org/isc/bind9/9.7.4/RELEASE-NOTES-BIND-9.7.4.html
|
| | |
|
| |
|
|
|
|
| |
and improvements:
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5/RELEASE-NOTES-BIND-9.6-ESV.html
|
| | |
|
| |
|
|
|
|
|
|
| |
Add LICENSE
PR: ports/159199
Submitted by: Rob Farmer <rfarmer@predatorlabs.net> (maintainer) [1]
Approved by: tabthorpe (mentor)
|
| |
|
|
| |
2011-07-25 dns/dhid: Unmaintained, distfile has changed with no explanation
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
remove support for them from bsd.java.mk. As Jikes is not available in Java 1.5
or higher, remove it from bsd.java.mk too (suggested by hq@) and from the ports
which used it (only occurences were USE_JIKES=no). Support for the Blackdown VM
is also removed, as it is not available in Java 1.5 and higher.
Also remove the mapping from Java 1.1-1.4 to Java 1.5+ in bsd.java.mk to detect
old, broken ports; therefore bump the minimal value of JAVA_VERSION to 1.5.
While here, replace static values of JAVA_VERSION in files/*.in by
%%JAVA_VERSION%% .
PR: ports/158969
Submitted by: rene
Tested on: pointyhat-west -exp
|
| |
|
|
|
|
|
|
| |
- Stop clobbering config files on deinstall
PR: ports/157854
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com>
Approved by: rene (mentor, implicit), maintainer timeout (14 days)
|
| |
|
|
|
|
|
| |
Problem pointed out in the PR
PR: conf/155006
Submitted by: Helmut Schneider <jumper99@gmx.de>
|
| | |
|
| |
|
|
| |
Approved by: wxs@ (mentor)
|
| |
|
|
|
|
| |
PR: ports/158865
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Approved by: bapt (mentor)
|
| |
|
|
|
| |
- Disable GOST by default
- Depend on dns/ldns
|
| |
|
|
|
|
| |
PR: ports/158785
Submitted by: Hung-Yi Chen <gaod@hychen.org> (maintainer)
Approved by: bapt (mentor, implicit)
|
| |
|
|
|
| |
PR: ports/156029
Approved by: rene (mentor, implicit), maintainer (linimon, in PR close message)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Add SPF support
- Added rotation of name servers - SF Patch ID: 2795929.
- Address sourceforge patch requests 2981978, 2795932 to add revlookupall
and raise DNSError instead of IndexError on server fail.
- Use blocking IO with timeout for TCP replies.
- Don't try to close socket when never opened.
- Clarify CNRI (academic-style) license.
PR: ports/156029
Submited by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
|
| |
|
|
|
|
| |
PR: ports/157597
Submitted by: crees (me)
Reviewed by: rene (mentor, implicit), maintainer timeout (sem, 34 days)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ALL BIND USERS ENCOURAGED TO UPGRADE IMMEDIATELY
This update addresses the following vulnerabilities:
CVE-2011-2464
=============
Severity: High
Exploitable: Remotely
Description:
A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code location
of the defect makes it impossible to protect BIND using ACLs configured
within named.conf or by disabling any features at compile-time or run-time.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
https://www.isc.org/software/bind/advisories/cve-2011-2464
CVE-2011-2465
=============
Severity: High
Exploitable: Remotely
Description:
A defect in the affected versions of BIND could cause the "named" process
to exit when queried, if the server has recursion enabled and was
configured with an RPZ zone containing certain types of records.
Specifically, these are any DNAME record and certain kinds of CNAME
records.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2465
https://www.isc.org/software/bind/advisories/cve-2011-2465
Additional changes in this version:
* If named is configured to be both authoritative and resursive and
receives a recursive query for a CNAME in a zone that it is
authoritative for, if that CNAME also points to a zone the server
is authoritative for, the recursive part of name will not follow
the CNAME change and the response will not be a complete CNAME
chain. [RT #24455]
Thus the patch for this bug has been removed from the port
* Using Response Policy Zone (RPZ) to query a wildcard CNAME label
with QUERY type SIG/RRSIG, it can cause named to crash. Fix is
query type independant. [RT #24715] [CVE-2011-1907]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY
This update addresses the following vulnerability:
CVE-2011-2464
=============
Severity: High
Exploitable: Remotely
Description:
A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code location
of the defect makes it impossible to protect BIND using ACLs configured
within named.conf or by disabling any features at compile-time or run-time.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
https://www.isc.org/software/bind/advisories/cve-2011-2464
|
| |
|
|
|
| |
PR: ports/157601
Approved by: rene (mentor, implicit)
|
| |
|
|
|
|
| |
PR: ports/157587
Submitted by: Chris Rees <utisoft@gmail.com>
Approved by: rene (mentor)
|
| | |
|
| |
|
|
|
| |
Add missing #include <string.h> in dns.c (adds files/patch-dns.c)
Fix obvious format string error in html.c (adds files/patch-html.c)
|
| |
|
|
|
|
| |
PR: ports/157578
Submitted by: Chris Rees (utisoft@gmail.com)
Approved by: tabthorpe (co-mentor)
|
| |
|
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Net-Amazon-Route53/Changes
PR: ports/158288
Submitted by: Jin-Sih Lin <linpct@gmail.com>
Approved by: Jui-Nan Lin <jnlin@csie.nctu.edu.tw> (maintainer)
|
| |
|
|
|
|
|
|
|
| |
directly
Expires in one month
PR: ports/157603
Approved by: rene (mentor)
|
| |
|
|
| |
- Save redirects s/http/https/ for github
|
| |
|
|
|
| |
PR: ports/158180
Submitted by: Niclas Zeising <niclas.zeising@gmail.com>
|
| |
|
|
|
|
|
|
| |
- Add LICENSE.
PR: ports/157675
Submitted by: Ryan Steinmetz <rpsfa@rit.edu>
Approved by: maintainer timeout
|
| |
|
|
|
|
|
| |
See http://wiki.freebsd.org/Perl for details.
- Change maintainership from ports@ to perl@ for ports in this changeset.
- Remove MD5 checksum
- Utilize CPAN macro
|
| |
|
|
|
|
| |
See http://wiki.freebsd.org/Perl for details.
- Change maintainership from ports@ to perl@ for ports in this changeset.
- Remove MD5 checksum
|
| |
|
|
|
|
|
|
|
| |
OO interface and an extensible API
WWW: http://rubygems.org/gems/net-dns
PR: ports/158012
Submitted by: rpsfa at rit.edu
|
| | |
|
| | |
|
| |
|
|
|
|
| |
While I am here, use GOOGLE_CODE instead of ${MASTER_SITE_GOOGLE_CODE}
Approved by: bapt (mentor)
|
| |
|
|
|
|
| |
- Add build depend to silence build warning
Changes: http://search.cpan.org/dist/Net-Domain-ExpireDate/Changes
|
| |
|
|
|
|
|
|
|
| |
implementation of applications for domain name checking.
WWW: http://search.cpan.org/dist/Net-DNS-Check/
PR: ports/157445
Submitted by: Ryan Steinmetz <rpsfa@rit.edu>
|
| |
|
|
|
| |
PR: ports/157478
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| | |
|
| |
|
|
| |
Submitted by: Craig Leres <leres@ee.lbl.gov>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.
This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.
2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.
Add a patch provided by ru@ and confirmed by ISC to fix a crash at
shutdown time when a SIG(0) key is being used.
Add a patch from ISC that will be in 9.8.1 to handle intermittent
failure of recursive queries involving CNAMEs and previously cached
responses.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.
This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.
2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.
Add a patch provided by ru@ and confirmed by ISC to fix a crash at
shutdown time when a SIG(0) key is being used.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.
This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.
2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.
|
| |
|
|
| |
* CVE-2011-1922 VU#531342 fixed
|
| | |
|
| |
|
|
| |
gracefully provided by danfe.
|
| |
|
|
|
|
|
|
|
| |
blacklist for quick and non browser plugin based ad blocking.
WWW: http://opensource.conformal.com/wiki/Adsuck
PR: ports/156644
Submitted by: Philippe Pepiot <phil@philpep.org>
|
| |
|
|
|
|
|
|
|
| |
Certain response policy zone configurations could trigger an INSIST
when receiving a query of type RRSIG.
https://www.isc.org/CVE-2011-1907
This vulnerability is only possible if you have enable the new RPZ feature.
|
| | |
|
| |
|
|
|
|
|
| |
- Add LICENSE
PR: ports/156804
Submitted by: Jase Thew <freebsd@beardz.net> (maintainer)
|
| |
|
|
| |
- Bump PORTREVISION
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The Net::Amazon::Route53 Perl module allows you to manage DNS
records for your domains via Amazon's Route 53 service.
For more information, visit http://aws.amazon.com/route53/
WWW: http://search.cpan.org/dist/Net-Amazon-Route53/
PR: ports/156611, ports/156661
Submitted by: Jui-Nan Lin <jnlin@csie.nctu.edu.tw>
|
| | |
|
| |
|
|
|
| |
PR: 156419
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
|
| |
|
|
|
|
|
| |
- Improve ident for syslog messages to only show "maradns:" instead of "/usr/local/sbin/maradns:"
- Bump PORTREVISION
Submitted by: n j <nino80@gmail.com>
|
| |
|
|
|
|
| |
PR: 156069
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru>
Approved by: maintainer
|
| |
|
|
|
|
|
| |
discovery. This method of service discovery is branded as Bonjour by
Apple Computer.
WWW: http://search.cpan.org/dist/Net-Bonjour/
|
