Pullup ticket #4901 - requested by taca
net/bind910: security fix

Revisions pulled up:
- net/bind910/Makefile                                          1.15
- net/bind910/distinfo                                          1.14

---
  Module Name:    pkgsrc
  Committed By:  taca
  Date:          Wed Jan 20 02:15:58 UTC 2016

  Modified Files:
          pkgsrc/net/bind910: Makefile distinfo

  Log Message:
  Update bind910 to 9.10.3pl3 (BIND 9.10.3-P3).

  Security Fixes

        * Specific APL data could trigger an INSIST. This flaw was discovered
          by Brian Mitchell and is disclosed in CVE-2015-8704. [RT #41396]
        * Certain errors that could be encountered when printing out or
          logging an OPT record containing a CLIENT-SUBNET option could be
          mishandled, resulting in an assertion failure. This flaw was
          discovered by Brian Mitchell and is disclosed in CVE-2015-8705. [RT
          #41397]
        * Named is potentially vulnerable to the OpenSSL vulnerabilty
          described in CVE-2015-3193.
        * Insufficient testing when parsing a message allowed records with an
          incorrect class to be be accepted, triggering a REQUIRE failure
          when those records were subsequently cached. This flaw is disclosed
          in CVE-2015-8000. [RT #40987]
        * Incorrect reference counting could result in an INSIST failure if a
          socket error occurred while performing a lookup. This flaw is
          disclosed in CVE-2015-8461. [RT#40945]

  New Features

        * None.

  Feature Changes

        * Updated the compiled in addresses for H.ROOT-SERVERS.NET.

  Bug Fixes

        * Authoritative servers that were marked as bogus (e.g. blackholed in
          configuration or with invalid addresses) were being queried anyway.
          [RT #41321]

(bsiegert)