---
- branch: MAIN
  date: Tue May 19 10:23:04 UTC 2020
  files:
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/net/bind914/Makefile
    pathrev: pkgsrc/net/bind914/Makefile@1.21
    type: modified
  - new: '1.15'
    old: '1.14'
    path: pkgsrc/net/bind914/distinfo
    pathrev: pkgsrc/net/bind914/distinfo@1.15
    type: modified
  id: 20200519T102304Z.dfe97a39e26b150b537473de6cea7b6f29c59463
  log: "net/bind914: update to 9.14.12\n\nUpdate bind914 to 9.14.12 (BIND 9.14.12).\n\nNote
    from release announce:\n\nBIND 9.14.12 is the final planned release in the now
    End-of-Life (EOL)\n9.14 branch.\n\n\t--- 9.14.12 released ---\n\n5395.\t[security]\tFurther
    limit the number of queries that can be\n\t\t\ttriggered from a request.  Root
    and TLD servers\n\t\t\tare no longer exempt from max-recursion-queries.\n\t\t\tFetches
    for missing name server address records\n\t\t\tare limited to 4 for any domain.
    (CVE-2020-8616)\n\t\t\t[GL #1388]\n\n5390.\t[security]\tReplaying a TSIG BADTIME
    response as a request could\n\t\t\ttrigger an assertion failure. (CVE-2020-8617)\n\t\t\t[GL
    #1703]\n\n5376.\t[bug]\t\tFix ineffective DNS rebinding protection when BIND is\n\t\t\tconfigured
    as a forwarding DNS server. Thanks to Tobias\n\t\t\tKlein. [GL #1574]\n\n5358.\t[bug]\t\tInline
    master zones whose master files were touched\n\t\t\tbut otherwise unchanged and
    were subsequently reloaded\n\t\t\tmay have stopped re-signing. [GL !3135]\n\n5357.\t[bug]\t\tNewly
    added RRSIG records with expiry times before\n\t\t\tthe previous earliest expiry
    times might not be\n\t\t\tre-signed in time.  This was a side effect of 5315.\n\t\t\t[GL
    !3137]\n"
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/net/bind914'
  unixtime: '1589883784'
  user: taca