--- - branch: pkgsrc-2023Q4 date: Tue Feb 13 16:45:51 UTC 2024 files: - new: 1.24.2.1 old: '1.24' path: pkgsrc/net/bind918/Makefile pathrev: pkgsrc/net/bind918/Makefile@1.24.2.1 type: modified - new: 1.1.10.1 old: '1.1' path: pkgsrc/net/bind918/buildlink3.mk pathrev: pkgsrc/net/bind918/buildlink3.mk@1.1.10.1 type: modified - new: 1.13.2.1 old: '1.13' path: pkgsrc/net/bind918/distinfo pathrev: pkgsrc/net/bind918/distinfo@1.13.2.1 type: modified - new: 1.1.10.1 old: '1.1' path: pkgsrc/net/bind918/patches/patch-lib_dns_rbtdb.c pathrev: pkgsrc/net/bind918/patches/patch-lib_dns_rbtdb.c@1.1.10.1 type: modified - new: 1.1.10.1 old: '1.1' path: pkgsrc/net/bind918/patches/patch-lib_isc_netmgr_netmgr.c pathrev: pkgsrc/net/bind918/patches/patch-lib_isc_netmgr_netmgr.c@1.1.10.1 type: modified id: 20240213T164551Z.4081f2ea5bee1dfceef6b328319272fa710bb30a log: "Pullup ticket #6835 - requested by taca\nnet/bind918: security fix\n\nRevisions pulled up:\n- net/bind918/Makefile 1.25-1.27\n- net/bind918/buildlink3.mk 1.2\n- net/bind918/distinfo \ 1.14-1.15\n- net/bind918/patches/patch-lib_dns_rbtdb.c \ 1.2\n- net/bind918/patches/patch-lib_isc_netmgr_netmgr.c \ 1.2\n\n---\n Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tFri Jan 5 01:52:20 UTC 2024\n\n Modified Files:\n \tpkgsrc/net/bind918: Makefile distinfo\n\n Log Message:\n net/bind918: update to 9.18.21\n\n 9.18.21 (2023-12-20)\n\n \ 6297.\t[bug]\t\tImprove LRU cleaning behaviour. [GL #4448]\n\n 6296.\t[func]\t\tThe \"resolver-nonbackoff-tries\" and\n \t\t\t\"resolver-retry-interval\" options are deprecated;\n \t\t\ta warning will be logged if they are used. [GL #4405]\n\n \ 6294.\t[bug]\t\tBIND might sometimes crash after startup or\n \t\t\tre-configuration when one 'tls' entry is used multiple\n \t\t\ttimes to connect to remote servers due to initialisation\n \t\t\tattempts from contexts of multiple threads. That has\n \t\t\tbeen fixed. [GL #4464]\n\n 6290.\t[bug]\t\tDig +yaml will now report \"no servers could be reached\"\n \t\t\talso for UDP setup failure when no other servers or\n \t\t\ttries are left. [GL #1229]\n\n 6287.\t[bug]\t\tRecognize escapes when reading the public key from file.\n \t\t\t[GL !8502]\n\n 6286.\t[bug]\t\tDig +yaml will now report \"no servers could be reached\"\n \t\t\ton TCP connection failure as well as for UDP timeouts.\n \t\t\t[GL #4396]\n\n 6282.\t[func]\t\tDeprecate AES-based DNS cookies. [GL #4421]\n\n---\n Module Name:\tpkgsrc\n Committed By:\tadam\n Date:\t\tTue Jan 30 18:29:21 UTC 2024\n\n Modified Files:\n \tpkgsrc/audio/libilbc: Makefile\n \tpkgsrc/audio/termusic: Makefile\n \tpkgsrc/biology/plinkseq: Makefile\n \tpkgsrc/chat/ekg: Makefile\n \tpkgsrc/chat/libgadu: Makefile buildlink3.mk\n \ \tpkgsrc/databases/postgresql-postgis2: Makefile\n \tpkgsrc/devel/abseil: buildlink3.mk\n \tpkgsrc/devel/compizconfig-backend-gconf: Makefile buildlink3.mk\n \ \tpkgsrc/devel/cre2: Makefile\n \tpkgsrc/devel/libcompizconfig: Makefile buildlink3.mk\n \tpkgsrc/devel/protobuf: Makefile buildlink3.mk\n \tpkgsrc/devel/protobuf-c: Makefile buildlink3.mk\n \tpkgsrc/devel/py-compizconfig: Makefile buildlink3.mk\n \ \tpkgsrc/devel/re2: Makefile buildlink3.mk\n \tpkgsrc/graphics/opencv: Makefile buildlink3.mk\n \tpkgsrc/graphics/opencv-contrib-face: Makefile buildlink3.mk\n \ \tpkgsrc/graphics/py-Willow: Makefile\n \tpkgsrc/inputmethod/fcitx5-mozc: Makefile\n \tpkgsrc/misc/libreoffice: Makefile\n \tpkgsrc/net/bind916: Makefile\n \ \tpkgsrc/net/bind918: Makefile\n \tpkgsrc/net/dnsdist: Makefile\n \tpkgsrc/net/frr: Makefile\n \tpkgsrc/net/grpc: Makefile buildlink3.mk\n \tpkgsrc/net/mosh: Makefile\n \tpkgsrc/net/py-grpcio: Makefile\n \tpkgsrc/net/py-grpcio-tools: Makefile\n \tpkgsrc/net/qt6-qtgrpc: Makefile buildlink3.mk\n \tpkgsrc/net/ratman: Makefile\n \tpkgsrc/net/unbound: Makefile\n \tpkgsrc/sysutils/collectd-grpc: Makefile\n \tpkgsrc/sysutils/collectd-pinba: Makefile\n \tpkgsrc/sysutils/collectd-riemann: Makefile\n \tpkgsrc/sysutils/collectd-write_prometheus: Makefile\n \tpkgsrc/sysutils/riemann-client: Makefile\n \tpkgsrc/wm/ccsm: Makefile\n\n Log Message:\n revbump for devel/abseil\n\n---\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tFri Jan 5 01:53:35 UTC 2024\n\n Modified Files:\n \tpkgsrc/net/bind918: buildlink3.mk\n\n Log Message:\n net/bind918: fix BUILDLINK_ABI_DEPENDS\n\n We have 9.8.21 but not yet 9.18.30nb1.\n\n---\n Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tTue Feb 13 13:50:39 UTC 2024\n\n Modified Files:\n \tpkgsrc/net/bind918: Makefile distinfo\n \tpkgsrc/net/bind918/patches: patch-lib_dns_rbtdb.c\n \t patch-lib_isc_netmgr_netmgr.c\n\n \ Log Message:\n net/bind918: update to 9.18.24\n\n 9.18.24 (2024-02-13)\n\n \ \t--- 9.18.24 released ---\n\n 6343.\t[bug]\t\tFix case insensitive setting for isc_ht hashtable.\n \t\t\t[GL #4568]\n\n \t--- 9.18.23 released ---\n\n \ 6322.\t[security]\tSpecific DNS answers could cause a denial-of-service\n \t\t\tcondition due to DNS validation taking a long time.\n \t\t\t(CVE-2023-50387) [GL #4424]\n\n \ 6321.\t[security]\tChange 6315 inadvertently introduced regressions that\n \ \t\t\tcould cause named to crash. [GL #4234]\n\n 6320.\t[bug]\t\tUnder some circumstances, the DoT code in client\n \t\t\tmode could process more than one message at a time when\n \t\t\tthat was not expected. That has been fixed. [GL #4487]\n\n \t--- 9.18.22 released ---\n\n 6319.\t[func]\t\tLimit isc_task_send() overhead for RBTDB tree pruning.\n \t\t\t[GL #4383]\n\n 6317.\t[security]\tRestore DNS64 state when handling a serve-stale timeout.\n \t\t\t(CVE-2023-5679) [GL #4334]\n\n 6316.\t[security]\tSpecific queries could trigger an assertion check with\n \t\t\tnxdomain-redirect enabled. (CVE-2023-5517) [GL #4281]\n\n 6315.\t[security]\tSpeed up parsing of DNS messages with many different\n \t\t\tnames. (CVE-2023-4408) [GL #4234]\n\n 6314.\t[bug]\t\tAddress race conditions in dns_tsigkey_find().\n \ \t\t\t[GL #4182]\n\n 6312.\t[bug]\t\tConversion from NSEC3 signed to NSEC signed could\n \t\t\ttemporarily put the zone into a state where it was\n \t\t\ttreated as unsigned until the NSEC chain was built.\n \t\t\tAdditionally conversion from one set of NSEC3 parameters\n \t\t\tto another could also temporarily put the zone into a\n \t\t\tstate where it was treated as unsigned until the new\n \ \t\t\tNSEC3 chain was built. [GL #1794] [GL #4495]\n\n 6310.\t[bug]\t\tMemory leak in zone.c:sign_zone. When named signed a\n \t\t\tzone it could leak dst_keys due to a misplaced\n \t\t\t'continue'. [GL #4488]\n\n 6306.\t[func]\t\tLog more details about the cause of \"not exact\" errors.\n \t\t\t[GL #4500]\n\n \ 6304.\t[bug]\t\tThe wrong time was being used to determine what RRSIGs\n \t\t\twhere to be generated when dnssec-policy was in use.\n \t\t\t[GL #4494]\n\n 6302.\t[func]\t\tThe \"trust-anchor-telemetry\" statement is no longer\n \t\t\tmarked as experimental. This silences a relevant log\n \t\t\tmessage that was emitted even when the feature was\n \t\t\texplicitly disabled. [GL #4497]\n\n 6300.\t[bug]\t\tFix statistics export to use full 64 bit signed numbers\n \t\t\tinstead of truncating values to unsigned 32 bits.\n \t\t\t[GL #4467]\n\n 6299.\t[port]\t\tNetBSD has added 'hmac' to libc which collides with our\n \t\t\tuse of 'hmac'. [GL #4478]\n" module: pkgsrc subject: 'CVS commit: [pkgsrc-2023Q4] pkgsrc/net/bind918' unixtime: '1707842751' user: bsiegert