aboutsummaryrefslogtreecommitdiffstats
path: root/main/bind/APKBUILD
Commit message (Collapse)AuthorAgeFilesLines
* main/bind: make sure all patches are appliedNatanael Copa2019-05-031-8/+5
| | | | This fixes builds on non-x86
* main/bind: security upgrade to 9.11.6_p1 (CVE-2018-5743,CVE-2019-6467)Natanael Copa2019-05-031-6/+41
| | | | | | | | | | | | | | | | | This release introduced 3 new tools with python dependency (dnssec-checkdns, dnssec-coverage and dnssec-keymgr). Move those tools to a subpackage, bind-dnssec-tools, to avoid unexpectedly pull in python as dependency for stable upgraders. There are other tools in bind-tools that belongs to bind-dnssec-tools, but we dont move those in a stable branch to avoid breaking things for current users. Include patch to fix build on non-x86: https://gitlab.isc.org/isc-projects/bind9/commit/d72f436b7d7c697b262968c48c2d7643069ab17f https://lists.isc.org/pipermail/bind-users/2019-April/101673.html fixes #10371
* main/bind: security upgrade to 9.11.5_p4tcely2019-04-121-3/+8
| | | | | | | | | | | | | | | | | | https://ftp.isc.org/isc/bind9/9.11.5-P4/RELEASE-NOTES-bind-9.11.5-P4.html - CVE-2019-6465 - CVE-2018-5745 - CVE-2018-5744 - CVE-2018-5740 - CVE-2018-5738 Fixes #10169 With the release of BIND 9.11.0, ISC changed to the open source license for BIND from the ISC license to the Mozilla Public License (MPL 2.0). BIND 9.11 (Extended Support Version) will be supported until at least December, 2021.
* main/bind: security upgrade to 9.11.5 (CVE-2018-5741)Natanael Copa2018-11-291-2/+4
| | | | fixes #9465
* main/bind: security upgrade to 9.11.4_p1 (CVE-2018-5740)Natanael Copa2018-09-101-2/+4
| | | | fixes #9360
* main/bind: security upgrade to 9.11.3Jakub Jirutka2018-05-241-2/+8
|
* main/bind: security upgrade to 9.11.2-P1 (CVE-2017-3145)Leonardo Arena2018-02-081-3/+5
| | | | Fixes #8418
* main/bind: fix for CVE-2017-3142 and CVE-2017-3143. Fixes #7497Francesco Colista2017-08-071-2/+2
|
* main/bind: fix for CVE-2017-3142 and CVE-2017-3143. Fixes #7497Francesco Colista2017-08-071-2/+7
|
* main/bind: security upgrade to 9.11.1_p1 (CVE-2017-3140)Natanael Copa2017-06-161-3/+3
| | | | fixes #7438
* main/bind: rebuild against libressl 2.5Natanael Copa2017-04-181-1/+1
|
* main/bind: security upgrade to 9.11.0_p5 - fixes #7141Sergey Lukin2017-04-141-2/+6
| | | | | | CVE-2017-3136: An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" CVE-2017-3137: A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME CVE-2017-3138: named exits with a REQUIRE assertion failure if it receives a null command string on its control channel
* main/bind: security upgrade to 9.11.0_p3 (CVE-2017-3135)Natanael Copa2017-02-091-21/+3
| | | | fixes #6828
* main/bind: dont create homedir for bind userNatanael Copa2017-01-241-1/+1
| | | | | We dont want copy the content of /etc/skel to /etc/bind ref #6725
* main/bind: Upgrade to 9.11.0-P2.Przemyslaw Pawelczyk2017-01-171-4/+4
| | | | | | | | | | | | | | https://www.isc.org/downloads/bind/bind-9-11-new-features/ https://deepthought.isc.org/article/AA-01446/0/BIND-9.11.0-P2-Release-Notes.html https://kb.isc.org/article/AA-00913/74/BIND-9-Security-Vulnerability-Matrix.html Release notes mention addressing issue described in: CVE-2016-9778: An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c but it's not present in 9.10.x, so it's not a security upgrade.
* main/bind: security upgrade to 9.10.4_p5 - fixes #6675Sergei Lukin2017-01-131-8/+15
| | | | | | CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure
* main/bind: security upgrade to 9.10.4_p4 (CVE-2016-8864)Natanael Copa2016-11-021-5/+5
|
* main/bind: rebuild against libresslNatanael Copa2016-10-101-2/+2
|
* main/bind: security upgrade to 9.10.4_p3 (CVE-2016-2776)Natanael Copa2016-09-281-4/+4
| | | | fixes #6223
* main/bind: security upgrade to 9.10.4_p2 (CVE-2016-2775)Natanael Copa2016-07-251-5/+5
| | | | fixes #5951
* main/bind: rebuild with libxml2. Fixes #5711Francesco Colista2016-06-271-3/+3
|
* main/bind: upgrade to 9.10.4_p1Natanael Copa2016-05-271-5/+5
|
* main/bind: upgrade to 9.10.4Natanael Copa2016-05-161-5/+5
|
* main/[various]: bump pkgrel for pre-install fixesPrzemyslaw Pawelczyk2016-04-251-1/+1
|
* main/bind: security upgrade to 9.10.3_p4 ↵Natanael Copa2016-03-101-5/+5
| | | | | | (CVE-2016-1285,CVE-2016-1286,CVE-2016-2088) fixes #5243
* main/bind: remove /var/log/namedKaarle Ritvanen2016-02-041-2/+1
| | | | not used by default configuration
* main/bind: security upgrade to 9.10.3_p3 (CVE-2015-8704,CVE-2015-8705)Natanael Copa2016-01-201-4/+4
|
* main/bind: security upgrade to 9.10.3_p2 (CVE-2015-8461,CVE-2015-8000)Natanael Copa2015-12-161-5/+5
| | | | fixes #4956
* main/bind: move dnssec to -tools subpackageSören Tempel2015-11-161-7/+21
|
* main/bind: upgrade to 9.10.3Natanael Copa2015-09-171-4/+4
|
* Do not delete *.la files manuallyBartłomiej Piotrowski2015-09-101-1/+0
| | | | | Since abuild v2.22.0, these are removed automatically unless 'libtool' option has been specified.
* main/bind: upgrade to 9.10.2_p4Natanael Copa2015-09-071-5/+5
|
* main/bind: user libcap for capabilitiesNatanael Copa2015-08-131-2/+2
|
* main/bind: upgrade to 9.10.2_p3Natanael Copa2015-07-291-4/+4
|
* main/bind: security upgrade to 9.10.2_p2 (CVE-2015-4620)Natanael Copa2015-07-081-5/+5
|
* main/bind: enable capsNatanael Copa2015-06-231-2/+2
| | | | | | | | | Neeed for -u option with multithread: named: -u with Linux threads not supported: no capabilities support or capabilities disabled at build time ref #4281
* main/bind: upgrade to 9.10.2_p1Natanael Copa2015-06-121-5/+5
|
* main/*: replace all sbin/runscript with sbin/openrc-runNatanael Copa2015-04-281-4/+4
|
* main/bind: upgrade to 9.10.2Natanael Copa2015-03-111-5/+5
|
* main/bind: enable threadsNatanael Copa2015-03-111-2/+2
|
* main/bind: enable filter AAAANatanael Copa2015-03-111-1/+2
| | | | ref #3955
* main/bind: upgrade to 9.10.1_p2Carlo Landmeter2015-02-231-5/+5
|
* main/bind: upgrade to 9.10.1_p1Natanael Copa2014-12-091-5/+5
|
* main/bind: rebuild against krb5-1.13Natanael Copa2014-11-101-1/+1
|
* bind: Modify default config to be more secureHugo Landau2014-10-161-10/+16
| | | | | | | | | | | | | | | | | | | | | By default BIND will happily serve as both an authoritative nameserver and recursive resolver, but this is no longer a recommended or desirable configuration. The previous default configuration did not draw attention to this fact and the issues involved. Users are now made to rename one of two sample configuration files, named.conf.authoritative or named.conf.recursive. Comments inside either file advise DNS administrators of the most prevalent security issues. This ensures that users setting up an authoritative nameserver do not unwittingly also operate a resolver. In the previous default configuration, BIND would happily perform recursive resolution for localhost, which means that the local machine may receive non-authoritative data from what is supposed to be an authoritative nameserver. Both default configurations disable zone transfers by default, as BIND defaults to enabling them for any host (!).
* main/bind: upgrade to 9.10.1Natanael Copa2014-09-231-5/+5
|
* main/bind: remove duplicate depend functionNatanael Copa2014-06-191-4/+4
|
* main/bind: upgrade to 9.10.0_p2Natanael Copa2014-06-121-4/+4
|
* main/bind: upgrade to 9.10.0_p1Natanael Copa2014-05-221-4/+4
|
* main/bind: upgrade to 9.10.0Natanael Copa2014-05-011-4/+4
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-20 09:59:54 +0000