aboutsummaryrefslogtreecommitdiffstats
path: root/main/bind
Commit message (Collapse)AuthorAgeFilesLines
* main/bind: add secfixes commenttcely2018-08-281-0/+3
|
* main/bind: Upgrade to 9.12.2-P1, enable DLZ and kerberosTaner Tas2018-08-162-66/+18
| | | | | | * Enable DLZ (Dynamically Loadable Zones) support with file system, ldap, stub backends * Enable GSSAPI/Kerberos support * Re-arrange configure options
* main/bind: security upgrade to 9.12.1_p2Jakub Jirutka2018-05-221-3/+6
|
* main/[various]: properly rebuild against json-c-0.13Natanael Copa2018-04-191-1/+1
|
* main/bind: rebuild against json-c-0.13Natanael Copa2018-04-191-1/+1
|
* main/bind: rebuild against libressl-2.7Natanael Copa2018-04-063-6/+59
|
* main/bind: upgrade to 9.12.0 and modernize abuildtcely2018-03-021-32/+25
|
* main/bind: Split OpenRC scripts, disable checkA. Wilcox2018-02-261-2/+6
|
* main/bind: Upgrade to 9.11.2-P1tcely2018-02-061-3/+5
|
* main/bind: enable json statisticsJared Szechy2017-12-151-2/+3
|
* main/bind: rebuild against libressl-2.6Natanael Copa2017-11-091-1/+1
|
* main/bind: upgrade to 9.11.2Natanael Copa2017-10-311-3/+3
|
* main/bind: bump pkgrelNatanael Copa2017-08-081-1/+1
| | | | bump pkgrel to avoid mismatch with caches
* Revert "main/bind: fix for CVE-2017-3142 and CVE-2017-3143. Fixes #7496"Francesco Colista2017-08-072-291/+2
| | | | This reverts commit 724d3ef9cc4c309dc09e750d37ca4cb86b32df85.
* main/bind: fix for CVE-2017-3142 and CVE-2017-3143. Fixes #7496Francesco Colista2017-08-072-2/+291
|
* main/bind: upgrade to 9.11.1_p2Natanael Copa2017-07-061-2/+2
|
* main/bind: security upgrade to 9.11.1_p1 (CVE-2017-3140)Natanael Copa2017-06-161-2/+2
| | | | fixes #7437
* main/bind: upgrade to 9.11.1Natanael Copa2017-06-141-3/+3
|
* main/bind: rebuild against libressl 2.5Natanael Copa2017-04-181-1/+1
|
* main/bind: security upgrade to 9.11.0_p5 - fixes #7141Sergey Lukin2017-04-141-2/+6
| | | | | | CVE-2017-3136: An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" CVE-2017-3137: A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME CVE-2017-3138: named exits with a REQUIRE assertion failure if it receives a null command string on its control channel
* main/bind: security upgrade to 9.11.0_p3 (CVE-2017-3135)Natanael Copa2017-02-091-21/+3
| | | | fixes #6828
* main/bind: dont create homedir for bind userNatanael Copa2017-01-242-2/+2
| | | | | We dont want copy the content of /etc/skel to /etc/bind ref #6725
* main/bind: Upgrade to 9.11.0-P2.Przemyslaw Pawelczyk2017-01-171-4/+4
| | | | | | | | | | | | | | https://www.isc.org/downloads/bind/bind-9-11-new-features/ https://deepthought.isc.org/article/AA-01446/0/BIND-9.11.0-P2-Release-Notes.html https://kb.isc.org/article/AA-00913/74/BIND-9-Security-Vulnerability-Matrix.html Release notes mention addressing issue described in: CVE-2016-9778: An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c but it's not present in 9.10.x, so it's not a security upgrade.
* main/bind: security upgrade to 9.10.4_p5 - fixes #6675Sergei Lukin2017-01-131-8/+15
| | | | | | CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure
* main/bind: security upgrade to 9.10.4_p4 (CVE-2016-8864)Natanael Copa2016-11-021-5/+5
|
* main/bind: rebuild against libresslNatanael Copa2016-10-101-2/+2
|
* main/bind: security upgrade to 9.10.4_p3 (CVE-2016-2776)Natanael Copa2016-09-281-4/+4
| | | | fixes #6223
* main/bind: security upgrade to 9.10.4_p2 (CVE-2016-2775)Natanael Copa2016-07-251-5/+5
| | | | fixes #5951
* main/bind: rebuild with libxml2. Fixes #5711Francesco Colista2016-06-271-3/+3
|
* main/bind: upgrade to 9.10.4_p1Natanael Copa2016-05-271-5/+5
|
* main/bind: upgrade to 9.10.4Natanael Copa2016-05-161-5/+5
|
* main/[various]: bump pkgrel for pre-install fixesPrzemyslaw Pawelczyk2016-04-251-1/+1
|
* Reorder arguments passed to addgroup/adduser in scripts.Przemyslaw Pawelczyk2016-04-251-1/+1
| | | | | | | Now all invocations have following order of arguments (if present): addgroup -S -g ... GROUP adduser -S -u ... -D -H -h ... -s ... -G ... -g ... USER
* Improve consistency of scripts using adduser/addgroup.Przemyslaw Pawelczyk2016-04-251-1/+1
| | | | | | | | | | | | Following rules have been applied: - script starts with shebang !#/bin/sh followed by blank line, - script ends with exit 0 prepended by blank line, - only stderr of adduser, addgroup or passwd is redirected to /dev/null, - getent passwd/group instances has been removed, - manual checking of file and group existence has been removed, - `|| true` instances has been removed. Comments and line wrapping have been preserved.
* Add -g option (GECOS/comment) to adduser in scripts.Przemyslaw Pawelczyk2016-04-251-1/+1
| | | | | | This way we can avoid ugly default: Linux user,,,
* Add lacking -S option (system) to adduser/addgroup in scripts.Przemyslaw Pawelczyk2016-04-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Groups and users created by packages shouldn't use high ids by default (unless explicitly requested), to distinguish them from groups and users created by administrators for humans. Following 41 files lacked -S next to addgroup: - community/sword/sword.pre-install - main/amavisd-new/amavisd-new.pre-install - main/chrony/chrony.pre-install - main/cvechecker/cvechecker.pre-install - main/dnsmasq/dnsmasq.pre-install - main/freeradius/freeradius.pre-install - main/gdnsd/gdnsd.pre-install - main/haproxy/haproxy.pre-install - main/haproxy/haproxy.pre-upgrade - main/kamailio/kamailio.pre-install - main/logcheck/logcheck.pre-install - main/mlmmj/mlmmj.pre-install - main/nrpe/nrpe.pre-install - main/open-vm-tools/open-vm-tools.pre-install - main/postgrey/postgrey.pre-install - main/privoxy/privoxy.pre-install - main/redis/redis.pre-install - main/samba/winbind.pre-install - main/sircbot/sircbot.pre-install - main/smokeping/smokeping.pre-install - main/squark/squark.post-install - main/squid/squid.pre-install - main/squid/squid.pre-upgrade - main/subversion/subversion.pre-install - main/trac/trac.pre-install - main/vsftpd/vsftpd.pre-install - main/zabbix/zabbix-agent.pre-install - testing/3proxy/3proxy.pre-install - testing/cluster-glue/cluster-glue.pre-install - testing/elasticsearch/elasticsearch.pre-install - testing/emby/emby.pre-install - testing/gdnsd/gdnsd.pre-install - testing/icinga2/icinga2.pre-install - testing/lusca/lusca.pre-install - testing/lusca/lusca.pre-upgrade - testing/mongodb/mongodb.pre-install - testing/openxcap/openxcap.pre-install - testing/prosody/prosody.pre-install - testing/rancid/rancid.pre-install - testing/rutorrent/rutorrent.pre-install - testing/zabbix/zabbix-agent.pre-install Following 60 files lacked -S next to adduser: - community/caddy/caddy.pre-install - community/domoticz/domoticz.pre-install - community/minetest/minetest-server.pre-install - community/oscam/oscam.pre-install - community/seafile/seafile-server.pre-install - community/syncthing/syncthing.pre-install - main/apache2/apache2.pre-install - main/aports-build/aports-build.pre-install - main/atheme-iris/atheme-iris.pre-install - main/bind/bind.pre-install - main/clamav/clamav-db.pre-install - main/clamsmtp/clamsmtp.pre-install - main/clamsmtp/clamsmtp.pre-upgrade - main/coova-chilli/coova-chilli.pre-install - main/cvechecker/cvechecker.pre-install - main/dhcp/dhcp.pre-install - main/distcc/distcc.pre-install - main/djbdns/dnscache.pre-install - main/djbdns/tinydns.pre-install - main/dovecot/dovecot.pre-install - main/ez-ipupdate/ez-ipupdate.pre-install - main/fetchmail/fetchmail.pre-install - main/freeswitch/freeswitch.pre-install - main/gitolite/gitolite.pre-install - main/gnats/gnats.pre-install - main/gross/gross.pre-install - main/icecast/icecast.pre-install - main/kamailio/kamailio.pre-install - main/lighttpd/lighttpd.pre-install - main/mariadb/mariadb.pre-install - main/memcached/memcached.pre-install - main/ngircd/ngircd.pre-install - main/nrpe/nrpe.pre-install - main/openntpd/openntpd.pre-install - main/postgrey/postgrey.pre-install - main/snort/snort.pre-install - main/squid/squid.pre-install - main/squid/squid.pre-upgrade - main/subversion/subversion.pre-install - main/trac/trac.pre-install - main/transmission/transmission-daemon.pre-install - main/ympd/ympd.pre-install - main/znc/znc.pre-install - testing/at/at.pre-install - testing/buildbot-slave/buildbot-slave.pre-install - testing/buildbot/buildbot.pre-install - testing/clapf/clapf.pre-install - testing/cluster-glue/cluster-glue.pre-install - testing/dbmail/dbmail.pre-install - testing/dspam/dspam.pre-install - testing/ejabberd/ejabberd.pre-install - testing/emby/emby.pre-install - testing/mongodb/mongodb.pre-install - testing/opensips/opensips.pre-install - testing/pdns/pdns.pre-install - testing/prosody/prosody.pre-install - testing/qpage/qpage.pre-install - testing/rrdbot/rrdbot.pre-install - testing/wt/wt.pre-install - unmaintained/ejabberd-git/ejabberd-git.pre-install
* main/bind: security upgrade to 9.10.3_p4 ↵Natanael Copa2016-03-101-5/+5
| | | | | | (CVE-2016-1285,CVE-2016-1286,CVE-2016-2088) fixes #5243
* main/bind: remove /var/log/namedKaarle Ritvanen2016-02-041-2/+1
| | | | not used by default configuration
* main/bind: security upgrade to 9.10.3_p3 (CVE-2015-8704,CVE-2015-8705)Natanael Copa2016-01-201-4/+4
|
* main/bind: security upgrade to 9.10.3_p2 (CVE-2015-8461,CVE-2015-8000)Natanael Copa2015-12-161-5/+5
| | | | fixes #4956
* main/bind: move dnssec to -tools subpackageSören Tempel2015-11-161-7/+21
|
* main/bind: upgrade to 9.10.3Natanael Copa2015-09-171-4/+4
|
* Do not delete *.la files manuallyBartłomiej Piotrowski2015-09-101-1/+0
| | | | | Since abuild v2.22.0, these are removed automatically unless 'libtool' option has been specified.
* main/bind: upgrade to 9.10.2_p4Natanael Copa2015-09-071-5/+5
|
* main/bind: user libcap for capabilitiesNatanael Copa2015-08-131-2/+2
|
* main/bind: upgrade to 9.10.2_p3Natanael Copa2015-07-291-4/+4
|
* main/bind: security upgrade to 9.10.2_p2 (CVE-2015-4620)Natanael Copa2015-07-081-5/+5
|
* main/bind: enable capsNatanael Copa2015-06-231-2/+2
| | | | | | | | | Neeed for -u option with multithread: named: -u with Linux threads not supported: no capabilities support or capabilities disabled at build time ref #4281
* main/bind: upgrade to 9.10.2_p1Natanael Copa2015-06-121-5/+5
|
* main/*: replace all sbin/runscript with sbin/openrc-runNatanael Copa2015-04-282-5/+5
|