Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

bind-9.7.3-1.2.1 RPM for i586

From OpenSuSE 11.4 for i586

Name: bind Distribution: openSUSE 11.4
Version: 9.7.3 Vendor: openSUSE
Release: 1.2.1 Build date: Sun Feb 27 12:59:50 2011
Group: Productivity/Networking/DNS/Servers Build host: build25
Size: 771137 Source RPM: bind-9.7.3-1.2.1.src.rpm
Summary: Domain Name System (DNS) Server (named)
Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols and provides an openly redistributable
reference implementation of the major components of the Domain Name
System.  This package includes the components to operate a DNS server.

    ISC Software <>




BSD3c(or similar) ; MIT License (or similar)


* Thu Feb 24 2011
  - fixed security issue
    VUL-0: bind: IXFR or DDNS update combined with high query rate
    DoS vulnerability (CVE-2011-0414 bnc#674431)
  - version to 9.7.3
* Wed Jan 05 2011
  - ifdef the sysvinit specific prereqs for openSUSE 11.4 and later
* Thu Dec 09 2010
  - fix bnc#656509 - direct mount of /proc in chroot
* Tue Dec 07 2010
  - prereq init scripts syslog and network
* Thu Dec 02 2010
  - fixed VUL-0: bind: Key algorithm rollover bug
    bnc#657102, CVE-2010-3614
  - fixed VUL-0: bind: allow-query processed incorrectly
    bnc#657120, CVE-2010-3615
  - fixed VUL-0: bind: cache incorrectly allows a ncache entry and a rrsig for the same type
    bnc#657129, CVE-2010-3613
* Tue Nov 23 2010
  - fixed return code of "rcnamed status"
  - added gssapi support
* Tue Oct 12 2010
  - Zones may be dynamically added and removed with the "rndc addzone"
    and "rndc delzone" commands. These dynamically added zones are
    written to a per-view configuration file. Do not rely on the
    configuration file name nor contents as this will change in a
    future release. This is an experimental feature at this time.
  - Added new "filter-aaaa-on-v4" access control list to select which
    IPv4 clients have AAAA record filtering applied.
  - A new command "rndc secroots" was added to dump a combined summary
    of the currently managed keys combined with statically configured
    trust anchors.
  - Added support to load new keys into managed zones without signing
    immediately with "rndc loadkeys". Added support to link keys with
    "dnssec-keygen -S" and "dnssec-settime -S".
  - Documentation improvements
  - ORCHID prefixes were removed from the automatic empty zone list.
  - Improved handling of GSSAPI security contexts. Specifically, better
    memory management of cached contexts, limited lifetime of a context
    to 1 hour, and added a "realm" command to nsupdate to allow
    selection of a non-default realm name.
  - The contributed tool "ztk" was updated to version 1.0.
  - version 9.7.1 to 9.7.2-P2
* Mon Jul 26 2010
  - chrooted bind failed to start (bnc#625019)
* Mon Jun 21 2010
  - genrandom: add support for the generation of multiple
  - Update empty-zones list to match
  - Incrementally write the master file after performing
    a AXFR.
  - Add AAAA address for L.ROOT-SERVERS.NET.
  - around 50 bugs fixed (see CHANGELOG for details)
  - version 9.7.1
* Thu May 20 2010
  - Handle broken DNSSEC trust chains better. [RT #15619]
  - Named could return SERVFAIL for negative responses
    from unsigned zones. [RT #21131
  - version 9.7.0-P2
* Sat May 01 2010
  - Handle /var/run on tmpfs.
  - do not use run_ldconfig.
* Wed Feb 24 2010
  - Enable DLZ-LDAP (supersedes sdb_ldap) and add a patch
* Wed Feb 17 2010
  - Fully automatic signing of zones by "named".
  - Simplified configuration of DNSSEC Lookaside Validation (DLV).
  - Simplified configuration of Dynamic DNS, using the "ddns-confgen"
    command line tool or the "local" update-policy option.  (As a side
    effect, this also makes it easier to configure automatic zone
  - New named option "attach-cache" that allows multiple views to
    share a single cache.
  - DNS rebinding attack prevention.
  - New default values for dnssec-keygen parameters.
  - Support for RFC 5011 automated trust anchor maintenance
  - Smart signing: simplified tools for zone signing and key
  - The "statistics-channels" option is now available on Windows.
  - A new DNSSEC-aware libdns API for use by non-BIND9 applications
  - On some platforms, named and other binaries can now print out
    a stack backtrace on assertion failure, to aid in debugging.
  - A "tools only" installation mode on Windows, which only installs
    dig, host, nslookup and nsupdate.
  - Improved PKCS#11 support, including Keyper support and explicit
    OpenSSL engine selection.
  - version 9.7.0
* Wed Jan 20 2010
  - [security]  Do not attempt to validate or cache
      out-of-bailiwick data returned with a secure
      answer; it must be re-fetched from its original
      source and validated in that context. [RT #20819]
  - [security]  Cached CNAME or DNAME RR could be returned to clients
      without DNSSEC validation. [RT #20737]
  - [security]  Bogus NXDOMAIN could be cached as if valid. [RT #20712]
  - version 9.6.1-P3
* Mon Jan 04 2010
  - removed the syntax check for include files (bnc#567593)
* Tue Dec 15 2009
  - add baselibs.conf as a source
  - enable parallel building
  - add baselibs for SPARC
  - package documentation as noarch
* Wed Nov 25 2009
  - Security fix
    When validating, track whether pending data was from
    the additional section or not and only return it if
    validates as secure. [RT #20438]
  - update from P1 to P2
* Fri Nov 20 2009
  - added localhost for ipv6 to default config (bnc#539529)
* Wed Nov 18 2009
  - fixed apparmor profile (bnc#544181)
* Tue Nov 03 2009
  - updated patches to apply with fuzz=0
* Wed Sep 30 2009
  - using start_daemon instead of startproc (bnc#539532)
* Mon Aug 10 2009
  - version update to 9.6.1-P1
    (security fix CVE-2009-0696)
* Tue Jun 30 2009
  - enabled MySQL DLZ (Dynamically Loadable Zones)
* Tue Jun 16 2009
  - around 50 bugfixes against 9.6.0p1
    See changelog for details
  - version 9.6.1
* Thu Apr 09 2009
  - not all include files were copied into chroot (bnc#466800)
* Tue Mar 03 2009
  - /etc/named.conf does not include /etc/named.d/forwarders.conf
    by default (bnc#480334)



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Jun 10 06:03:45 2017