Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

bind-libs-9.8.1-4.2.2 RPM for i586

From OpenSuSE 12.1 for i586

Name: bind-libs Distribution: openSUSE 12.1
Version: 9.8.1 Vendor: openSUSE
Release: 4.2.2 Build date: Sat Oct 29 19:22:19 2011
Group: Development/Libraries/C and C++ Build host: build06
Size: 3091628 Source RPM: bind-9.8.1-4.2.2.src.rpm
Packager: http://bugs.opensuse.org
Url: http://isc.org/sw/bind/
Summary: Shared libraries of BIND
This package contains the shared libraries of the Berkeley Internet
Name Domain (BIND) Domain Name System implementation of the Domain Name
System (DNS) protocols.

Provides

Requires

License

BSD3c(or similar) ; MIT License (or similar)

Changelog

* Wed Oct 26 2011 ug@suse.de
  - on a 64bit system a chrooted bind failed to start if 32bit
    libs were installed (bnc#716745)
* Fri Sep 30 2011 coolo@suse.com
  - add libtool as buildrequire to make the spec file more reliable
* Sat Sep 17 2011 jengelh@medozas.de
  - Remove redundant tags/sections from specfile
  - Use %_smp_mflags for parallel build
* Fri Sep 16 2011 ug@suse.de
  - very first restart can create broken chroot
    (bnc#718441)
* Mon Sep 05 2011 ug@suse.de
  * fixed SSL in chroot environment (bnc#715881)
* Mon Sep 05 2011 ug@suse.de
  * Added a new include file with function typedefs for the DLZ
    "dlopen" driver. [RT #23629]
    * Added a tool able to generate malformed packets to allow testing of
    how named handles them. [RT #24096]
    * The root key is now provided in the file bind.keys allowing DNSSEC
    validation to be switched on at start up by adding
    "dnssec-validation auto;" to named.conf. If the root key provided
    has expired, named will log the expiration and validation will not
    work. More information and the most current copy of bind.keys can
    be found at http://www.isc.org/bind-keys. *Please note this feature
    was actually added in 9.8.0 but was not included in the 9.8.0
    release notes. [RT #21727]
    * If named is configured with a response policy zone (RPZ) and a
    query of type RRSIG is received for a name configured for RRset
    replacement in that RPZ, it will trigger an INSIST and crash the
    server. RRSIG. [RT #24280]
    * named, set up to be a caching resolver, is vulnerable to a user
    querying a domain with very large resource record sets (RRSets)
    when trying to negatively cache the response. Due to an off-by-one
    error, caching the response could cause named to crash. [RT #24650]
    [CVE-2011-1910]
    * Using Response Policy Zone (RPZ) to query a wildcard CNAME label
    with QUERY type SIG/RRSIG, it can cause named to crash. Fix is
    query type independant. [RT #24715]
    * Using Response Policy Zone (RPZ) with DNAME records and querying
    the subdomain of that label can cause named to crash. Now logs that
    DNAME is not supported. [RT #24766]
    * Change #2912 populated the message section in replies to UPDATE
    requests, which some Windows clients wanted. This exposed a latent
    bug that allowed the response message to crash named. With this
    fix, change 2912 has been reduced to copy only the zone section to
    the reply. A more complete fix for the latent bug will be released
    later. [RT #24777]
    * many bugfixes (see CHANGELOG)
    * 9.8.1
* Wed Aug 31 2011 rhafer@suse.de
  - Fixed the ldapdump tool to also respect the "uri" setting in
    /etc/openldap/ldap.conf (bnc#710430)
* Tue Jul 05 2011 ug@suse.de
  * Using Response Policy Zone (RPZ) with DNAME records and querying
    the subdomain of that label can cause named to crash. Now logs that
    DNAME is not supported. [RT #24766]
    * If named is configured to be both authoritative and resursive and
    receives a recursive query for a CNAME in a zone that it is
    authoritative for, if that CNAME also points to a zone the server
    is authoritative for, the recursive part of name will not follow
    the CNAME change and the response will not be a complete CNAME
    chain. [RT #24455]
    * Using Response Policy Zone (RPZ) to query a wildcard CNAME label
    with QUERY type SIG/RRSIG, it can cause named to crash. Fix is
    query type independant. [RT #24715] [CVE-2011-1907]
    * Change #2912 (see CHANGES) exposed a latent bug in the DNS message
    processing code that could allow certain UPDATE requests to crash
    named. This was fixed by disambiguating internal database
    representation vs DNS wire format data. [RT #24777] [CVE-2011-2464]
    * 9.8.0-P4
* Tue Jun 07 2011 ug@suse.de
  - A large RRSET from a remote authoritative server that results in
    the recursive resolver trying to negatively cache the response can
    hit an off by one code error in named, resulting in named crashing.
    [RT #24650] [CVE-2011-1910]
  - Zones that have a DS record in the parent zone but are also listed
    in a DLV and won't validate without DLV could fail to validate. [RT
    [#24631]]
* Mon May 23 2011 crrodriguez@opensuse.org
  - Build with -DNO_VERSION_DATE to avoid timestamps in binaries.
* Thu May 19 2011 meissner@suse.de
  - buildreq update-desktop-files for newer rpms
* Thu May 05 2011 ug@suse.de
  - The ADB hash table stores informations about which authoritative
    servers to query about particular domains
  - BIND now supports a new zone type, static-stub
  - BIND now supports Response Policy Zones
  - BIND 9.8.0 now has DNS64 support
  - Dynamically Loadable Zones (DLZ) now support dynamic updates.
  - Added a "dlopen" DLZ driver, allowing the creation of external DLZ
    drivers that can be loaded as shared objects at runtime rather than
    having to be linked with named
  - named now retains GSS-TSIG keys across restarts
  - There is a new update-policy match type "external".
  - bugfixes
  - version to 9.8.0
* Thu Feb 24 2011 ug@suse.de
  - fixed security issue
    VUL-0: bind: IXFR or DDNS update combined with high query rate
    DoS vulnerability (CVE-2011-0414 bnc#674431)
  - version to 9.7.3
* Wed Jan 05 2011 meissner@suse.de
  - ifdef the sysvinit specific prereqs for openSUSE 11.4 and later
* Thu Dec 09 2010 mvyskocil@suse.cz
  - fix bnc#656509 - direct mount of /proc in chroot
* Wed Dec 08 2010 coolo@novell.com
  - prereq init scripts syslog and network
* Thu Dec 02 2010 ug@suse.de
  - fixed VUL-0: bind: Key algorithm rollover bug
    bnc#657102, CVE-2010-3614
  - fixed VUL-0: bind: allow-query processed incorrectly
    bnc#657120, CVE-2010-3615
  - fixed VUL-0: bind: cache incorrectly allows a ncache entry and a rrsig for the same type
    bnc#657129, CVE-2010-3613
* Tue Nov 23 2010 ug@suse.de
  - fixed return code of "rcnamed status"
  - added gssapi support
* Tue Oct 12 2010 ug@suse.de
  - Zones may be dynamically added and removed with the "rndc addzone"
    and "rndc delzone" commands. These dynamically added zones are
    written to a per-view configuration file. Do not rely on the
    configuration file name nor contents as this will change in a
    future release. This is an experimental feature at this time.
  - Added new "filter-aaaa-on-v4" access control list to select which
    IPv4 clients have AAAA record filtering applied.
  - A new command "rndc secroots" was added to dump a combined summary
    of the currently managed keys combined with statically configured
    trust anchors.
  - Added support to load new keys into managed zones without signing
    immediately with "rndc loadkeys". Added support to link keys with
    "dnssec-keygen -S" and "dnssec-settime -S".
  - Documentation improvements
  - ORCHID prefixes were removed from the automatic empty zone list.
  - Improved handling of GSSAPI security contexts. Specifically, better
    memory management of cached contexts, limited lifetime of a context
    to 1 hour, and added a "realm" command to nsupdate to allow
    selection of a non-default realm name.
  - The contributed tool "ztk" was updated to version 1.0.
  - version 9.7.1 to 9.7.2-P2
* Mon Jul 26 2010 ug@suse.de
  - chrooted bind failed to start (bnc#625019)
* Mon Jun 21 2010 ug@suse.de
  - genrandom: add support for the generation of multiple
    files.
  - Update empty-zones list to match
    draft-ietf-dnsop-default-local-zones-13.
  - Incrementally write the master file after performing
    a AXFR.
  - Add AAAA address for L.ROOT-SERVERS.NET.
  - around 50 bugs fixed (see CHANGELOG for details)
  - version 9.7.1
* Thu May 20 2010 ug@suse.de
  - Handle broken DNSSEC trust chains better. [RT #15619]
  - Named could return SERVFAIL for negative responses
    from unsigned zones. [RT #21131
  - version 9.7.0-P2
* Sat May 01 2010 aj@suse.de
  - Handle /var/run on tmpfs.
  - do not use run_ldconfig.
* Wed Feb 24 2010 jengelh@medozas.de
  - Enable DLZ-LDAP (supersedes sdb_ldap) and add a patch
* Wed Feb 17 2010 ug@suse.de
  - Fully automatic signing of zones by "named".
  - Simplified configuration of DNSSEC Lookaside Validation (DLV).
  - Simplified configuration of Dynamic DNS, using the "ddns-confgen"
    command line tool or the "local" update-policy option.  (As a side
    effect, this also makes it easier to configure automatic zone
    re-signing.)
  - New named option "attach-cache" that allows multiple views to
    share a single cache.
  - DNS rebinding attack prevention.
  - New default values for dnssec-keygen parameters.
  - Support for RFC 5011 automated trust anchor maintenance
  - Smart signing: simplified tools for zone signing and key
    maintenance.
  - The "statistics-channels" option is now available on Windows.
  - A new DNSSEC-aware libdns API for use by non-BIND9 applications
  - On some platforms, named and other binaries can now print out
    a stack backtrace on assertion failure, to aid in debugging.
  - A "tools only" installation mode on Windows, which only installs
    dig, host, nslookup and nsupdate.
  - Improved PKCS#11 support, including Keyper support and explicit
    OpenSSL engine selection.
  - version 9.7.0
* Wed Jan 20 2010 ug@suse.de
  - [security]  Do not attempt to validate or cache
      out-of-bailiwick data returned with a secure
      answer; it must be re-fetched from its original
      source and validated in that context. [RT #20819]
  - [security]  Cached CNAME or DNAME RR could be returned to clients
      without DNSSEC validation. [RT #20737]
  - [security]  Bogus NXDOMAIN could be cached as if valid. [RT #20712]
  - version 9.6.1-P3
* Mon Jan 04 2010 ug@suse.de
  - removed the syntax check for include files (bnc#567593)
* Tue Dec 15 2009 jengelh@medozas.de
  - add baselibs.conf as a source
  - enable parallel building
  - add baselibs for SPARC
  - package documentation as noarch
* Wed Nov 25 2009 ug@suse.de
  - Security fix
    When validating, track whether pending data was from
    the additional section or not and only return it if
    validates as secure. [RT #20438]
    CVE-2009-4022
    bnc#558260
  - update from P1 to P2
* Fri Nov 20 2009 ug@suse.de
  - added localhost for ipv6 to default config (bnc#539529)
* Wed Nov 18 2009 ug@suse.de
  - fixed apparmor profile (bnc#544181)
* Tue Nov 03 2009 coolo@novell.com
  - updated patches to apply with fuzz=0
* Wed Sep 30 2009 ug@suse.de
  - using start_daemon instead of startproc (bnc#539532)
* Mon Aug 10 2009 ug@suse.de
  - version update to 9.6.1-P1
    (security fix CVE-2009-0696)
    bnc#526185
* Tue Jun 30 2009 ug@suse.de
  - enabled MySQL DLZ (Dynamically Loadable Zones)
* Tue Jun 16 2009 ug@suse.de
  - around 50 bugfixes against 9.6.0p1
    See changelog for details
  - version 9.6.1
* Thu Apr 09 2009 ug@suse.de
  - not all include files were copied into chroot (bnc#466800)
* Tue Mar 03 2009 ug@suse.de
  - /etc/named.conf does not include /etc/named.d/forwarders.conf
    by default (bnc#480334)

Files

/usr/lib/libbind9.so.80
/usr/lib/libbind9.so.80.0.3
/usr/lib/libdns.so.81
/usr/lib/libdns.so.81.3.1
/usr/lib/libidnkit.so.1
/usr/lib/libidnkit.so.1.0.2
/usr/lib/libidnkitlite.so.1
/usr/lib/libidnkitlite.so.1.0.2
/usr/lib/libidnkitres.so.1
/usr/lib/libidnkitres.so.1.0.1
/usr/lib/libisc.so.83
/usr/lib/libisc.so.83.0.1
/usr/lib/libisccc.so.80
/usr/lib/libisccc.so.80.0.0
/usr/lib/libisccfg.so.82
/usr/lib/libisccfg.so.82.0.0
/usr/lib/liblwres.so.80
/usr/lib/liblwres.so.80.0.1


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Apr 10 13:55:07 2014