CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2015/02/18 15:51:18
Modified files:
net/isc-bind : Tag: OPENBSD_5_6 Makefile distinfo
Log message:
Update to BIND 9.10.1P2
On servers configured to perform DNSSEC validation using managed
trust anchors (i.e., keys configured explicitly via managed-keys, or
implicitly via dnssec-validation auto; or dnssec-lookaside auto;),
revoking a trust anchor and sending a new untrusted replacement could
cause named to crash with an assertion failure. This could occur in
the event of a botched key rollover, or potentially as a result of a
deliberate attack if the attacker was in position to monitor the
victim's DNS traffic. This flaw was discovered by Jan-Piet Mens, and
is disclosed in [CVE-2015-1349] [RT #38344] (**)
