2010年12月24日

[installer 2616] 9.7.3b1

BIND 9.7.3b1 出ています。

☆ BIND 9.7.3b1
https://www.isc.org/software/bind
ftp://ftp.isc.org/isc/bind9/9.7.3b1/bind-9.7.3b1.tar.gz

--- 9.7.3b1 released ---

2982. [bug] Reference count dst keys. dst_key_attach() can be used
increment the reference count.

Note: dns_tsigkey_createfromkey() callers should now
always call dst_key_free() rather than setting it
to NULL on success. [RT #22672]

2980. [bug] named didn't properly handle UPDATES that changed the
TTL of the NSEC3PARAM RRset. [RT #22363]

2979. [bug] named could deadlock during shutdown if two
"rndc stop" commands were issued at the same
time. [RT #22108]

2978. [port] hpux: look for <devpoll.h> [RT #21919]

2977. [bug] 'nsupdate -l' report if the session key is missing.
[RT #21670]

2976. [bug] named could die on exit after negotiating a GSS-TSIG
key. [RT #22573]

2975. [bug] rbtdb.c:cleanup_dead_nodes_callback() aquired the
wrong lock which could lead to server deadlock.
[RT #22614]

2974. [bug] Some vaild UPDATE requests could fail due to a
consistency check examining the existing version
of the zone rather than the new version resulting
from the UPDATE. [RT #22413]

2973. [bug] bind.keys.h was being removed by the "make clean"
at the end of configure resulting in build failures
where there is very old version of perl installed.
Move it to "make maintainer-clean". [RT #22230]

2972. [bug] win32: address windows socket errors. [RT #21906]

2971. [bug] Fixed a bug that caused journal files not to be
compacted on Windows systems as a result of
non-POSIX-compliant rename() semantics. [RT #22434]

2970. [security] Adding a NO DATA negative cache entry failed to clear
any matching RRSIG records. A subsequent lookup of
of NO DATA cache entry could trigger a INSIST when the
unexpected RRSIG was also returned with the NO DATA
cache entry.

CVE-2010-3613, VU#706148. [RT #22288]

2969. [security] Fix acl type processing so that allow-query works
in options and view statements. Also add a new
set of tests to verify proper functioning.

CVE-2010-3615, VU#510208. [RT #22418]

2968. [security] Named could fail to prove a data set was insecure
before marking it as insecure. One set of conditions
that can trigger this occurs naturally when rolling
DNSKEY algorithms.

CVE-2010-3614, VU#837744. [RT #22309]

2967. [bug] 'host -D' now turns on debugging messages earlier.
[RT #22361]

2966. [bug] isc_print_vsnprintf() failed to check if there was
space available in the buffer when adding a left
justified character with a non zero width,
(e.g. "%-1c"). [RT #22270]

2965. [func] Test HMAC functions using test data from RFC 2104 and
RFC 4634. [RT #21702]

2963. [security] The allow-query acl was being applied instead of the
allow-query-cache acl to cache lookups. [RT #22114]

2962. [port] win32: add more dependencies to BINDBuild.dsw.
[RT #22062]

2961. [bug] Be still more selective about the non-authoritative
answers we apply change 2748 to. [RT #22074]

2960. [func] Check that named accepts non-authoritative answers.
[RT #21594]

2959. [func] Check that named starts with a missing masterfile.
[RT #22076]

2958. [bug] named failed to start with a missing master file.
[RT #22076]

2957. [bug] entropy_get() and entropy_getpseudo() failed to match
the API for RAND_bytes() and RAND_pseudo_bytes()
respectively. [RT #21962]

2956. [port] Enable atomic operations on the PowerPC64. [RT #21899]

2954. [bug] contrib: dlz_mysql_driver.c bad error handling on
build_sqldbinstance failure. [RT #21623]

2953. [bug] Silence spurious "expected covering NSEC3, got an
exact match" message when returning a wildcard
no data response. [RT #21744]

2952. [port] win32: named-checkzone and named-checkconf failed
to initialise winsock. [RT #21932]

2951. [bug] named failed to generate a correct signed response
in a optout, delegation only zone with no secure
delegations. [RT #22007]

2950. [bug] named failed to perform a SOA up to date check when
falling back to TCP on UDP timeouts when
ixfr-from-differences was set. [RT #21595]

2949. [bug] dns_view_setnewzones() contained a memory leak if
it was called multiple times. [RT #21942]

2928. [bug] Be more selective about the non-authoritative
answer we apply change 2748 to. [RT #21594]

----
こがよういちろう


投稿者 xml-rpc : 2010年12月24日 15:52
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/100961
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。