nant's projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 84bc65d) | patch
Add patch from 9.3.5 to 9.3.5-P1. This is for adding randomization
authorJeremy C. Reed <reed@dragonflybsd.org>
Fri, 11 Jul 2008 22:42:30 +0000 (22:42 +0000)
committerJeremy C. Reed <reed@dragonflybsd.org>
Fri, 11 Jul 2008 22:42:30 +0000 (22:42 +0000)
commit411857b4bfc4e9bc2d82151593d8743879c86e33
tree3cadbf9472ffb89af7d5e3a394766c1fca182176tree | snapshot
parent84bc65d93ad92bbe7c5dec8252b9857e8c8d9e45commit | diff
Add patch from 9.3.5 to 9.3.5-P1. This is for adding randomization
for every query.

The patch for the security issues from 9.3.5 to 9.3.5-P1 (minus
win32 and doc) applies fine to HEAD contrib/bind-9.3 (which is
9.3.4-P1) other than a few RCS ident conflicts.

I made up my own version name for this for DragonFly: 9.3.4-P2.

This is for
http://www.kb.cert.org/vuls/id/800113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447

Note that this -P1 patch is the unoptimized version.
Also on busy recursive caching systems you may need to set limits
to allow many sockets.

This also removes comment from DragonFly's named.conf as
that is now a "warning" and is not recommended. Remove any
query-source restriction for one port or this patch will not be used.
contrib/bind-9.3/CHANGES diff | blob | blame | history
contrib/bind-9.3/README.DRAGONFLY diff | blob | blame | history
contrib/bind-9.3/bin/named/client.c diff | blob | blame | history
contrib/bind-9.3/bin/named/server.c diff | blob | blame | history
contrib/bind-9.3/lib/dns/dispatch.c diff | blob | blame | history
contrib/bind-9.3/lib/dns/include/dns/dispatch.h diff | blob | blame | history
contrib/bind-9.3/lib/dns/resolver.c diff | blob | blame | history
contrib/bind-9.3/version diff | blob | blame | history
etc/namedb/named.conf diff | blob | blame | history
usr.sbin/named/Makefile.inc diff | blob | blame | history
Nuno's DragonFly repo.