Pull request - bind 9.10.2-P1

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

From: Matthias Fischer <fischerm42@t-online.de>
To: development@lists.ipfire.org
Subject: Pull request - bind 9.10.2-P1
Date: Mon, 29 Jun 2015 18:53:31 +0200	[thread overview]
Message-ID: <5591780B.1040907@t-online.de> (raw)

[-- Attachment #1: Type: text/plain, Size: 2157 bytes --]

Hi list,

I prepared an update for bind, perhaps could be interesting.

Excerpt from changelog:

***SNIP***
4134.	[cleanup]	Include client-ip rules when logging the number
                         of RPZ rules of each type. [RT #39670]

4131.	[bug]		Addressed further problems with reloading RPZ
			zones. [RT #39649]

4126.	[bug]		Addressed a regression introduced in change #4121.
			[RT #39611]

4122.	[bug]		The server could match a shorter prefix than what was
			available in CLIENT-IP policy triggers, and so, an
			unexpected action could be taken. This has been
			corrected. [RT #39481]

4121.	[bug]		On servers with one or more policy zones
			configured as slaves, if a policy zone updated
			during regular operation (rather than at
			startup) using a full zone reload, such as via
			AXFR, a bug could allow the RPZ summary data to
			fall out of sync, potentially leading to an
			assertion failure in rpz.c when further
			incremental updates were made to the zone, such
			as via IXFR. [RT #39567]

4120.	[bug]		A bug in RPZ could cause the server to crash if
			policy zones were updated while recursion was
			pending for RPZ processing of an active query.
			[RT #39415]

4116.	[bug]		Fix a bug in RPZ that could cause some policy
			zones that did not specifically require
			recursion to be treated as if they did;
			consequently, setting qname-wait-recurse no; was
			sometimes ineffective. [RT #39229]

4063.	[bug]		Asynchronous zone loads were not handled
			correctly when the zone load was already in
			progress; this could trigger a crash in zt.c.
			[RT #37573]

4062.	[bug]		Fix an out-of-bounds read in RPZ code. If the
			read succeeded, it doesn't result in a bug
			during operation. If the read failed, named
			could segfault. [RT #38559]
***SNAP***

bind - Update to 9.10.2-P1:
http://git.ipfire.org/?p=people/mfischer/ipfire-2.x.git;a=commit;h=cb7051ba15fdc9d6da22d9fe87c1b881e3c18ff0

I tested this in productive mode (2.17/core91). For me, it seems to run 
fine.

Regards
Matthias
-- 
tails, linux, USB, CD, secure desktop, IRC, truecrypt, tor, onion

                 reply	other threads:[~2015-06-29 16:53 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5591780B.1040907@t-online.de \
    --to=fischerm42@t-online.de \
    --cc=development@lists.ipfire.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox