bind-utils-9.7.1P2-0.2.1 RPM for x86_64

From OpenSuSE 11.3-test updates for x86_64

This package includes the utilities host, dig, and nslookup used to
test and query the Domain Name System (DNS).  The Berkeley Internet
Name Domain (BIND) DNS server is found in the package named bind.



Authors:
--------
    ISC Software <bind@isc.org>

Provides

• bind-utils
• dns_utils
• bindutil
• bind9-utils
• bind-utils(x86-64)

Requires

• /bin/sh <=
• rpmlib(PayloadFilesHavePrefix)
• rpmlib(CompressedFileNames)
• /bin/bash >
• /bin/sh <=
• libbind9.so.60()(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libdns.so.66()(64bit)
• libidnkit.so.1()(64bit)
• libisc.so.60()(64bit)
• libisccc.so.60()(64bit)
• libisccfg.so.60()(64bit)
• liblwres.so.60()(64bit)
• libpthread.so.0()(64bit) <
• libpthread.so.0(GLIBC_2.2.5)(64bit) >=
• rpmlib(PayloadIsLzma) < 4.4.6-1

License

BSD3c(or similar) ; MIT License (or similar)

Changelog

* Tue Oct 12 2010 ug@suse.de
  - when a recursive validating server has a trust anchor
    that is configured statically or via DNSSEC Lookaside
    Validation (DLV), allows remote attackers to cause a
    denial of service (infinite loop) via a query for
    an RRSIG record whose answer is not in the cache, which causes BIND to
    repeatedly send RRSIG queries to the authoritative servers.
    (bnc#644907)
    VUL-0: bind: DNSSEC denial of service via a recursive validating server
  - Temporarily and partially disable change 2864
    because it would cause inifinite attempts of RRSIG
    queries.  This is an urgent care fix; we'll
    revisit the issue and complete the fix later.
    [RT #21710]
  - Named failed to accept uncachable negative responses
    from insecure zones. [RT# 21555]
* Mon Jul 26 2010 ug@suse.de
  - chrooted bind failed to start (bnc#625019)
* Mon Jun 21 2010 ug@suse.de
  - genrandom: add support for the generation of multiple
    files.
  - Update empty-zones list to match
    draft-ietf-dnsop-default-local-zones-13.
  - Incrementally write the master file after performing
    a AXFR.
  - Add AAAA address for L.ROOT-SERVERS.NET.
  - around 50 bugs fixed (see CHANGELOG for details)
  - version 9.7.1
* Thu May 20 2010 ug@suse.de
  - Handle broken DNSSEC trust chains better. [RT #15619]
  - Named could return SERVFAIL for negative responses
    from unsigned zones. [RT #21131
  - version 9.7.0-P2
* Sat May 01 2010 aj@suse.de
  - Handle /var/run on tmpfs.
  - do not use run_ldconfig.
* Wed Feb 24 2010 jengelh@medozas.de
  - Enable DLZ-LDAP (supersedes sdb_ldap) and add a patch
* Wed Feb 17 2010 ug@suse.de
  - Fully automatic signing of zones by "named".
  - Simplified configuration of DNSSEC Lookaside Validation (DLV).
  - Simplified configuration of Dynamic DNS, using the "ddns-confgen"
    command line tool or the "local" update-policy option.  (As a side
    effect, this also makes it easier to configure automatic zone
    re-signing.)
  - New named option "attach-cache" that allows multiple views to
    share a single cache.
  - DNS rebinding attack prevention.
  - New default values for dnssec-keygen parameters.
  - Support for RFC 5011 automated trust anchor maintenance
  - Smart signing: simplified tools for zone signing and key
    maintenance.
  - The "statistics-channels" option is now available on Windows.
  - A new DNSSEC-aware libdns API for use by non-BIND9 applications
  - On some platforms, named and other binaries can now print out
    a stack backtrace on assertion failure, to aid in debugging.
  - A "tools only" installation mode on Windows, which only installs
    dig, host, nslookup and nsupdate.
  - Improved PKCS#11 support, including Keyper support and explicit
    OpenSSL engine selection.
  - version 9.7.0
* Wed Jan 20 2010 ug@suse.de
  - [security]  Do not attempt to validate or cache
      out-of-bailiwick data returned with a secure
      answer; it must be re-fetched from its original
      source and validated in that context. [RT #20819]
  - [security]  Cached CNAME or DNAME RR could be returned to clients
      without DNSSEC validation. [RT #20737]
  - [security]  Bogus NXDOMAIN could be cached as if valid. [RT #20712]
  - version 9.6.1-P3
* Mon Jan 04 2010 ug@suse.de
  - removed the syntax check for include files (bnc#567593)
* Tue Dec 15 2009 jengelh@medozas.de
  - add baselibs.conf as a source
  - enable parallel building
  - add baselibs for SPARC
  - package documentation as noarch
* Wed Nov 25 2009 ug@suse.de
  - Security fix
    When validating, track whether pending data was from
    the additional section or not and only return it if
    validates as secure. [RT #20438]
    CVE-2009-4022
    bnc#558260
  - update from P1 to P2
* Fri Nov 20 2009 ug@suse.de
  - added localhost for ipv6 to default config (bnc#539529)
* Wed Nov 18 2009 ug@suse.de
  - fixed apparmor profile (bnc#544181)
* Tue Nov 03 2009 coolo@novell.com
  - updated patches to apply with fuzz=0
* Wed Sep 30 2009 ug@suse.de
  - using start_daemon instead of startproc (bnc#539532)
* Mon Aug 10 2009 ug@suse.de
  - version update to 9.6.1-P1
    (security fix CVE-2009-0696)
    bnc#526185
* Tue Jun 30 2009 ug@suse.de
  - enabled MySQL DLZ (Dynamically Loadable Zones)
* Tue Jun 16 2009 ug@suse.de
  - around 50 bugfixes against 9.6.0p1
    See changelog for details
  - version 9.6.1
* Thu Apr 09 2009 ug@suse.de
  - not all include files were copied into chroot (bnc#466800)
* Tue Mar 03 2009 ug@suse.de
  - /etc/named.conf does not include /etc/named.d/forwarders.conf
    by default (bnc#480334)

Files

/etc/bind.keys
/etc/idn.conf
/etc/idnalias.conf
/etc/named.d
/etc/named.d/rndc-access.conf
/etc/openldap
/etc/openldap/schema
/etc/openldap/schema/dlz.schema
/etc/openldap/schema/dnszone.schema
/usr/bin/dig
/usr/bin/genDDNSkey
/usr/bin/host
/usr/bin/idnconv
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/bin/runidn
/usr/sbin/arpaname
/usr/sbin/ddns-confgen
/usr/sbin/dnssec-dsfromkey
/usr/sbin/dnssec-keyfromlabel
/usr/sbin/dnssec-revoke
/usr/sbin/dnssec-settime
/usr/sbin/genrandom
/usr/sbin/isc-hmac-fixup
/usr/sbin/named-journalprint
/usr/sbin/nsec3hash
/usr/sbin/rndc
/usr/sbin/rndc-confgen
/usr/share/doc/packages/bind
/usr/share/doc/packages/bind/README.SUSE
/usr/share/idnkit
/usr/share/idnkit/jp.map
/usr/share/man/man1/arpaname.1.gz
/usr/share/man/man1/dig.1.gz
/usr/share/man/man1/host.1.gz
/usr/share/man/man1/idnconv.1.gz
/usr/share/man/man1/isc-config.sh.1.gz
/usr/share/man/man1/nslookup.1.gz
/usr/share/man/man1/nsupdate.1.gz
/usr/share/man/man1/runidn.1.gz
/usr/share/man/man5/idn.conf.5.gz
/usr/share/man/man5/idnalias.conf.5.gz
/usr/share/man/man5/idnrc.5.gz
/usr/share/man/man5/rndc.conf.5.gz
/usr/share/man/man8/ddns-confgen.8.gz
/usr/share/man/man8/dnssec-revoke.8.gz
/usr/share/man/man8/dnssec-settime.8.gz
/usr/share/man/man8/genrandom.8.gz
/usr/share/man/man8/isc-hmac-fixup.8.gz
/usr/share/man/man8/named-journalprint.8.gz
/usr/share/man/man8/nsec3hash.8.gz
/usr/share/man/man8/rndc-confgen.8.gz
/usr/share/man/man8/rndc.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Jun 10 05:13:26 2013