bind-utils-9.7.6P3-0.37.1 RPM for i586

From OpenSuSE 11.4 updates for i586

This package includes the utilities host, dig, and nslookup used to
test and query the Domain Name System (DNS).  The Berkeley Internet
Name Domain (BIND) DNS server is found in the package named bind.



Authors:
--------
    ISC Software <bind@isc.org>

Provides

• bind-utils
• bind9-utils
• bindutil
• dns_utils
• bind-utils(x86-32)

Requires

• /bin/sh
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(CompressedFileNames) > 3.0.4-1
• /bin/bash
• /bin/sh
• libbind9.so.60 >
• libc.so.6
• libc.so.6(GLIBC_2.0)
• libc.so.6(GLIBC_2.1) <
• libc.so.6(GLIBC_2.1.1)
• libc.so.6(GLIBC_2.1.3)
• libc.so.6(GLIBC_2.3) <
• libc.so.6(GLIBC_2.3.4)
• libc.so.6(GLIBC_2.4) >=
• libdns.so.69 <
• libidnkit.so.1
• libisc.so.65 <=
• libisccc.so.60 <=
• libisccfg.so.63 <
• liblwres.so.60 =
• libpthread.so.0
• libpthread.so.0(GLIBC_2.0) <
• rpmlib(PayloadIsLzma) < 4.4.6-1

License

BSD-3-Clause ; MIT

Changelog

* Sat Sep 15 2012 meissner@suse.com
  - A nameserver can be caused to exit with a REQUIRE exception if it can
    be induced to load a specially crafted resource record.
    CVE-2012-4244
    bnc#780157
  - 9.6-ESV-R7-P3
  - fetched current named.root and dnszone-schema.txt from upstream.
    - named.root: D has ipv6 record now
* Mon Jul 30 2012 ug@suse.de
  - Bad-cache data could be used before it was
    initialized, causing an assert.
    CVE-2012-3817
    bnc#772945
  - Change #3314 broke saving of stub zones to disk
    resulting in excessive cpu usage in some cases.
  - 9.7.6-P2
* Tue Jul 03 2012 ug@suse.de
  - VUL-1: deleted domain name resolving flaw
    CVE-2012-1033
    bnc#746074
  - more than 40 other bugs fixed (see CHANGES for details)
  - 9.7.6-P1
* Mon Jun 04 2012 ug@suse.de
  - VUL-0: bind remote DoS via zero length rdata field
    CVE-2012-1667
    bnc#765315
* Thu Nov 17 2011 ug@suse.de
  - Cache lookup could return RRSIG data associated with nonexistent
    records, leading to an assertion failure. (bnc#730995)
    CVE-2011-4313
* Tue Jul 05 2011 ug@suse.de
  - Change #2912 (see CHANGES) exposed a latent bug in the DNS message
    processing code that could allow certain UPDATE requests to crash
    named. This was fixed by disambiguating internal database
    representation vs DNS wire format data. [RT #24777] [CVE-2011-2464]
    (bnc#703907)
* Tue May 31 2011 meissner@suse.de
  - Security update to 9.7.3-P1
    - fixed a denial of service in RRSIG (CVE-2011-1910 / bnc#696585)
  - Updated named.root from internic
* Thu Feb 24 2011 ug@suse.de
  - fixed security issue
    VUL-0: bind: IXFR or DDNS update combined with high query rate
    DoS vulnerability (CVE-2011-0414 bnc#674431)
  - version to 9.7.3
* Wed Jan 05 2011 meissner@suse.de
  - ifdef the sysvinit specific prereqs for openSUSE 11.4 and later
* Thu Dec 09 2010 mvyskocil@suse.cz
  - fix bnc#656509 - direct mount of /proc in chroot
* Tue Dec 07 2010 coolo@novell.com
  - prereq init scripts syslog and network
* Thu Dec 02 2010 ug@suse.de
  - fixed VUL-0: bind: Key algorithm rollover bug
    bnc#657102, CVE-2010-3614
  - fixed VUL-0: bind: allow-query processed incorrectly
    bnc#657120, CVE-2010-3615
  - fixed VUL-0: bind: cache incorrectly allows a ncache entry and a rrsig for the same type
    bnc#657129, CVE-2010-3613
* Tue Nov 23 2010 ug@suse.de
  - fixed return code of "rcnamed status"
  - added gssapi support
* Tue Oct 12 2010 ug@suse.de
  - Zones may be dynamically added and removed with the "rndc addzone"
    and "rndc delzone" commands. These dynamically added zones are
    written to a per-view configuration file. Do not rely on the
    configuration file name nor contents as this will change in a
    future release. This is an experimental feature at this time.
  - Added new "filter-aaaa-on-v4" access control list to select which
    IPv4 clients have AAAA record filtering applied.
  - A new command "rndc secroots" was added to dump a combined summary
    of the currently managed keys combined with statically configured
    trust anchors.
  - Added support to load new keys into managed zones without signing
    immediately with "rndc loadkeys". Added support to link keys with
    "dnssec-keygen -S" and "dnssec-settime -S".
  - Documentation improvements
  - ORCHID prefixes were removed from the automatic empty zone list.
  - Improved handling of GSSAPI security contexts. Specifically, better
    memory management of cached contexts, limited lifetime of a context
    to 1 hour, and added a "realm" command to nsupdate to allow
    selection of a non-default realm name.
  - The contributed tool "ztk" was updated to version 1.0.
  - version 9.7.1 to 9.7.2-P2
* Mon Jul 26 2010 ug@suse.de
  - chrooted bind failed to start (bnc#625019)
* Mon Jun 21 2010 ug@suse.de
  - genrandom: add support for the generation of multiple
    files.
  - Update empty-zones list to match
    draft-ietf-dnsop-default-local-zones-13.
  - Incrementally write the master file after performing
    a AXFR.
  - Add AAAA address for L.ROOT-SERVERS.NET.
  - around 50 bugs fixed (see CHANGELOG for details)
  - version 9.7.1
* Thu May 20 2010 ug@suse.de
  - Handle broken DNSSEC trust chains better. [RT #15619]
  - Named could return SERVFAIL for negative responses
    from unsigned zones. [RT #21131
  - version 9.7.0-P2
* Sat May 01 2010 aj@suse.de
  - Handle /var/run on tmpfs.
  - do not use run_ldconfig.
* Wed Feb 24 2010 jengelh@medozas.de
  - Enable DLZ-LDAP (supersedes sdb_ldap) and add a patch
* Wed Feb 17 2010 ug@suse.de
  - Fully automatic signing of zones by "named".
  - Simplified configuration of DNSSEC Lookaside Validation (DLV).
  - Simplified configuration of Dynamic DNS, using the "ddns-confgen"
    command line tool or the "local" update-policy option.  (As a side
    effect, this also makes it easier to configure automatic zone
    re-signing.)
  - New named option "attach-cache" that allows multiple views to
    share a single cache.
  - DNS rebinding attack prevention.
  - New default values for dnssec-keygen parameters.
  - Support for RFC 5011 automated trust anchor maintenance
  - Smart signing: simplified tools for zone signing and key
    maintenance.
  - The "statistics-channels" option is now available on Windows.
  - A new DNSSEC-aware libdns API for use by non-BIND9 applications
  - On some platforms, named and other binaries can now print out
    a stack backtrace on assertion failure, to aid in debugging.
  - A "tools only" installation mode on Windows, which only installs
    dig, host, nslookup and nsupdate.
  - Improved PKCS#11 support, including Keyper support and explicit
    OpenSSL engine selection.
  - version 9.7.0
* Wed Jan 20 2010 ug@suse.de
  - [security]  Do not attempt to validate or cache
      out-of-bailiwick data returned with a secure
      answer; it must be re-fetched from its original
      source and validated in that context. [RT #20819]
  - [security]  Cached CNAME or DNAME RR could be returned to clients
      without DNSSEC validation. [RT #20737]
  - [security]  Bogus NXDOMAIN could be cached as if valid. [RT #20712]
  - version 9.6.1-P3
* Mon Jan 04 2010 ug@suse.de
  - removed the syntax check for include files (bnc#567593)
* Tue Dec 15 2009 jengelh@medozas.de
  - add baselibs.conf as a source
  - enable parallel building
  - add baselibs for SPARC
  - package documentation as noarch
* Wed Nov 25 2009 ug@suse.de
  - Security fix
    When validating, track whether pending data was from
    the additional section or not and only return it if
    validates as secure. [RT #20438]
    CVE-2009-4022
    bnc#558260
  - update from P1 to P2
* Fri Nov 20 2009 ug@suse.de
  - added localhost for ipv6 to default config (bnc#539529)
* Wed Nov 18 2009 ug@suse.de
  - fixed apparmor profile (bnc#544181)
* Tue Nov 03 2009 coolo@novell.com
  - updated patches to apply with fuzz=0
* Wed Sep 30 2009 ug@suse.de
  - using start_daemon instead of startproc (bnc#539532)
* Mon Aug 10 2009 ug@suse.de
  - version update to 9.6.1-P1
    (security fix CVE-2009-0696)
    bnc#526185
* Tue Jun 30 2009 ug@suse.de
  - enabled MySQL DLZ (Dynamically Loadable Zones)
* Tue Jun 16 2009 ug@suse.de
  - around 50 bugfixes against 9.6.0p1
    See changelog for details
  - version 9.6.1
* Thu Apr 09 2009 ug@suse.de
  - not all include files were copied into chroot (bnc#466800)
* Tue Mar 03 2009 ug@suse.de
  - /etc/named.conf does not include /etc/named.d/forwarders.conf
    by default (bnc#480334)

Files

/etc/bind.keys
/etc/idn.conf
/etc/idnalias.conf
/etc/named.d
/etc/named.d/rndc-access.conf
/etc/openldap
/etc/openldap/schema
/etc/openldap/schema/dlz.schema
/etc/openldap/schema/dnszone.schema
/usr/bin/dig
/usr/bin/genDDNSkey
/usr/bin/host
/usr/bin/idnconv
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/bin/runidn
/usr/sbin/arpaname
/usr/sbin/ddns-confgen
/usr/sbin/dnssec-dsfromkey
/usr/sbin/dnssec-keyfromlabel
/usr/sbin/dnssec-revoke
/usr/sbin/dnssec-settime
/usr/sbin/genrandom
/usr/sbin/isc-hmac-fixup
/usr/sbin/named-journalprint
/usr/sbin/nsec3hash
/usr/sbin/rndc
/usr/sbin/rndc-confgen
/usr/share/doc/packages/bind
/usr/share/doc/packages/bind/README.SUSE
/usr/share/idnkit
/usr/share/idnkit/jp.map
/usr/share/man/man1/arpaname.1.gz
/usr/share/man/man1/dig.1.gz
/usr/share/man/man1/host.1.gz
/usr/share/man/man1/idnconv.1.gz
/usr/share/man/man1/isc-config.sh.1.gz
/usr/share/man/man1/nslookup.1.gz
/usr/share/man/man1/nsupdate.1.gz
/usr/share/man/man1/runidn.1.gz
/usr/share/man/man5/idn.conf.5.gz
/usr/share/man/man5/idnalias.conf.5.gz
/usr/share/man/man5/idnrc.5.gz
/usr/share/man/man5/rndc.conf.5.gz
/usr/share/man/man8/ddns-confgen.8.gz
/usr/share/man/man8/dnssec-revoke.8.gz
/usr/share/man/man8/dnssec-settime.8.gz
/usr/share/man/man8/genrandom.8.gz
/usr/share/man/man8/isc-hmac-fixup.8.gz
/usr/share/man/man8/named-journalprint.8.gz
/usr/share/man/man8/nsec3hash.8.gz
/usr/share/man/man8/rndc-confgen.8.gz
/usr/share/man/man8/rndc.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Mon May 20 05:28:07 2013