FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Please give me your LTO-4 or better tape library and I'll put it to good use.
Port details
bind910 BIND DNS suite with updated DNSSEC and DNS64
9.10.2_1 dns on this many watch lists=12 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Maintainer: mat@FreeBSD.org search for ports maintained by this maintainer
Port Added: 10 Apr 2014 16:01:46
Also Listed In: net ipv6
License: ISCL
BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND
architecture.  Some of the important features of BIND 9 are:

DNS Security: DNSSEC (signed zones), TSIG (signed DNS requests)
IP version 6: Answers DNS queries on IPv6 sockets, IPv6 resource records (AAAA)
     Experimental IPv6 Resolver Library
DNS Protocol Enhancements: IXFR, DDNS, Notify, EDNS0
     Improved standards conformance
Views: One server process can provide multiple "views" of the DNS namespace,
     e.g. an "inside" view to certain clients, and an "outside" view to others.
Multiprocessor Support

See the CHANGES file for more information on new features.

WWW: https://www.isc.org/software/bind
SVNWeb : Homepage : Distfiles Availability : PortsMon
Slave ports
  1. dns/bind-tools

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. libcrypto.so.8 : security/openssl
Runtime dependencies:
  1. libcrypto.so.8 : security/openssl
Library dependencies:
  1. libxml2.so : textproc/libxml2
  2. libidnkit.so : dns/idnkit
  3. libiconv.so : converters/libiconv

This port is required by:

for Build * - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

To install the port: cd /usr/ports/dns/bind910/ && make install clean
To add the package: pkg install dns/bind910


Configuration Options
===> The following configuration options are available for bind910-9.10.2_1:
     DOCS=on: Build and/or install documentation
     FILTER_AAAA=off: Enable filtering of AAAA records
     FIXED_RRSET=off: Enable fixed rrset ordering
     GEOIP=off: Allow geographically based ACL.
     GOST=off: Enable GOST ciphers, needs SSL (see help)
     IDN=on: International Domain Names support
     IPV6=on: IPv6 protocol support
     LARGE_FILE=off: 64-bit file support
     LINKS=off: Create conf file symlinks in /usr/local
     NEWSTATS=off: Enable alternate xml statistics channel format
     PYTHON=off: Build with Python utilities
     RPZ_NSDNAME=off: Enable RPZ NSDNAME policy records
     RPZ_NSIP=off: Enable RPZ NSIP trigger rules
     RRL=on: Response Rate Limiting
     SIGCHASE=on: dig/host/nslookup will do DNSSEC validation
     THREADS=on: Threading support
====> Dynamically Loadable Zones
     DLZ_POSTGRESQL=off: DLZ Postgres driver
     DLZ_MYSQL=off: DLZ MySQL driver (no threading)
     DLZ_BDB=off: DLZ BDB driver
     DLZ_LDAP=off: DLZ LDAP driver
     DLZ_FILESYSTEM=off: DLZ filesystem driver
     DLZ_STUB=off: DLZ stub driver
====> GSSAPI Security API support: you have to select exactly one of them
     GSSAPI_BASE=off: GSSAPI Security API support (Heimdal in base)
     GSSAPI_HEIMDAL=off: GSSAPI Security API support (security/heimdal)
     GSSAPI_MIT=off: GSSAPI Security API support (security/krb5)
     GSSAPI_NONE=on: No GSSAPI Security API support
====> Choose which crypto engine to use: you can only select none or one of them
     SSL=on: Build with OpenSSL (Required for DNSSEC)
     NATIVE_PKCS11=off: Use PKCS#11 native API (**READ HELP**)
===> Use 'make config' to modify these settings

USES:
cpe iconv

Master Sites:
  1. ftp://ftp.ciril.fr/pub/isc/bind9/9.10.2/
  2. ftp://ftp.dti.ad.jp/pub/net/isc/bind9/9.10.2/
  3. ftp://ftp.freenet.de/pub/ftp.isc.org/isc/bind9/9.10.2/
  4. ftp://ftp.funet.fi/pub/mirrors/ftp.isc.org/isc/bind9/9.10.2/
  5. ftp://ftp.iij.ad.jp/pub/network/isc/bind9/9.10.2/
  6. ftp://ftp.isc.org/isc/bind9/9.10.2/
  7. ftp://ftp.mirrorservice.org/sites/ftp.isc.org/isc/bind9/9.10.2/
  8. ftp://ftp.nominum.com/pub/isc/bind9/9.10.2/
  9. ftp://ftp.ntua.gr/pub/net/isc/isc/bind9/9.10.2/
  10. ftp://ftp.ripe.net/mirrors/sites/ftp.isc.org/isc/bind9/9.10.2/
  11. ftp://ftp.sunet.se/pub/network/isc/bind9/9.10.2/
  12. ftp://ftp.task.gda.pl/mirror/ftp.isc.org/isc/bind9/9.10.2/
  13. ftp://ftp.u-aizu.ac.jp/pub/net/isc/bind9/9.10.2/
  14. http://distcache.FreeBSD.org/ports-distfiles/
  15. http://ftp.isc.org/isc/bind9/9.10.2/

Number of commits found: 36

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
24 Mar 2015 15:22:51
Original commit files touched by this commit  9.10.2_1
Revision:382109
mat search for other commits by this committer
Add chroot back to BIND's startup script.

Differential Revision:	https://reviews.freebsd.org/D1952
Sponsored by:	Absolight
26 Feb 2015 02:03:15
Original commit files touched by this commit  9.10.2
Revision:379978
mat search for other commits by this committer
Update dns/bind99 to 9.9.7 and dns/bind910 to 9.10.2.

On 8 and 9, use the same configuration path than on 10+, ${PREFIX}/etc/namedb/.

Sponsored by:	Absolight
18 Feb 2015 22:37:54
Original commit files touched by this commit  9.10.1P2
Revision:379326
mat search for other commits by this committer
Update BIND 9.9 and 9.10 to the latest security patch.

Sponsored by:	Absolight
18 Feb 2015 21:56:09
Original commit files touched by this commit  9.10.1P1_2
Revision:379318 This port version is marked as vulnerable.
mat search for other commits by this committer
Add a patch for CVE-2015-1349 while I work on updating both ports to the new
version.

Security:	CVE-2015-1349
Sponsored by:	Absolight
08 Jan 2015 15:22:49
Original commit files touched by this commit  9.10.1P1_1
Revision:376540 This port version is marked as vulnerable.
mat search for other commits by this committer
Fix a few problems bind-tools by not overwritting what's defined in it in
bind910's Makefile.

Sponsored by:	Absolight
06 Jan 2015 15:01:18
Original commit files touched by this commit  9.10.1P1_1
Revision:376428 This port version is marked as vulnerable.
mat search for other commits by this committer
Add a note about running the right BIND daemon on 8 and 9.

Sponsored by:	Absolight
05 Jan 2015 17:44:12
Original commit files touched by this commit  9.10.1P1
Revision:376329 This port version is marked as vulnerable.
mat search for other commits by this committer
Retire REPLACE_BASE option.

While there, reduce changes from bind99 and bind910 ports.

Sponsored by:	Absolight
08 Dec 2014 17:29:44
Original commit files touched by this commit  9.10.1P1
Revision:374305 This port version is marked as vulnerable.
mat search for other commits by this committer
Security update of BIND9 to 9.9.6-P1 and 9.10.1-P1.

Security:	CVE-2014-8500 CVE-2014-8680
Sponsored by:	Absolight
24 Nov 2014 17:41:10
Original commit files touched by this commit  9.10.1_1
Revision:373227 This port version is marked as vulnerable.
mat search for other commits by this committer
Fix three ports forgotten by the USE_PGSQL removal.  (Fix a typo in devel/upp.)

Sponsored by:	Absolight
18 Nov 2014 23:17:41
Original commit files touched by this commit  9.10.1_1
Revision:372752 This port version is marked as vulnerable.
mat search for other commits by this committer
Fix bind-tools PORTREVISION.

Noticed by:	Andrei Brezan
Sponsored by:	Absolight
17 Nov 2014 17:51:52
Original commit files touched by this commit  9.10.1_1
Revision:372675 This port version is marked as vulnerable.
mat search for other commits by this committer
Install the bind.keys file with the root and dlv.isc.org keys.

Sponsored by:	Absolight
22 Oct 2014 15:08:58
Original commit files touched by this commit  9.10.1
Revision:371360 This port version is marked as vulnerable.
mat search for other commits by this committer
Don't install named rc script with bind-tools.

Sponsored by:	Absolight
23 Sep 2014 11:32:52
Original commit files touched by this commit  9.10.1
Revision:369044 This port version is marked as vulnerable.
mat search for other commits by this committer
And gmake is no longer needed.

Sponsored by:	Absolight
23 Sep 2014 11:22:41
Original commit files touched by this commit  9.10.1
Revision:369042 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.10.1.

Sponsored by:	Absolight
17 Sep 2014 11:58:40
Original commit files touched by this commit  9.10.0P2_5
Revision:368367 This port version is marked as vulnerable.
mat search for other commits by this committer
Update pkg-descr, this 9.10, not 9.9.

Sponsored by:	Absolight
07 Sep 2014 10:24:59
Original commit files touched by this commit  9.10.0P2_5
Revision:367505 This port version is marked as vulnerable.
mat search for other commits by this committer
configure no longer has problems detecting our arch like it had in bind95's
time, so remove ARCH modification, which leads to other problems, like [1]

PR:		193359 [1]
Submitted by:	dinoex [1]
Sponsored by:	Absolight
11 Aug 2014 17:05:50
Original commit files touched by this commit  9.10.0P2_5
Revision:364628 This port version is marked as vulnerable.
adamw search for other commits by this committer
Bump PORTREVISION on all ports that depend on net/GeoIP for
r364627.

Approved by:	portmgr (not really, but touches unstaged ports)
24 Jul 2014 18:34:16
Original commit files touched by this commit  9.10.0P2_4
Revision:362835 This port version is marked as vulnerable.
tijl search for other commits by this committer
net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample
(Only the first 15 lines of the commit message are shown above View all of this commit message)
11 Jul 2014 15:38:42
Original commit files touched by this commit  9.10.0P2_3
Revision:361553 This port version is marked as vulnerable.
mat search for other commits by this committer
And it's supposed to be lower case.

Sponsored by:	Absolight
11 Jul 2014 15:28:13
Original commit files touched by this commit  9.10.0P2_3
Revision:361548 This port version is marked as vulnerable.
mat search for other commits by this committer
Add CPE to BIND9.

Sponsored by:	Absolight
24 Jun 2014 15:15:33
Original commit files touched by this commit  9.10.0P2_3
Revision:359094 This port version is marked as vulnerable.
mat search for other commits by this committer
Add a PYTHON option to bind99 and bind910, it installs a couple of dnssec
related utilities.
Use bind's own Makefiles for installation in bind-tools.

Sponsored by:	Absolight
18 Jun 2014 12:23:28
Original commit files touched by this commit  9.10.0P2_2
Revision:358262 This port version is marked as vulnerable.
mat search for other commits by this committer
Fix dns/bind-tools after the gssapi update.

Also, move it from BIND 9.9 to 9.10, and add delv and nsupdate.

Sponsored by:	Absolight
17 Jun 2014 17:16:33
Original commit files touched by this commit  9.10.0P2_2
Revision:358151 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove test bits.

Pointy hat to:	mat
Sponsored by:	Absolight
17 Jun 2014 15:01:25
Refresh Original commit files touched by this commit
Revision:358127
mat search for other commits by this committer
Convert dns/bind9* to USES=gssapi.

Sponsored by:	Absolight
12 Jun 2014 14:20:59
Original commit files touched by this commit  9.10.0P2
Revision:357599 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.10.0-P2

Changes:	https://lists.isc.org/pipermail/bind-announce/2014-June/000914.html
Security:	CVE-2014-3859
Sponsored by:	Absolight
06 Jun 2014 10:59:46
Original commit files touched by this commit  9.10.0.1_3
Revision:356762 This port version is marked as vulnerable.
mat search for other commits by this committer
Don't install rndc.conf

It is generated by the rc script during the first startup.  And if
the file is present, it messes up the rndc.key generation.

Poked by:	Alain Audebert
Sponsored by:	Absolight
17 May 2014 21:30:25
Original commit files touched by this commit  9.10.0.1_2
Revision:354375 This port version is marked as vulnerable.
mat search for other commits by this committer
Fix build with GOST (on 10, base OpenSSL doesn't have it)
Make sure OpenSSL from ports is used < 10.

Sponsored by:	Absolight
14 May 2014 23:59:14
Original commit files touched by this commit  9.10.0.1_1
Revision:354095 This port version is marked as vulnerable.
mat search for other commits by this committer
Make GOST in BIND 9.* optional

Test Plan: Currently testing in poudriere

Differential Revision: https://phabric.freebsd.org/D12
08 May 2014 21:48:08
Original commit files touched by this commit  9.10.0.1
Revision:353356 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.10.0-P1.

Changes:	https://lists.isc.org/pipermail/bind-announce/2014-May/000909.html
Security:	CVE-2014-3214
Sponsored by:	Absolight
02 May 2014 11:51:18
Original commit files touched by this commit  9.10.0
Revision:352807 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.10.0

Changes:	https://lists.isc.org/pipermail/bind-announce/2014-May/000908.html
Relnotes:	yes (if applicable to ports)
Sponsored by:	Absolight
28 Apr 2014 15:42:06
Original commit files touched by this commit  9.10.0rc2
Revision:352512 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.10.0.rc2

- Remove REPLACE_BASE option, I should have done so when adding 9.10.0.rc1
- Clean the Makefile a bit

Changes:	https://lists.isc.org/pipermail/bind-announce/2014-April/000907.html
Sponsored by:	Absolight
17 Apr 2014 16:43:49
Original commit files touched by this commit  9.10.0rc1_3
Revision:351487 This port version is marked as vulnerable.
mat search for other commits by this committer
Fix the rc script reload command.

Noticed by:	David Samms
Sponsored by:	Absolight
16 Apr 2014 19:03:11
Original commit files touched by this commit  9.10.0rc1_2
Revision:351412 This port version is marked as vulnerable.
zeising search for other commits by this committer
Bump portrevision for shlib change in libxml2

Approved by:	portmgr (bdrewery, implicit)
12 Apr 2014 19:23:10
Original commit files touched by this commit  9.10.0rc1_1
Revision:351124 This port version is marked as vulnerable.
mat search for other commits by this committer
Use @sample for my port, cleanup an etc/PORTNAME into ETCDIR.

Sponsored by:	Absolight
10 Apr 2014 20:43:50
Original commit files touched by this commit  9.10.0rc1_1
Revision:350848 This port version is marked as vulnerable.
mat search for other commits by this committer
Two changes to the RC script
- Add a dependency on ldconfig
- Allow people to change the pidfile

PR:		188439
Submitted by:	Oliver Lehmann
Sponsored by:	Absolight
10 Apr 2014 16:01:28
Original commit files touched by this commit  9.10.0rc1
Revision:350819 This port version is marked as vulnerable.
mat search for other commits by this committer
Introduce BIND 9.10.0rc1

BIND 9.10 includes a number of changes from earlier releases, including:
- DNS Response-rate limiting (DNS RRL)
- A new "prefetch" option can improve recursive resolver performance
- ACLs can now be specified based on geographic location using the
  MaxMind GeoIP databases.
- A new compile-time option, NATIVE_PKCS11 allows the BIND 9
  cryptography functions to use the PKCS#11 API natively.

                               *NOTE*
          This is a release candidate, it may contain bugs.
                               *NOTE*

Changes:	https://lists.isc.org/pipermail/bind-announce/2014-April/000906.html
Sponsored by:	Absolight

Number of commits found: 36

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
cross-binutilsMar 24
jenkinsMar 24
jenkins-ltsMar 24
libressl*Mar 24
linux-c6-openssl*Mar 24
mingw32-openssl*Mar 24
mingw64-binutilsMar 24
openssl*Mar 24
firefoxMar 22
firefox-esrMar 22
libxulMar 22
linux-firefoxMar 22
linux-seamonkeyMar 22
seamonkeyMar 22
sympaMar 13

5 vulnerabilities affecting 24 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24719
Broken 100
Deprecated 143
Ignore 389
Forbidden 3
Restricted 203
No CDROM 94
Vulnerable 21
Expired 1
Set to expire 136
Interactive 0
new 24 hours 12
new 48 hours17
new 7 days32
new fortnight43
new month122

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.