notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Port details
bind911 BIND DNS suite with updated DNSSEC and DNS64
9.11.7 dns on this many watch lists=12 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
9.11.6P1Version of this port present on the latest quarterly branch.
Maintainer: mat@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2016-07-04 09:47:39
Last Update: 2019-06-03 13:43:27
SVN Revision: 503380
Also Listed In: net ipv6
License: MPL20
BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND
architecture.  Some of the important features of BIND 9 are:

DNS Security: DNSSEC (signed zones), TSIG (signed DNS requests)
IP version 6: Answers DNS queries on IPv6 sockets, IPv6 resource records (AAAA)
     Experimental IPv6 Resolver Library
DNS Protocol Enhancements: IXFR, DDNS, Notify, EDNS0
     Improved standards conformance
Views: One server process can provide multiple "views" of the DNS namespace,
     e.g. an "inside" view to certain clients, and an "outside" view to others.
Multiprocessor Support

See the CHANGES file for more information on new features.

WWW: https://www.isc.org/downloads/bind/
SVNWeb : Homepage
    Pseudo-pkg-plist information, but much better, from make generate-plist
    Expand this list (402 items)
  1. /usr/local/share/licenses/bind911-9.11.7/catalog.mk
  2. /usr/local/share/licenses/bind911-9.11.7/LICENSE
  3. /usr/local/share/licenses/bind911-9.11.7/MPL20
  4. bin/bind9-config
  5. @comment bin/dnstap-read
  6. bin/isc-config.sh
  7. @sample etc/mtree/BIND.chroot.dist.sample
  8. @sample etc/mtree/BIND.chroot.local.dist.sample
  9. etc/namedb/bind.keys
  10. etc/namedb/master/empty.db
  11. etc/namedb/master/localhost-forward.db
  12. etc/namedb/master/localhost-reverse.db
  13. @sample etc/namedb/named.conf.sample
  14. etc/namedb/named.root
  15. etc/namedb/rndc.conf.sample
  16. include/bind9/check.h
  17. include/bind9/getaddresses.h
  18. include/bind9/version.h
  19. include/dns/acache.h
  20. include/dns/acl.h
  21. include/dns/adb.h
  22. include/dns/badcache.h
  23. include/dns/bit.h
  24. include/dns/byaddr.h
  25. include/dns/cache.h
  26. include/dns/callbacks.h
  27. include/dns/catz.h
  28. include/dns/cert.h
  29. include/dns/client.h
  30. include/dns/clientinfo.h
  31. include/dns/compress.h
  32. include/dns/db.h
  33. include/dns/dbiterator.h
  34. include/dns/dbtable.h
  35. include/dns/diff.h
  36. include/dns/dispatch.h
  37. include/dns/dlz.h
  38. include/dns/dlz_dlopen.h
  39. include/dns/dns64.h
  40. include/dns/dnssec.h
  41. include/dns/dnstap.h
  42. include/dns/ds.h
  43. include/dns/dsdigest.h
  44. include/dns/dyndb.h
  45. include/dns/ecdb.h
  46. include/dns/edns.h
  47. include/dns/enumclass.h
  48. include/dns/enumtype.h
  49. include/dns/events.h
  50. include/dns/fixedname.h
  51. include/dns/forward.h
  52. include/dns/geoip.h
  53. include/dns/ipkeylist.h
  54. include/dns/iptable.h
  55. include/dns/journal.h
  56. include/dns/keydata.h
  57. include/dns/keyflags.h
  58. include/dns/keytable.h
  59. include/dns/keyvalues.h
  60. include/dns/lib.h
  61. include/dns/log.h
  62. include/dns/lookup.h
  63. include/dns/master.h
  64. include/dns/masterdump.h
  65. include/dns/message.h
  66. include/dns/name.h
  67. include/dns/ncache.h
  68. include/dns/nsec.h
  69. include/dns/nsec3.h
  70. include/dns/nta.h
  71. include/dns/opcode.h
  72. include/dns/order.h
  73. include/dns/peer.h
  74. include/dns/portlist.h
  75. include/dns/private.h
  76. include/dns/rbt.h
  77. include/dns/rcode.h
  78. include/dns/rdata.h
  79. include/dns/rdataclass.h
  80. include/dns/rdatalist.h
  81. include/dns/rdataset.h
  82. include/dns/rdatasetiter.h
  83. include/dns/rdataslab.h
  84. include/dns/rdatastruct.h
  85. include/dns/rdatatype.h
  86. include/dns/request.h
  87. include/dns/resolver.h
  88. include/dns/result.h
  89. include/dns/rootns.h
  90. include/dns/rpz.h
  91. include/dns/rriterator.h
  92. include/dns/rrl.h
  93. include/dns/sdb.h
  94. include/dns/sdlz.h
  95. include/dns/secalg.h
  96. include/dns/secproto.h
  97. include/dns/soa.h
  98. include/dns/ssu.h
  99. include/dns/stats.h
  100. include/dns/tcpmsg.h
  101. include/dns/time.h
  102. include/dns/timer.h
  103. include/dns/tkey.h
  104. include/dns/tsec.h
  105. include/dns/tsig.h
  106. include/dns/ttl.h
  107. include/dns/types.h
  108. include/dns/update.h
  109. include/dns/validator.h
  110. include/dns/version.h
  111. include/dns/view.h
  112. include/dns/xfrin.h
  113. include/dns/zone.h
  114. include/dns/zonekey.h
  115. include/dns/zt.h
  116. include/dst/dst.h
  117. include/dst/gssapi.h
  118. include/dst/lib.h
  119. include/dst/result.h
  120. include/irs/context.h
  121. include/irs/dnsconf.h
  122. include/irs/netdb.h
  123. include/irs/platform.h
  124. include/irs/resconf.h
  125. include/irs/types.h
  126. include/irs/version.h
  127. include/isc/aes.h
  128. include/isc/app.h
  129. include/isc/assertions.h
  130. include/isc/atomic.h
  131. include/isc/backtrace.h
  132. include/isc/base32.h
  133. include/isc/base64.h
  134. include/isc/bind9.h
  135. include/isc/boolean.h
  136. include/isc/buffer.h
  137. include/isc/bufferlist.h
  138. include/isc/commandline.h
  139. include/isc/condition.h
  140. include/isc/counter.h
  141. include/isc/crc64.h
  142. include/isc/deprecated.h
  143. include/isc/dir.h
  144. include/isc/entropy.h
  145. include/isc/errno.h
  146. include/isc/error.h
  147. include/isc/event.h
  148. include/isc/eventclass.h
  149. include/isc/file.h
  150. include/isc/formatcheck.h
  151. include/isc/fsaccess.h
  152. include/isc/hash.h
  153. include/isc/heap.h
  154. include/isc/hex.h
  155. include/isc/hmacmd5.h
  156. include/isc/hmacsha.h
  157. include/isc/ht.h
  158. include/isc/httpd.h
  159. include/isc/int.h
  160. include/isc/interfaceiter.h
  161. include/isc/iterated_hash.h
  162. include/isc/json.h
  163. include/isc/keyboard.h
  164. include/isc/lang.h
  165. include/isc/lex.h
  166. include/isc/lfsr.h
  167. include/isc/lib.h
  168. include/isc/likely.h
  169. include/isc/list.h
  170. include/isc/log.h
  171. include/isc/magic.h
  172. include/isc/md5.h
  173. include/isc/mem.h
  174. include/isc/meminfo.h
  175. include/isc/msgcat.h
  176. include/isc/msgs.h
  177. include/isc/mutex.h
  178. include/isc/mutexblock.h
  179. include/isc/net.h
  180. include/isc/netaddr.h
  181. include/isc/netdb.h
  182. include/isc/netscope.h
  183. include/isc/offset.h
  184. include/isc/once.h
  185. include/isc/ondestroy.h
  186. include/isc/os.h
  187. include/isc/parseint.h
  188. include/isc/platform.h
  189. include/isc/pool.h
  190. include/isc/portset.h
  191. include/isc/print.h
  192. include/isc/queue.h
  193. include/isc/quota.h
  194. include/isc/radix.h
  195. include/isc/random.h
  196. include/isc/ratelimiter.h
  197. include/isc/refcount.h
  198. include/isc/regex.h
  199. include/isc/region.h
  200. include/isc/resource.h
  201. include/isc/result.h
  202. include/isc/resultclass.h
  203. include/isc/rwlock.h
  204. include/isc/safe.h
  205. include/isc/serial.h
  206. include/isc/sha1.h
  207. include/isc/sha2.h
  208. include/isc/sockaddr.h
  209. include/isc/socket.h
  210. include/isc/stat.h
  211. include/isc/stats.h
  212. include/isc/stdio.h
  213. include/isc/stdlib.h
  214. include/isc/stdtime.h
  215. include/isc/strerror.h
  216. include/isc/string.h
  217. include/isc/symtab.h
  218. include/isc/syslog.h
  219. include/isc/task.h
  220. include/isc/taskpool.h
  221. include/isc/thread.h
  222. include/isc/time.h
  223. include/isc/timer.h
  224. include/isc/tm.h
  225. include/isc/types.h
  226. include/isc/util.h
  227. include/isc/version.h
  228. include/isc/xml.h
  229. include/isccc/alist.h
  230. include/isccc/base64.h
  231. include/isccc/cc.h
  232. include/isccc/ccmsg.h
  233. include/isccc/events.h
  234. include/isccc/lib.h
  235. include/isccc/result.h
  236. include/isccc/sexpr.h
  237. include/isccc/symtab.h
  238. include/isccc/symtype.h
  239. include/isccc/types.h
  240. include/isccc/util.h
  241. include/isccc/version.h
  242. include/isccfg/aclconf.h
  243. include/isccfg/cfg.h
  244. include/isccfg/dnsconf.h
  245. include/isccfg/grammar.h
  246. include/isccfg/log.h
  247. include/isccfg/namedconf.h
  248. include/isccfg/version.h
  249. include/lwres/context.h
  250. include/lwres/int.h
  251. include/lwres/ipv6.h
  252. include/lwres/lang.h
  253. include/lwres/list.h
  254. include/lwres/lwbuffer.h
  255. include/lwres/lwpacket.h
  256. include/lwres/lwres.h
  257. include/lwres/net.h
  258. include/lwres/netdb.h
  259. include/lwres/platform.h
  260. include/lwres/result.h
  261. include/lwres/stdlib.h
  262. include/lwres/string.h
  263. include/lwres/version.h
  264. include/pk11/constants.h
  265. include/pk11/internal.h
  266. include/pk11/pk11.h
  267. include/pk11/result.h
  268. include/pk11/site.h
  269. include/pkcs11/cryptoki.h
  270. include/pkcs11/eddsa.h
  271. include/pkcs11/pkcs11.h
  272. include/pkcs11/pkcs11f.h
  273. include/pkcs11/pkcs11t.h
  274. lib/libbind9.a
  275. lib/libdns.a
  276. lib/libirs.a
  277. lib/libisc.a
  278. lib/libisccc.a
  279. lib/libisccfg.a
  280. lib/liblwres.a
  281. man/man1/bind9-config.1.gz
  282. @comment man/man1/dnstap-read.1.gz
  283. man/man1/isc-config.sh.1.gz
  284. man/man3/lwres.3.gz
  285. man/man3/lwres_addr_parse.3.gz
  286. man/man3/lwres_buffer.3.gz
  287. man/man3/lwres_buffer_add.3.gz
  288. man/man3/lwres_buffer_back.3.gz
  289. man/man3/lwres_buffer_clear.3.gz
  290. man/man3/lwres_buffer_first.3.gz
  291. man/man3/lwres_buffer_forward.3.gz
  292. man/man3/lwres_buffer_getmem.3.gz
  293. man/man3/lwres_buffer_getuint16.3.gz
  294. man/man3/lwres_buffer_getuint32.3.gz
  295. man/man3/lwres_buffer_getuint8.3.gz
  296. man/man3/lwres_buffer_init.3.gz
  297. man/man3/lwres_buffer_invalidate.3.gz
  298. man/man3/lwres_buffer_putmem.3.gz
  299. man/man3/lwres_buffer_putuint16.3.gz
  300. man/man3/lwres_buffer_putuint32.3.gz
  301. man/man3/lwres_buffer_putuint8.3.gz
  302. man/man3/lwres_buffer_subtract.3.gz
  303. man/man3/lwres_conf_clear.3.gz
  304. man/man3/lwres_conf_get.3.gz
  305. man/man3/lwres_conf_init.3.gz
  306. man/man3/lwres_conf_parse.3.gz
  307. man/man3/lwres_conf_print.3.gz
  308. man/man3/lwres_config.3.gz
  309. man/man3/lwres_context.3.gz
  310. man/man3/lwres_context_allocmem.3.gz
  311. man/man3/lwres_context_create.3.gz
  312. man/man3/lwres_context_destroy.3.gz
  313. man/man3/lwres_context_freemem.3.gz
  314. man/man3/lwres_context_initserial.3.gz
  315. man/man3/lwres_context_nextserial.3.gz
  316. man/man3/lwres_context_sendrecv.3.gz
  317. man/man3/lwres_endhostent.3.gz
  318. man/man3/lwres_endhostent_r.3.gz
  319. man/man3/lwres_freeaddrinfo.3.gz
  320. man/man3/lwres_freehostent.3.gz
  321. man/man3/lwres_gabn.3.gz
  322. man/man3/lwres_gabnrequest_free.3.gz
  323. man/man3/lwres_gabnrequest_parse.3.gz
  324. man/man3/lwres_gabnrequest_render.3.gz
  325. man/man3/lwres_gabnresponse_free.3.gz
  326. man/man3/lwres_gabnresponse_parse.3.gz
  327. man/man3/lwres_gabnresponse_render.3.gz
  328. man/man3/lwres_gai_strerror.3.gz
  329. man/man3/lwres_getaddrinfo.3.gz
  330. man/man3/lwres_getaddrsbyname.3.gz
  331. man/man3/lwres_gethostbyaddr.3.gz
  332. man/man3/lwres_gethostbyaddr_r.3.gz
  333. man/man3/lwres_gethostbyname.3.gz
  334. man/man3/lwres_gethostbyname2.3.gz
  335. man/man3/lwres_gethostbyname_r.3.gz
  336. man/man3/lwres_gethostent.3.gz
  337. man/man3/lwres_gethostent_r.3.gz
  338. man/man3/lwres_getipnode.3.gz
  339. man/man3/lwres_getipnodebyaddr.3.gz
  340. man/man3/lwres_getipnodebyname.3.gz
  341. man/man3/lwres_getnamebyaddr.3.gz
  342. man/man3/lwres_getnameinfo.3.gz
  343. man/man3/lwres_getrrsetbyname.3.gz
  344. man/man3/lwres_gnba.3.gz
  345. man/man3/lwres_gnbarequest_free.3.gz
  346. man/man3/lwres_gnbarequest_parse.3.gz
  347. man/man3/lwres_gnbarequest_render.3.gz
  348. man/man3/lwres_gnbaresponse_free.3.gz
  349. man/man3/lwres_gnbaresponse_parse.3.gz
  350. man/man3/lwres_gnbaresponse_render.3.gz
  351. man/man3/lwres_herror.3.gz
  352. man/man3/lwres_hstrerror.3.gz
  353. man/man3/lwres_inetntop.3.gz
  354. man/man3/lwres_lwpacket_parseheader.3.gz
  355. man/man3/lwres_lwpacket_renderheader.3.gz
  356. man/man3/lwres_net_ntop.3.gz
  357. man/man3/lwres_noop.3.gz
  358. man/man3/lwres_nooprequest_free.3.gz
  359. man/man3/lwres_nooprequest_parse.3.gz
  360. man/man3/lwres_nooprequest_render.3.gz
  361. man/man3/lwres_noopresponse_free.3.gz
  362. man/man3/lwres_noopresponse_parse.3.gz
  363. man/man3/lwres_noopresponse_render.3.gz
  364. man/man3/lwres_packet.3.gz
  365. man/man3/lwres_resutil.3.gz
  366. man/man3/lwres_sethostent.3.gz
  367. man/man3/lwres_sethostent_r.3.gz
  368. man/man3/lwres_string_parse.3.gz
  369. man/man5/named.conf.5.gz
  370. man/man5/rndc.conf.5.gz
  371. man/man8/ddns-confgen.8.gz
  372. man/man8/lwresd.8.gz
  373. man/man8/named-checkconf.8.gz
  374. man/man8/named-checkzone.8.gz
  375. man/man8/named-compilezone.8.gz
  376. man/man8/named-nzd2nzf.8.gz
  377. man/man8/named.8.gz
  378. @comment man/man8/pkcs11-destroy.8.gz
  379. @comment man/man8/pkcs11-keygen.8.gz
  380. @comment man/man8/pkcs11-list.8.gz
  381. @comment man/man8/pkcs11-tokens.8.gz
  382. man/man8/rndc-confgen.8.gz
  383. man/man8/rndc.8.gz
  384. man/man8/tsig-keygen.8.gz
  385. sbin/ddns-confgen
  386. sbin/lwresd
  387. sbin/named
  388. sbin/named-checkconf
  389. sbin/named-checkzone
  390. sbin/named-compilezone
  391. sbin/named-nzd2nzf
  392. @comment sbin/pkcs11-destroy
  393. @comment sbin/pkcs11-keygen
  394. @comment sbin/pkcs11-list
  395. @comment sbin/pkcs11-tokens
  396. sbin/rndc
  397. sbin/rndc-confgen
  398. sbin/tsig-keygen
  399. @dir(bind,bind,) etc/namedb/dynamic
  400. @dir etc/namedb/master
  401. @dir(bind,bind,) etc/namedb/slave
  402. @dir(bind,bind,) etc/namedb/working
  403. Collapse this list.
Dependency lines:
  • bind911>0:dns/bind911
Conflicts:
  • CONFLICTS:
    • bind912
    • bind913
    • bind914
    • bind9-devel
Conflicts Matches:
    There are no Conflicts Matches for this port. This is usually an error.

To install the port: cd /usr/ports/dns/bind911/ && make install clean
To add the package: pkg install bind911

PKGNAME: bind911

There is no flavor information for this port.

distinfo:

TIMESTAMP = 1557990453
SHA256 (bind-9.11.7.tar.gz) = 5b9e86dc5711a1a7448356c02ddb23bb1dd78c9e02a69f9b2e2ce31d39f5a0fd
SIZE (bind-9.11.7.tar.gz) = 8124611


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Runtime dependencies:
  1. bind-tools>0 : dns/bind-tools
Library dependencies:
  1. libxml2.so : textproc/libxml2
  2. libidn2.so : dns/libidn2
  3. libjson-c.so : devel/json-c
  4. liblmdb.so : databases/lmdb
  5. libedit.so.0 : devel/libedit
  6. libiconv.so : converters/libiconv
There are no ports dependent upon this port

Configuration Options
===> The following configuration options are available for bind911-9.11.7:
     DNSTAP=off: Provides fast passive logging of DNS messages
     DOCS=on: Build and/or install documentation
     FILTER_AAAA=on: Enable filtering of AAAA records
     FIXED_RRSET=off: Enable fixed rrset ordering
     IDN=on: International Domain Names support
     IPV6=on: IPv6 protocol support
     JSON=on: JSON file/format/parser support
     LARGE_FILE=off: 64-bit file support
     LMDB=on: Use LMDB for zone management
     MINCACHE=off: Use the mincachettl patch
     PORTREVISION=off: Show PORTREVISION in the version string
     QUERYTRACE=off: Enable the very verbose query tracelogging
     RPZ_NSDNAME=on: Enable RPZ NSDNAME policy records
     RPZ_NSIP=on: Enable RPZ NSIP trigger rules
     SIGCHASE=on: dig/host/nslookup will do DNSSEC validation
     START_LATE=off: Start BIND late in the boot process (see help)
     TCP_FASTOPEN=on: RFC 7413 support
     THREADS=on: Threading support
     TUNING_LARGE=off: Tune named for large systems (**READ HELP**)
====> Dynamically Loadable Zones
     DLZ_POSTGRESQL=off: DLZ Postgres driver
     DLZ_MYSQL=off: DLZ MySQL driver (no threading)
     DLZ_BDB=off: DLZ BDB driver
     DLZ_LDAP=off: DLZ LDAP driver
     DLZ_FILESYSTEM=on: DLZ filesystem driver
     DLZ_STUB=off: DLZ stub driver
====> GSSAPI Security API support: you have to select exactly one of them
     GSSAPI_BASE=off: Using Heimdal in base
     GSSAPI_HEIMDAL=off: Using security/heimdal
     GSSAPI_MIT=off: Using security/krb5
     GSSAPI_NONE=on: Disable
====> Choose which crypto engine to use: you can only select none or one of them
     SSL=on: Build with OpenSSL (Required for DNSSEC)
     NATIVE_PKCS11=off: Use PKCS#11 native API (**READ HELP**)
===> Use 'make config' to modify these settings

USES:
cpe libedit iconv ssl

Master Sites:
  1. ftp://ftp.ciril.fr/pub/isc/bind9/9.11.7/
  2. ftp://ftp.freenet.de/pub/ftp.isc.org/isc/bind9/9.11.7/
  3. ftp://ftp.funet.fi/pub/mirrors/ftp.isc.org/isc/bind9/9.11.7/
  4. ftp://ftp.iij.ad.jp/pub/network/isc/bind9/9.11.7/
  5. ftp://ftp.isc.org/isc/bind9/9.11.7/
  6. ftp://ftp.mirrorservice.org/sites/ftp.isc.org/isc/bind9/9.11.7/
  7. ftp://ftp.nominum.com/pub/isc/bind9/9.11.7/
  8. ftp://ftp.ntua.gr/pub/net/isc/isc/bind9/9.11.7/
  9. ftp://ftp.ripe.net/mirrors/sites/ftp.isc.org/isc/bind9/9.11.7/
  10. ftp://ftp.task.gda.pl/mirror/ftp.isc.org/isc/bind9/9.11.7/
  11. ftp://ftp.u-aizu.ac.jp/pub/net/isc/bind9/9.11.7/
  12. https://ftp.isc.org/isc/bind9/9.11.7/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2015-03-24
    Affects: users of dns/bind9*
    Author: mat@FreeBSD.org
    Reason: 
      This is only for FreeBSD 10.0+.
    
      BIND auto chroot has been added back to the named rc script.  As enabling it
      by default would most certainly break people's setup, it is not.  To enable
      it, and chroot it in /var/named, add the following line to your rc.conf file:
    
      named_chrootdir="/var/named"
    
      On first launch, the rc script will move the /usr/local/etc/namedb directory
      into the chroot, and create a symlink to it.
    
      Note that, if you're running from within a jail, you need to have a
      /var/named/dev devfs created beforehand, with the null and random devices.
    
    
  • 2013-11-12
    Affects: users of dns/bind9*
    Author: erwin@FreeBSD.org
    Reason: 
      All bind9 ports have been updated to support FreeBSD 10.x after
      BIND was removed from the base system.  It is now self-contained
      in ${PREFIX}/etc/namedb, and chroot and symlinking options are
      no longer supported out of the box.
    
      For users of FreeBSD 9.x and earlier, the LINKS option is no longer
      enabled by default, but still supported.  No other changes should
      affect those users, and updating without changing already set options
      will keep the system in the same state.
    
    
Port Moves
  • port moved here from dns/bind99 on 2018-07-04
    REASON: Has expired: Going out of support, please migrate to dns/bind911

  • port moved here from dns/bind910 on 2018-07-04
    REASON: Has expired: Going out of support, please migrate to dns/bind911

Number of commits found: 69

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
03 Jun 2019 12:43:27
Original commit files touched by this commit  9.11.7
Revision:503380
mat search for other commits by this committer
Fix build with DNSTAP enabled.

PR:		238036
Reported by:	Artyom Davidov
16 May 2019 07:32:25
Original commit files touched by this commit  9.11.7
Revision:501775
mat search for other commits by this committer
Update to 9.11.7.
25 Apr 2019 07:17:13
Original commit files touched by this commit  9.11.6P1
Revision:499957
mat search for other commits by this committer
Update to BIND9 9.11.6-P1.

MFH:		2019Q2
Security:	CVE-2018-5743
23 Apr 2019 13:04:12
Original commit files touched by this commit  9.11.6_1
Revision:499757
mat search for other commits by this committer
Remove conflicts from bind-tools and the server ports.

All servers now depend on the same bind-tools, from the latest BIND9
release.

Chase dependencies to make sure they now depend on the correct port.

Differential Revision:	https://reviews.freebsd.org/D19922
19 Mar 2019 08:38:44
Original commit files touched by this commit  9.11.6
Revision:496252
mat search for other commits by this committer
Make WITH_DEBUG actually build and be as helpful as possible.
12 Mar 2019 16:11:31
Original commit files touched by this commit  9.11.6
Revision:495468
mat search for other commits by this committer
Update WWW.

PR:		236196
Submitted by:	Leonid Nevecherya
01 Mar 2019 10:10:03
Original commit files touched by this commit  9.11.6
Revision:494252
mat search for other commits by this committer
Add BIND 9.14.0 first release candidate.
01 Mar 2019 10:02:53
Original commit files touched by this commit  9.11.6
Revision:494250
mat search for other commits by this committer
Update to 9.11.6.
22 Feb 2019 08:52:52
Original commit files touched by this commit  9.11.5P4
Revision:493563
mat search for other commits by this committer
Update to 9.11.5-P4.

MFH:		2019Q1 (blanket)
Security:	CVE-2018-5744 CVE-2018-5745 CVE-2019-6465
09 Feb 2019 23:25:37
Original commit files touched by this commit  9.11.5P1_3
Revision:492534
sunpoet search for other commits by this committer
Update dns/libidn2 to 2.1.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS
13 Jan 2019 20:58:37
Original commit files touched by this commit  9.11.5P1_2
Revision:490211
adamw search for other commits by this committer
Remove GeoIP-related options. Where possible, replace GeoIP 1 defaults
with GeoIP 2.

Also, as suggested by zi, add an UPDATING note about this.
06 Jan 2019 20:39:43
Original commit files touched by this commit  9.11.5P1_1
Revision:489529
sunpoet search for other commits by this committer
Update dns/libidn2 to 2.1.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS
13 Dec 2018 09:06:51
Original commit files touched by this commit  9.11.5P1
Revision:487359
mat search for other commits by this committer
Update to 9.11.5-P1, 9.12.3-P1, 9.13.5.

While there:
- Don't disable symbol table generation when building WITH_DEBUG.
- Try and make sure nullfs can really be used in a more robustt and
  centralized way.
- Make sure all changes are sync'ed among all BIND9 ports.
14 Nov 2018 10:11:58
Original commit files touched by this commit  9.11.5_1
Revision:484916
mat search for other commits by this committer
Make sure gost is really disabled.

It may get picked up from the base OpenSSL and break startup.
While there, make sure the correct engines are used.

Reported by:	Kevin P. Neal (on ports@)
02 Nov 2018 10:13:14
Original commit files touched by this commit  9.11.5
Revision:483798
mat search for other commits by this committer
Remove GOST support from BIND9 9.11 and 9.12.

It was never (widely|really) used, and support for it has been dropped
in OpenSSL starting at 1.1, and BIND9 starting at 9.13.

PR:		231980
Reported by:	mfechner
24 Oct 2018 08:05:48
Original commit files touched by this commit  9.11.5
Revision:482890
mat search for other commits by this committer
Update to 9.11.5.
20 Sep 2018 14:12:09
Original commit files touched by this commit  9.11.4P2
Revision:480174
mat search for other commits by this committer
Update to 9.11.4-P2.

Switch to libidn2 for idn.
05 Sep 2018 22:01:55
Original commit files touched by this commit  9.11.4P1_2
Revision:479045
sunpoet search for other commits by this committer
Update devel/json-c to 0.13.1

- Add my LOCAL to MASTER_SITES
- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/json-c/json-c/blob/master/ChangeLog
PR:		231007
Exp-run by:	antoine
24 Aug 2018 11:49:34
Original commit files touched by this commit  9.11.4P1_1
Revision:477957
mat search for other commits by this committer
Permit using allow-new-zones, LMDB, and a chrooted environment.

Fixes this obscure and not at all helpful message:
mdb_env_open of '_default.nzd' failed: No such file or directory

PR:		229125
Reported by:	Tomas Ciernik
MFH:		2018Q3
08 Aug 2018 21:25:56
Original commit files touched by this commit  9.11.4P1
Revision:476686
mat search for other commits by this committer
Update to 9.11.4-P1 and 9.12.2-P1.

Security:	CVE-2018-5740
Sponsored by:	Absolight
11 Jul 2018 09:36:54
Original commit files touched by this commit  9.11.4
Revision:474430
mat search for other commits by this committer
Update BIND9 ports to 9.11.4, 9.12.2 and 9.13.2.

Sponsored by:	Absolight
14 Jun 2018 15:42:52
Original commit files touched by this commit  9.11.3_2
Revision:472383
mat search for other commits by this committer
Include a patch to fix CVE-2018-5738 in all the BIND9 ports.

MFH:		2018Q2 (blanket)
Security:	CVE-2018-5738
Sponsored by:	Absolight
06 Jun 2018 10:31:31
Original commit files touched by this commit  9.11.3_1
Revision:471831
mat search for other commits by this committer
Move things around a bit to be more handbook compliant.

Sponsored by:	Absolight
25 May 2018 12:43:32
Original commit files touched by this commit  9.11.3_1
Revision:470832
mat search for other commits by this committer
Add BIND9 9.13.0.

The ISC changed their release model, they are now doing
odd-unstable/even-stable release numbering.  This is a development
version, consider it alpha/beta quality.  The next stable release will
be 9.14.0.

Changes:	https://kb.isc.org/article/AA-01612
Sponsored by:	Absolight
22 May 2018 13:15:13
Original commit files touched by this commit  9.11.3_1
Revision:470610
mat search for other commits by this committer
Add PY_FLAVOR to Python module dependencies.

Sponsored by:	Absolight
17 Apr 2018 08:26:49
Original commit files touched by this commit  9.11.3_1
Revision:467580
mat search for other commits by this committer
Fix build when LOCALBASE!=/usr/local.

PR:		227554
Submitted by:	John Hein
Sponsored by:	Absolight
22 Mar 2018 14:13:02
Original commit files touched by this commit  9.11.3_1
Revision:465288
mat search for other commits by this committer
Enable the FILTER_AAAA option by default, the feature was made non
optional in recent versions, so might as well do it in older ones.

PR:		226383
Sponsored by:	Absolight
19 Mar 2018 11:21:38
Original commit files touched by this commit  9.11.3
Revision:465009
mat search for other commits by this committer
Update BIND9 ports to 9.9.12, 9.10.7, 9.11.3 and 9.12.1.

Sponsored by:	Absolight
07 Feb 2018 14:29:09
Original commit files touched by this commit  9.11.2P1_3
Revision:461145
mat search for other commits by this committer
Teach named where its pid file should be by default, to be consistent
with the default configuration, rc script, man pages...

PR:		225687
Reported by:	John W. O'Brien
Sponsored by:	Absolight
30 Jan 2018 13:44:45
Original commit files touched by this commit  9.11.2P1_2
Revision:460385
mat search for other commits by this committer
Add a TCP_FASTOPEN option (default on) to allow not building it in. [1]

It is annoying because it outputs one line saying it cannot enable
TCP_FASTOPEN when the deamon starts.

While there, discover that FILTER_AAAA is always enabled in 9.12+ and no
longer an option, so remove it.

PR:		217288 [1] (based on)
Reported by:	doktornotor mailinator com
Sponsored by:	Absolight
24 Jan 2018 10:43:30
Original commit files touched by this commit  9.11.2P1_1
Revision:459831
mat search for other commits by this committer
Catch up with the conflicts lines in the BIND9 ports.

Sponsored by:	Absolight
24 Jan 2018 10:43:26
Original commit files touched by this commit  9.11.2P1_1
Revision:459830
mat search for other commits by this committer
Remove support for bind-tools from the BIND9 9.11 port.

Sponsored by:	Absolight
19 Jan 2018 12:32:35
Original commit files touched by this commit  9.11.2P1_1
Revision:459406
mat search for other commits by this committer
Update named.root.

Sponsored by:	People afraid of a nuclear holocaust.
17 Jan 2018 07:59:45
Original commit files touched by this commit  9.11.2P1
Revision:459221
mat search for other commits by this committer
Update BIND9* to 9.9.11-P1, 9.10.6-P1, 9.11.2-P1 and 9.12.0rc3

MFH:		2018Q1
Security:	CVE-2017-3145
Sponsored by:	Absolight
12 Jan 2018 12:58:51
Original commit files touched by this commit  9.11.2_7
Revision:458822
mat search for other commits by this committer
Add a TUNING_LARGE option.

https://kb.isc.org/article/AA-01314/0

Tunes certain compiled-in constants and default settings to
values better suited to large servers with 12/16GB+ of memory.
This can improve performance on such servers, but will consume
more memory and may degrade performance on smaller systems.

PR:		224859
Sponsored by:	Absolight
08 Jan 2018 13:38:47
Original commit files touched by this commit  9.11.2_6
Revision:458413
mat search for other commits by this committer
Fix altlog_proglist warning when it contains more than the named service.

PR:		224951
Submitted by:	Trix Farrar
Sponsored by:	Absolight
03 Jan 2018 13:36:58
Original commit files touched by this commit  9.11.2_5
Revision:457965
sunpoet search for other commits by this committer
Update devel/json-c to 0.13

- Add TEST_TARGET
- While I'm here, fix shebang for net/opensips
- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/json-c/json-c/blob/master/ChangeLog
PR:		224675
Exp-run by:	antoine
23 Nov 2017 13:55:30
Original commit files touched by this commit  9.11.2_4
Revision:454760
mat search for other commits by this committer
Add an extra check to make sure syslogd is correctly configured when
using chroot.

Sponsored by:	Absolight
07 Nov 2017 15:48:16
Original commit files touched by this commit  9.11.2_3
Revision:453667
mat search for other commits by this committer
Add a symlink to named's session-keyfile.

Using nsupdate -l, and chroot was broken because nsupdate could not find
the keyfile by itself.

PR:		223403
Submitted by:	Harald Schmalzbauer
Sponsored by:	Absolight
04 Nov 2017 11:43:35
Original commit files touched by this commit  9.11.2_2
Revision:453453
dbaio search for other commits by this committer
Update license of ports using MPL (without version)

All ports now should use MPL[10|11|20] license.

Approved by:	portmgr (blanket)
03 Nov 2017 13:20:28
Original commit files touched by this commit  9.11.2_2
Revision:453405
mat search for other commits by this committer
Enable the PYTHON option by default, it brings a few interesting DNSSEC
tools.

Sponsored by:	Absolight
25 Oct 2017 13:24:19
Original commit files touched by this commit  9.11.2_1
Revision:452847
mat search for other commits by this committer
Install the mtree file as .sample to allow users to change them.

Sponsored by:	Absolight
28 Jul 2017 22:57:27
Original commit files touched by this commit  9.11.2
Revision:446860
mat search for other commits by this committer
Update BIND9 ports to 9.{9.11,10.6,11.2}.

Sponsored by:	Absolight
10 Jul 2017 18:48:00
Original commit files touched by this commit  9.11.1P3
Revision:445456
mat search for other commits by this committer
Update to 9.{9.10,10.5,11.1}-P3.

Sponsored by:	Absolight
29 Jun 2017 20:51:14
Original commit files touched by this commit  9.11.1P2
Revision:444687
mat search for other commits by this committer
Update to 9.{9.10,10.5,11.1}-P2.

Security:	CVE-2017-3142
Security:	CVE-2017-3143
Sponsored by:	Absolight
14 Jun 2017 22:54:50
Original commit files touched by this commit  9.11.1P1
Revision:443608
mat search for other commits by this committer
Update to 9.9.10-P1, 9.10.5-P1, 9.11.1-P1.

MFH:		2017Q2
Security:	CVE-2017-3140
Security:	CVE-2017-3141
Sponsored by:	Absolight
14 Jun 2017 22:54:43
Original commit files touched by this commit  9.11.1
Revision:443607
mat search for other commits by this committer
Remove special handling for testing and documentation domains, per RFC
6761 recommendations.

While there:
- Fix invalid syntax in sample slave config.
- Add a message about having syslogd working with BIND9 chroot.

PR:		217915
Reported by:	eserte12 yahoo de
Sponsored by:	Absolight
20 Apr 2017 13:12:36
Original commit files touched by this commit  9.11.1
Revision:438945
mat search for other commits by this committer
Update to 9.9.10, 9.10.5, 9.11.1 and 9.12 to latest snapshot.

While there:

Make it more maintainable by sorting stuff in the Makefile and removing
vestigial pre 10.3 things.

Refresh the root zone hints.

"Fix" the configuration section telling you to get some top level
zones from f.root-servers.net, which does not allow axfr any more. [1]

PR:		218656 [1]
Reported by:	Thomas Steen Rasmussen / Tykling [1]
MFH:		2017Q2
Sponsored by:	Absolight
13 Apr 2017 10:15:19
Original commit files touched by this commit  9.11.0P5_1
Revision:438434
mat search for other commits by this committer
Unbreak rndc calls when using non default rndc.key location.

PR:		218335
Sponsored by:	Absolight
13 Apr 2017 04:12:37
Original commit files touched by this commit  9.11.0P5
Revision:438423
delphij search for other commits by this committer
Security update to 9.11.0P5.

Security:	c6861494-1ffb-11e7-934d-d05099c0ae8c
Approved by:	so
MFH:		2017Q2
11 Apr 2017 13:59:43
Original commit files touched by this commit  9.11.0P3
Revision:438261 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove private URLs that should never have been committed.

Pointy hat:	mat
Sponsored by:	Absolight
08 Feb 2017 22:39:28
Original commit files touched by this commit  9.11.0P3
Revision:433678 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.9.9-P6, 9.10.4-P6 and 9.11.0-P3.

While there, remove the RPZ_PATCH for BIND9 9.9, it has not been updated
for years, and, it does not build any more.

MFH:		2017Q1
Security:	CVE-2017-3135
Sponsored by:	Absolight
12 Jan 2017 08:15:41
Original commit files touched by this commit  9.11.0P2_1
Revision:431233 This port version is marked as vulnerable.
mat search for other commits by this committer
Commit the cleanups that should have gone in with the pervious update.

Sponsored by:	Absolight
12 Jan 2017 07:30:00
Original commit files touched by this commit  9.11.0P2
Revision:431226 This port version is marked as vulnerable.
delphij search for other commits by this committer
Security update to 9.11.0-P2.

Approved by:	so
Security:	d4c7e9a9-d893-11e6-9b4d-d050996490d0
MFH:		2017Q1
09 Dec 2016 15:40:35
Original commit files touched by this commit  9.11.0P1_1
Revision:428222 This port version is marked as vulnerable.
mat search for other commits by this committer
Switch bind-tools to BIND9 9.11.

Sponsored by:	Absolight
09 Dec 2016 15:40:32
Original commit files touched by this commit  9.11.0P1_1
Revision:428221 This port version is marked as vulnerable.
mat search for other commits by this committer
Cleanup CONFLICTS.

Sponsored by:	Absolight
09 Dec 2016 15:02:37
Original commit files touched by this commit  9.11.0P1_1
Revision:428214 This port version is marked as vulnerable.
mat search for other commits by this committer
Fixup libedit for all BIND9 ports, and fix spurious json dependency by
adding an option.

PR:		215170
Reported by:	sunpoet
Sponsored by:	Absolight
02 Nov 2016 06:38:48
Original commit files touched by this commit  9.11.0P1
Revision:425115 This port version is marked as vulnerable.
delphij search for other commits by this committer
Security update:

dns/bind99:  9.9.9-P3  -> 9.9.9-P4
dns/bind910: 9.10.4-P3 -> 9.10.4-P4
dns/bind911: 9.11.0    -> 9.11.0-P1

Security:	CVE-2016-8864
Submitted by:	mat
MFH:		2016Q4
04 Oct 2016 22:35:31
Original commit files touched by this commit  9.11.0
Revision:423308 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.11.0

Changes:	https://lists.isc.org/pipermail/bind-announce/2016-October/001007.html
Sponsored by:	Absolight
04 Oct 2016 14:37:34
Original commit files touched by this commit  9.11.0.rc3
Revision:423263 This port version is marked as vulnerable.
mat search for other commits by this committer
Remarke MAKE_JOBS_UNSAFE everywhere.

Sponsored by:	Absolight
30 Sep 2016 12:44:28
Original commit files touched by this commit  9.11.0.rc3
Revision:422981 This port version is marked as vulnerable.
mat search for other commits by this committer
So, on 9, it is failing to build it with jobs.

It builds .a before all the .o that are supposed to go in the .a are
built.  Imagine what happens after that...

Reported by:	Craig Leres
Sponsored by:	Absolight
28 Sep 2016 12:55:09
Original commit files touched by this commit  9.11.0.rc3
Revision:422867 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove MAKE_JOBS_UNSAFE for BIND9.

It was added in 2009 in r232247 without the reason it was failing, I've
tried with -J 2-10, and can't have one of the BIND9 port fail.
Feel free to add it back, but please, add the reason why it fails.

Sponsored by:	Absolight
27 Sep 2016 16:10:22
Original commit files touched by this commit  9.11.0.rc3
Revision:422816 This port version is marked as vulnerable.
mat search for other commits by this committer
Update BIND9 to latest versions, 9.9.9-P3, 9.10.4-P3, 9.11.0rc3

MFH:		2016Q3
Security:	CVE-2016-2776
Sponsored by:	Absolight
31 Aug 2016 12:06:24
Original commit files touched by this commit  9.11.0.rc1
Revision:421154 This port version is marked as vulnerable.
mat search for other commits by this committer
The START_LATE option is not needed by bind-tools.

Sponsored by:	Absolight
31 Aug 2016 11:59:05
Original commit files touched by this commit  9.11.0.rc1
Revision:421152 This port version is marked as vulnerable.
mat search for other commits by this committer
The NEWSTATS and RRL options were removed in BIND9 9.10, so remove them
from here, also, make the upstream default options default for real.

While there, put back the BIND_TOOLS knobs in bind9-devel.

Sponsored by:	Absolight
31 Aug 2016 11:58:51
Original commit files touched by this commit  9.11.0.rc1
Revision:421151 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.11.0rc1.

While there, remove obsolete configure options, and set as default the
one that default to yes.

Changes:	https://lists.isc.org/pipermail/bind-announce/2016-August/001002.html
Sponsored by:	Absolight
03 Aug 2016 13:27:59
Original commit files touched by this commit  9.11.0.b3
Revision:419521 This port version is marked as vulnerable.
mat search for other commits by this committer
Update to 9.11.0b3.

MFH:		2016Q3
Security:	CVE-2016-2775
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/001001.html
Sponsored by:	Absolight
19 Jul 2016 11:30:38
Original commit files touched by this commit  9.11.0.b2
Revision:418769 This port version is marked as vulnerable.
mat search for other commits by this committer
BIND9 update, 9.9.9-P2, 9.10.4-P2, 9.11.0b2 and latest 9.12 snapshot.

MFH:		2016Q3
Security:	CVE-2016-2775
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/000996.html
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/000997.html
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/000998.html
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/000999.html
Sponsored by:	Absolight
04 Jul 2016 09:47:25
Original commit files touched by this commit  9.11.0.b1
Revision:418010 This port version is marked as vulnerable.
mat search for other commits by this committer
Introduce BIND9 9.11.0b1. (beta1)

BIND 9.11 brings many changes to BIND, including a new license
(the Mozilla Public License 2.0 -- you can read about it here:
https://www.isc.org/blogs/bind9-adopts-the-mpl-2-0-license-with-bind-9-11-0/)
and many new features, including:

-  Catalog zones, a new way to provision zones on slave servers
-  dyndb api, a fast new api enabling BIND to serve zones stored
   in a database (Developed by Petr Spacek of RedHat)
-  RNDC showzone, view-only mode and other improvements
-  dnstap query and response logging (Robert Edmonds is the author
   of dnstap, see www.dnstap.info)
-  EDNS Client-subnet (authoritative server functions)
-  DNSSEC key manager, a new utility (Thanks to Sebastian Castro
   for helping with development.)
-  Automatic CDS/CDSKEY generation
-  Negative Trust Anchors for DNSSEC validators
-  IPv6 bias to encourage use of IPv6 DNS servers
-  Minimal response to "any" queries (Thanks to Tony Finch for
   the contribution)
-  DNS Cookies are now enabled by default, using the standardized code point

Changes:	https://lists.isc.org/pipermail/bind-announce/2016-June/000994.html
Sponsored by:	Absolight

Number of commits found: 69

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
ImageMagick6*Jun 17
ImageMagick6-nox11*Jun 17
ImageMagick7*Jun 17
ImageMagick7-nox11*Jun 17
GraphicsMagickJun 16
netatalk3Jun 16
chromiumJun 15
neovimJun 13
phpmyadminJun 13
vimJun 13
vim-consoleJun 13
vim-tinyJun 13
mybbJun 12
linux-flashplayerJun 11
drupal7Jun 08

12 vulnerabilities affecting 80 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2019-06-17 06:25:27


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 36696
Broken 81
Deprecated 120
Ignore 303
Forbidden 3
Restricted 162
No CDROM 74
Vulnerable 33
Expired 14
Set to expire 91
Interactive 0
new 24 hours 5
new 48 hours13
new 7 days36
new fortnight65
new month190

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2019 Dan Langille. All rights reserved.