MFH: r493563 r493564

Update to 9.11.5-P4 and 9.12.3-P4.

Security:	CVE-2018-5744 CVE-2018-5745 CVE-2019-6465

dns/bind911/Makefile

@@ -20,7 +20,7 @@ LIB_DEPENDS=	libxml2.so:textproc/libxml2
 USES=	cpe libedit
 
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.11.5-P1
+ISCVERSION=	9.11.5-P4
 
 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}

dns/bind911/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1544687911
-SHA256 (bind-9.11.5-P1.tar.gz) = 6cd6dbf016569f12d4a0ed629e44e895d9ed41c6908274ed2e617666c5491928
-SIZE (bind-9.11.5-P1.tar.gz) = 8814650
+TIMESTAMP = 1550649103
+SHA256 (bind-9.11.5-P4.tar.gz) = 7e8c08192bcbaeb6e9f2391a70e67583b027b90e8c4bc1605da6eb126edde434
+SIZE (bind-9.11.5-P4.tar.gz) = 8819038

dns/bind911/files/extrapatch-bind-min-override-ttl

@@ -1,4 +1,4 @@
---- bin/named/config.c.orig	2018-10-06 01:36:17 UTC
+--- bin/named/config.c.orig	2019-02-05 00:06:43 UTC
 +++ bin/named/config.c
 @@ -177,6 +177,8 @@ options {\n\
  "	max-acache-size 16M;\n\
@@ -9,9 +9,9 @@
  	max-clients-per-query 100;\n\
  	max-ncache-ttl 10800; /* 3 hours */\n\
  	max-recursion-depth 7;\n\
---- bin/named/server.c.orig	2018-10-06 01:36:17 UTC
+--- bin/named/server.c.orig	2019-02-05 00:06:43 UTC
 +++ bin/named/server.c
-@@ -3695,6 +3695,16 @@ configure_view(dns_view_t *view, dns_vie
+@@ -3695,6 +3695,16 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
  	}
  
  	obj = NULL;
@@ -28,7 +28,7 @@
  	result = ns_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2018-10-06 01:36:17 UTC
+--- lib/dns/include/dns/view.h.orig	2019-02-05 00:06:43 UTC
 +++ lib/dns/include/dns/view.h
 @@ -152,6 +152,8 @@ struct dns_view {
  	bool			requestnsid;
@@ -39,9 +39,9 @@
  	dns_ttl_t			maxncachettl;
  	uint32_t			nta_lifetime;
  	uint32_t			nta_recheck;
---- lib/dns/resolver.c.orig	2018-10-06 01:36:17 UTC
+--- lib/dns/resolver.c.orig	2019-02-05 00:06:43 UTC
 +++ lib/dns/resolver.c
-@@ -5474,6 +5474,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5474,6 +5474,18 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adb
  		}
  
  		/*
@@ -60,7 +60,7 @@
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2018-10-06 01:36:17 UTC
+--- lib/isccfg/namedconf.c.orig	2019-02-05 00:06:43 UTC
 +++ lib/isccfg/namedconf.c
 @@ -1773,6 +1773,8 @@ view_clauses[] = {
  #endif

dns/bind911/files/patch-bin_named_include_named_globals.h

@@ -1,8 +1,8 @@
 We reference the pid file as being run/named/pid everywere else.
 
---- bin/named/include/named/globals.h.orig	2018-10-06 01:36:17 UTC
+--- bin/named/include/named/globals.h.orig	2019-02-05 00:06:43 UTC
 +++ bin/named/include/named/globals.h
-@@ -139,7 +139,7 @@ EXTERN bool		ns_g_forcelock		INIT(false)
+@@ -139,7 +139,7 @@ EXTERN bool		ns_g_forcelock		INIT(false);
  #if NS_RUN_PID_DIR
  EXTERN const char *		ns_g_defaultpidfile 	INIT(NS_LOCALSTATEDIR
  							     "/run/named/"

dns/bind912/Makefile

@@ -32,7 +32,7 @@ LIB_DEPENDS=	libxml2.so:textproc/libxml2
 
 USES=	compiler:c11 cpe libedit
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.12.3-P1
+ISCVERSION=	9.12.3-P4
 
 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}

dns/bind912/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1544687855
-SHA256 (bind-9.12.3-P1.tar.gz) = 6cb79389d787368af27f01c65a9fa09be1fd062eda37c94819a1a0178d5ded73
-SIZE (bind-9.12.3-P1.tar.gz) = 8625693
+TIMESTAMP = 1550649173
+SHA256 (bind-9.12.3-P4.tar.gz) = d1014453c62623e42323fd83fc89444c12ae6b707fd586466959a052fe21f206
+SIZE (bind-9.12.3-P4.tar.gz) = 8627833

dns/bind912/files/extrapatch-bind-min-override-ttl

@@ -1,4 +1,4 @@
---- bin/named/config.c.orig	2018-10-06 05:51:22 UTC
+--- bin/named/config.c.orig	2019-02-05 00:00:59 UTC
 +++ bin/named/config.c
 @@ -183,12 +183,14 @@ options {\n\
  	max-recursion-queries 75;\n\
@@ -15,9 +15,9 @@
  	provide-ixfr true;\n\
  	query-source address *;\n\
  	query-source-v6 address *;\n\
---- bin/named/server.c.orig	2018-10-06 05:51:22 UTC
+--- bin/named/server.c.orig	2019-02-05 00:00:59 UTC
 +++ bin/named/server.c
-@@ -4075,6 +4075,16 @@ configure_view(dns_view_t *view, dns_vie
+@@ -4075,6 +4075,16 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
  	}
  
  	obj = NULL;
@@ -34,7 +34,7 @@
  	result = named_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2018-10-06 05:51:22 UTC
+--- lib/dns/include/dns/view.h.orig	2019-02-05 00:00:59 UTC
 +++ lib/dns/include/dns/view.h
 @@ -151,6 +151,8 @@ struct dns_view {
  	bool			requestnsid;
@@ -45,9 +45,9 @@
  	dns_ttl_t			maxncachettl;
  	uint32_t			nta_lifetime;
  	uint32_t			nta_recheck;
---- lib/dns/resolver.c.orig	2018-10-06 05:51:22 UTC
+--- lib/dns/resolver.c.orig	2019-02-05 00:00:59 UTC
 +++ lib/dns/resolver.c
-@@ -5757,6 +5757,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5757,6 +5757,18 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adb
  		}
  
  		/*
@@ -66,7 +66,7 @@
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2018-10-06 05:51:22 UTC
+--- lib/isccfg/namedconf.c.orig	2019-02-05 00:00:59 UTC
 +++ lib/isccfg/namedconf.c
 @@ -1917,6 +1917,8 @@ view_clauses[] = {
  	{ "max-acache-size", &cfg_type_sizenodefault,

dns/bind912/files/patch-bin_named_include_named_globals.h

@@ -1,8 +1,8 @@
 We reference the pid file as being run/named/pid everywere else.
 
---- bin/named/include/named/globals.h.orig	2018-10-06 05:51:22 UTC
+--- bin/named/include/named/globals.h.orig	2019-02-05 00:00:59 UTC
 +++ bin/named/include/named/globals.h
-@@ -129,7 +129,7 @@ EXTERN bool		named_g_forcelock	INIT(fals
+@@ -129,7 +129,7 @@ EXTERN bool		named_g_forcelock	INIT(false);
  #if NAMED_RUN_PID_DIR
  EXTERN const char *		named_g_defaultpidfile 	INIT(NAMED_LOCALSTATEDIR
  							     "/run/named/"