From 2aaf0b182b8d03d4ee56e1f3165551e5865a1e429b53214706c0abdbacebd4d1 Mon Sep 17 00:00:00 2001
From: Uwe Gansert <ug@suse.com>
Date: Tue, 5 Jul 2011 14:12:05 +0000
Subject: [PATCH] version 9.8.0-P4

OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=58
---
 bind-9.8.0P2.tar.gz |  3 ---
 bind-9.8.0P4.tar.gz |  3 +++
 bind.changes        | 21 +++++++++++++++++++++
 bind.spec           |  4 ++--
 4 files changed, 26 insertions(+), 5 deletions(-)
 delete mode 100644 bind-9.8.0P2.tar.gz
 create mode 100644 bind-9.8.0P4.tar.gz

diff --git a/bind-9.8.0P2.tar.gz b/bind-9.8.0P2.tar.gz
deleted file mode 100644
index cd19d98..0000000
--- a/bind-9.8.0P2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8e022226513394fa8b2bb367dcfa4462164a83360a25fd5ba63cbc479e48a7e9
-size 7709840
diff --git a/bind-9.8.0P4.tar.gz b/bind-9.8.0P4.tar.gz
new file mode 100644
index 0000000..40db63d
--- /dev/null
+++ b/bind-9.8.0P4.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:abd5761319c54b6bada99830b733067b71ebef7a3203c1af17ab5d28121003ca
+size 7710343
diff --git a/bind.changes b/bind.changes
index 5b71d06..15fc182 100644
--- a/bind.changes
+++ b/bind.changes
@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Tue Jul  5 15:24:10 CEST 2011 - ug@suse.de
+
+* Using Response Policy Zone (RPZ) with DNAME records and querying
+  the subdomain of that label can cause named to crash. Now logs that
+  DNAME is not supported. [RT #24766]
+* If named is configured to be both authoritative and resursive and
+  receives a recursive query for a CNAME in a zone that it is
+  authoritative for, if that CNAME also points to a zone the server
+  is authoritative for, the recursive part of name will not follow
+  the CNAME change and the response will not be a complete CNAME
+  chain. [RT #24455]
+* Using Response Policy Zone (RPZ) to query a wildcard CNAME label
+  with QUERY type SIG/RRSIG, it can cause named to crash. Fix is
+  query type independant. [RT #24715] [CVE-2011-1907]
+* Change #2912 (see CHANGES) exposed a latent bug in the DNS message
+  processing code that could allow certain UPDATE requests to crash
+  named. This was fixed by disambiguating internal database
+  representation vs DNS wire format data. [RT #24777] [CVE-2011-2464]
+* 9.8.0-P4
+
 -------------------------------------------------------------------
 Tue Jun  7 16:37:56 CEST 2011 - ug@suse.de
 
diff --git a/bind.spec b/bind.spec
index fab7ef0..b443e6b 100644
--- a/bind.spec
+++ b/bind.spec
@@ -20,13 +20,13 @@
 
 Name:           bind
 %define pkg_name bind
-%define pkg_vers 9.8.0P2
+%define pkg_vers 9.8.0P4
 BuildRequires:  openldap2-devel
 BuildRequires:  libcap libcap-devel libmysqlclient-devel libxml2-devel openssl openssl-devel
 BuildRequires:  update-desktop-files
 BuildRequires:  krb5-devel
 Summary:        Domain Name System (DNS) Server (named)
-Version:        9.8.0P2
+Version:        9.8.0P4
 Release:        2
 License:        BSD3c(or similar) ; MIT License (or similar)
 Group:          Productivity/Networking/DNS/Servers