<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl" href="/source/rss.xsl.xml"?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">
<channel>
    <title>Changes in install-sh</title>
    <description></description>
    <language>en</language>
    <copyright>Copyright 2015</copyright>
    <generator>Java</generator><item>
        <title>8aaca124c0ad52af9550477f296b63debc7b4c98 - Import bind-9.18.24 (previous was 9.16.42)</title>
        <link>http://src.rcs.uwaterloo.ca:8080/source/history/netbsd-src/external/mpl/bind/dist/install-sh#8aaca124c0ad52af9550477f296b63debc7b4c98</link>
        <description>Import bind-9.18.24 (previous was 9.16.42)	--- 9.18.24 released ---6343.	[bug]		Fix case insensitive setting for isc_ht hashtable.			[GL #4568]	--- 9.18.23 released ---6322.	[security]	Specific DNS answers could cause a denial-of-service			condition due to DNS validation taking a long time.			(CVE-2023-50387) [GL #4424]6321.	[security]	Change 6315 inadvertently introduced regressions that			could cause named to crash. [GL #4234]6320.	[bug]		Under some circumstances, the DoT code in client			mode could process more than one message at a time when			that was not expected. That has been fixed. [GL #4487]	--- 9.18.22 released ---6319.	[func]		Limit isc_task_send() overhead for RBTDB tree pruning.			[GL #4383]6317.	[security]	Restore DNS64 state when handling a serve-stale timeout.			(CVE-2023-5679) [GL #4334]6316.	[security]	Specific queries could trigger an assertion check with			nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281]6315.	[security]	Speed up parsing of DNS messages with many different			names. (CVE-2023-4408) [GL #4234]6314.	[bug]		Address race conditions in dns_tsigkey_find().			[GL #4182]6312.	[bug]		Conversion from NSEC3 signed to NSEC signed could			temporarily put the zone into a state where it was			treated as unsigned until the NSEC chain was built.			Additionally conversion from one set of NSEC3 parameters			to another could also temporarily put the zone into a			state where it was treated as unsigned until the new			NSEC3 chain was built. [GL #1794] [GL #4495]6310.	[bug]		Memory leak in zone.c:sign_zone. When named signed a			zone it could leak dst_keys due to a misplaced			&apos;continue&apos;. [GL #4488]6306.	[func]		Log more details about the cause of &quot;not exact&quot; errors.			[GL #4500]6304.	[bug]		The wrong time was being used to determine what RRSIGs			where to be generated when dnssec-policy was in use.			[GL #4494]6302.	[func]		The &quot;trust-anchor-telemetry&quot; statement is no longer			marked as experimental. This silences a relevant log			message that was emitted even when the feature was			explicitly disabled. [GL #4497]6300.	[bug]		Fix statistics export to use full 64 bit signed numbers			instead of truncating values to unsigned 32 bits.			[GL #4467]6299.	[port]		NetBSD has added &apos;hmac&apos; to libc which collides with our			use of &apos;hmac&apos;. [GL #4478]	--- 9.18.21 released ---6297.	[bug]		Improve LRU cleaning behaviour. [GL #4448]6296.	[func]		The &quot;resolver-nonbackoff-tries&quot; and			&quot;resolver-retry-interval&quot; options are deprecated;			a warning will be logged if they are used. [GL #4405]6294.	[bug]		BIND might sometimes crash after startup or			re-configuration when one &apos;tls&apos; entry is used multiple			times to connect to remote servers due to initialisation			attempts from contexts of multiple threads. That has			been fixed. [GL #4464]6290.	[bug]		Dig +yaml will now report &quot;no servers could be reached&quot;			also for UDP setup failure when no other servers or			tries are left. [GL #1229]6287.	[bug]		Recognize escapes when reading the public key from file.			[GL !8502]6286.	[bug]		Dig +yaml will now report &quot;no servers could be reached&quot;			on TCP connection failure as well as for UDP timeouts.			[GL #4396]6282.	[func]		Deprecate AES-based DNS cookies. [GL #4421]	--- 9.18.20 released ---6280.	[bug]		Fix missing newlines in the output of &quot;rndc nta -dump&quot;.			[GL !8454]6277.	[bug]		Take into account local authoritative zones when			falling back to serve-stale. [GL #4355]6275.	[bug]		Fix assertion failure when using lock-file configuration			option together -X argument to named. [GL #4386]6274.	[bug]		The &apos;lock-file&apos; file was being removed when it			shouldn&apos;t have been making it ineffective if named was			started 3 or more times. [GL #4387]6271.	[bug]		Fix a shutdown race in dns__catz_update_cb(). [GL #4381]6269.	[maint]		B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and			2801:1b8:10::b. [GL #4101]6267.	[func]		The timeouts for resending zone refresh queries over UDP			were lowered to enable named to more quickly determine			that a primary is down. [GL #4260]6265.	[bug]		Don&apos;t schedule resign operations on the raw version			of an inline-signing zone. [GL #4350]6261.	[bug]		Fix a possible assertion failure on an error path in			resolver.c:fctx_query(), when using an uninitialized			link. [GL #4331]6254.	[cleanup]	Add semantic patch to do an explicit cast from char			to unsigned char in ctype.h class of functions.			[GL #4327]6252.	[test]		Python system tests have to be executed by invoking			pytest directly. Executing them with the legacy test			runner is no longer supported. [GL #4250]6250.	[bug]		The wrong covered value was being set by			dns_ncache_current for RRSIG records in the returned			rdataset structure. This resulted in TYPE0 being			reported as the covered value of the RRSIG when dumping			the cache contents. [GL #4314]	--- 9.18.19 released ---6246.	[security]	Fix use-after-free error in TLS DNS code when sending			data. (CVE-2023-4236) [GL #4242]6245.	[security]	Limit the amount of recursion that can be performed			by isccc_cc_fromwire. (CVE-2023-3341) [GL #4152]6244.	[bug]		Adjust log levels on malformed messages to NOTICE when			transferring in a zone. [GL #4290]6241.	[bug]		Take into account the possibility of partial TLS writes			in TLS DNS code. That helps to prevent DNS messages			corruption on long DNS over TLS streams. [GL #4255]6240.	[bug]		Use dedicated per-worker thread jemalloc memory			arenas for send buffers allocation to reduce memory			consumption and avoid lock contention. [GL #4038]6239.	[func]		Deprecate the &apos;dnssec-must-be-secure&apos; option.			[GL #3700]6237.	[bug]		Address memory leaks due to not clearing OpenSSL error			stack. [GL #4159]6235.	[doc]		Clarify BIND 9 time formats. [GL #4266]6234.	[bug]		Restore stale-refresh-time value after flushing the			cache. [GL #4278]6232.	[bug]		Following the introduction of krb5-subdomain-self-rhs			and ms-subdomain-self-rhs update rules, removal of			nonexistent PTR and SRV records via UPDATE could fail.			[GL #4280]6231.	[func]		Make nsupdate honor -v for SOA requests if the server			is specified. [GL #1181]6230.	[bug]		Prevent an unnecessary query restart if a synthesized			CNAME target points to the CNAME owner. [GL #3835]6227.	[bug]		Check the statistics-channel HTTP Content-length			to prevent negative or overflowing values from			causing a crash. [GL #4125]6224.	[bug]		Check the If-Modified-Since value length to prevent			out-of-bounds write. [GL #4124]	--- 9.18.18 released ---6220.	[func]		Deprecate the &apos;dialup&apos; and &apos;heartbeat-interval&apos;			options. [GL #3700]6219.	[bug]		Ignore &apos;max-zone-ttl&apos; on &apos;dnssec-policy insecure&apos;.			[GL #4032]6215.	[protocol]	Return REFUSED to GSS-API TKEY requests if GSS-API			support is not configured. [GL #4225]6213.	[bug]		Mark a primary server as temporarily unreachable if the			TCP connection attempt times out. [GL #4215]6212.	[bug]		Don&apos;t process detach and close netmgr events when			the netmgr has been paused. [GL #4200]	--- 9.18.17 released ---6206.	[bug]		Add shutdown checks in dns_catz_dbupdate_callback() to			avoid a race with dns_catz_shutdown_catzs(). [GL #4171]6205.	[bug]		Restore support to read legacy HMAC-MD5 K file pairs.			[GL #4154]6204.	[bug]		Use NS records for relaxed QNAME-minimization mode.			This reduces the number of queries named makes when			resolving, as it allows the non-existence of NS RRsets			at non-referral nodes to be cached in addition to the			referrals that are normally cached. [GL #3325]6200.	[bug]		Fix nslookup erroneously reporting a timeout when the			input is delayed. [GL #4044]6199.	[bug]		Improve HTTP Connection: header protocol conformance			in the statistics channel. [GL #4126]6198.	[func]		Remove the holes in the isc_result_t enum to compact			the isc_result tables. [GL #4149]6197.	[bug]		Fix a data race between the dns_zone and dns_catz			modules when registering/unregistering a database			update notification callback for a catalog zone.			[GL #4132]6196.	[cleanup]	Report &quot;permission denied&quot; instead of &quot;unexpected error&quot;			when trying to update a zone file on a read-only file			system. Thanks to Midnight Veil. [GL #4134]6193.	[bug]		Fix a catz db update notification callback registration			logic error, which could crash named when receiving an			AXFR update for a catalog zone while the previous update			process of the catalog zone was already running.			[GL #4136]6166.	[func]		Retry without DNS COOKIE on FORMERR if it appears that			the FORMERR was due to the presence of a DNS COOKIE			option. [GL #4049]

            List of files:
            /netbsd-src/external/mpl/bind/dist/install-sh</description>
        <pubDate>Wed, 21 Feb 2024 21:53:59 +0000</pubDate>
        <dc:creator>christos &lt;christos@NetBSD.org&gt;</dc:creator>
    </item>
<item>
        <title>a111e46cec13d98e9281fa5e01119e0967eb1f61 - --- 9.16.12 released ---</title>
        <link>http://src.rcs.uwaterloo.ca:8080/source/history/netbsd-src/external/mpl/bind/dist/install-sh#a111e46cec13d98e9281fa5e01119e0967eb1f61</link>
        <description>--- 9.16.12 released ---5578.	[protocol]	Make &quot;check-names&quot; accept A records below &quot;_spf&quot;,			&quot;_spf_rate&quot;, and &quot;_spf_verify&quot; labels in order to cater			for the &quot;exists&quot; SPF mechanism specified in RFC 7208			section 5.7 and appendix D.1. [GL #2377]5577.	[bug]		Fix the &quot;three is a crowd&quot; key rollover bug in KASP by			correctly implementing Equation (2) of the &quot;Flexible and			Robust Key Rollover&quot; paper. [GL #2375]5575.	[bug]		When migrating to KASP, BIND 9 considered keys with the			&quot;Inactive&quot; and/or &quot;Delete&quot; timing metadata to be			possible active keys. This has been fixed. [GL #2406]5572.	[bug]		Address potential double free in generatexml().			[GL #2420]5571.	[bug]		named failed to start when its configuration included a			zone with a non-builtin &quot;allow-update&quot; ACL attached.			[GL #2413]5570.	[bug]		Improve performance of the DNSSEC verification code by			reducing the number of repeated calls to			dns_dnssec_keyfromrdata(). [GL #2073]5569.	[bug]		Emit useful error message when &quot;rndc retransfer&quot; is			applied to a zone of inappropriate type. [GL #2342]5568.	[bug]		Fixed a crash in &quot;dnssec-keyfromlabel&quot; when using ECDSA			keys. [GL #2178]5567.	[bug]		Dig now reports unknown dash options while pre-parsing			the options. This prevents &quot;-multi&quot; instead of &quot;+multi&quot;			from reporting memory usage before ending option parsing			with &quot;Invalid option: -lti&quot;. [GL #2403]5566.	[func]		Add &quot;stale-answer-client-timeout&quot; option, which is the			amount of time a recursive resolver waits before			attempting to answer the query using stale data from			cache. [GL #2247]5565.	[func]		The SONAMEs for BIND 9 libraries now include the current			BIND 9 version number, in an effort to tightly couple			internal libraries with a specific release. [GL #2387]5562.	[security]	Fix off-by-one bug in ISC SPNEGO implementation.			(CVE-2020-8625) [GL #2354]5561.	[bug]		KASP incorrectly set signature validity to the value of			the DNSKEY signature validity. This is now fixed.			[GL #2383]5560.	[func]		The default value of &quot;max-stale-ttl&quot; has been changed			from 12 hours to 1 day and the default value of			&quot;stale-answer-ttl&quot; has been changed from 1 second to 30			seconds, following RFC 8767 recommendations. [GL #2248]5456.	[func]		Added &quot;primaries&quot; as a synonym for &quot;masters&quot; in			named.conf, and &quot;primary-only&quot; as a synonym for			&quot;master-only&quot; in the parameters to &quot;notify&quot;, to bring			terminology up-to-date with RFC 8499. [GL #1948]5362.	[func]		Limit the size of IXFR responses so that AXFR will			be used instead if it would be smaller. This is			controlled by the &quot;max-ixfr-ratio&quot; option, which			is a percentage representing the ratio of IXFR size			to the size of the entire zone. This value cannot			exceed 100%, which is the default. [GL #1515]	--- 9.16.11 released ---5559.	[bug]		The --with-maxminddb=PATH form of the build-time option			enabling support for libmaxminddb was not working			correctly. This has been fixed. [GL #2366]5557.	[bug]		Prevent RBTDB instances from being destroyed by multiple			threads at the same time. [GL #2317]5556.	[bug]		Further tweak newline printing in dnssec-signzone and			dnssec-verify. [GL #2359]5555.	[bug]		server-&gt;reload_status was not properly initialized.			[GL #2361]5554.	[bug]		dnssec-signzone and dnssec-verify were missing newlines			between log messages. [GL #2359]5553.	[bug]		When reconfiguring named, removing &quot;auto-dnssec&quot; did not			turn off DNSSEC maintenance. [GL #2341]5552.	[func]		When switching to &quot;dnssec-policy none;&quot;, named now			permits a safe transition to insecure mode and publishes			the CDS and CDNSKEY DELETE records, as described in RFC			8078. [GL #1750]5551.	[bug]		named no longer attempts to assign threads to CPUs			outside the CPU affinity set. Thanks to Ole Bj&#248;rn			Hessen. [GL #2245]5550.	[func]		dnssec-signzone and named now log a warning when falling			back to the &quot;increment&quot; SOA serial method. [GL #2058]5545.	[func]		OS support for load-balanced sockets is no longer			required to receive incoming queries in multiple netmgr			threads. [GL #2137]5543.	[bug]		Fix UDP performance issues caused by making netmgr			callbacks asynchronous-only. [GL #2320]5542.	[bug]		Refactor netmgr. [GL #1920] [GL #2034] [GL #2061]			[GL #2194] [GL #2221] [GL #2266] [GL #2283] [GL #2318]			[GL #2321]	--- 9.16.10 released ---5544.	[func]		Restore the default value of &quot;nocookie-udp-size&quot; to 4096			bytes. [GL #2250]5541.	[func]		Adjust the &quot;max-recursion-queries&quot; default from 75 to			100. [GL #2305]5540.	[port]		Fix building with native PKCS#11 support for AEP Keyper.			[GL #2315]5539.	[bug]		Tighten handling of missing DNS COOKIE responses over			UDP by falling back to TCP. [GL #2275]5538.	[func]		Add NSEC3 support to KASP. A new option for			&quot;dnssec-policy&quot;, &quot;nsec3param&quot;, can be used to set the			desired NSEC3 parameters. NSEC3 salt collisions are			automatically prevented during resalting. Salt			generation is now logged with zone context. [GL #1620]5534.	[bug]		The CNAME synthesized from a DNAME was incorrectly			followed when the QTYPE was CNAME or ANY. [GL #2280]	--- 9.16.9 released ---5533.	[func]		Add the &quot;stale-refresh-time&quot; option, a time window that			starts after a failed lookup, during which a stale RRset			is served directly from cache before a new attempt to			refresh it is made. [GL #2066]5530.	[bug]		dnstap did not capture responses to forwarded UPDATE			requests. [GL #2252]5527.	[bug]		A NULL pointer dereference occurred when creating an NTA			recheck query failed. [GL #2244]5525.	[bug]		Change 5503 inadvertently broke cross-compilation by			replacing a call to AC_LINK_IFELSE() with a call to			AC_RUN_IFELSE() in configure.ac.  This has been fixed,			making cross-compilation possible again. [GL #2237]5523.	[bug]		The initial lookup in a zone transitioning to/from a			signed state could fail if the DNSKEY RRset was not			found. [GL #2236]5522.	[bug]		Fixed a race/NULL dereference in TCPDNS send. [GL #2227]5520.	[bug]		Fixed a number of shutdown races, reference counting			errors, and spurious log messages that could occur			in the network manager. [GL #2221]5518.	[bug]		Stub zones now work correctly with primary servers using			&quot;minimal-responses yes&quot;. [GL #1736]5517.	[bug]		Do not treat UV_EOF as a TCP4RecvErr or a TCP6RecvErr.			[GL #2208]	--- 9.16.8 released ---5516.	[func]		The default EDNS buffer size has been changed from 4096			to 1232 bytes. [GL #2183]5515.	[func]		Add &apos;rndc dnssec -rollover&apos; command to trigger a manual			rollover for a specific key. [GL #1749]5514.	[bug]		Fix KASP expected key size for Ed25519 and Ed448.			[GL #2171]5513.	[doc]		The ARM section describing the &quot;rrset-order&quot; statement			was rewritten to make it unambiguous and up-to-date with			the source code. [GL #2139]5512.	[bug]		&quot;rrset-order&quot; rules using &quot;order none&quot; were causing			named to crash despite named-checkconf treating them as			valid. [GL #2139]5511.	[bug]		&apos;dig -u +yaml&apos; failed to display timestamps to the			microsecond. [GL #2190]5510.	[bug]		Implement the attach/detach semantics for dns_message_t			to fix a data race in accessing an already-destroyed			fctx-&gt;rmessage. [GL #2124]5509.	[bug]		filter-aaaa: named crashed upon shutdown if it was in			the process of recursing for A RRsets. [GL #1040]5508.	[func]		Added new parameter &quot;-expired&quot; for &quot;rndc dumpdb&quot; that			also prints expired RRsets (awaiting cleanup) to the			dump file. [GL #1870]5507.	[bug]		Named could compute incorrect SIG(0) responses.			[GL #2109]5506.	[bug]		Properly handle failed sysconf() calls, so we don&apos;t			report invalid memory size. [GL #2166]5505.	[bug]		Updating contents of a mixed-case RPZ could cause some			rules to be ignored. [GL #2169]5503.	[bug]		Cleaned up reference counting of network manager			handles, now using isc_nmhandle_attach() and _detach()			instead of _ref() and _unref(). [GL #2122]	--- 9.16.7 released ---5501.	[func]		Log CDS/CDNSKEY publication. [GL #1748]5500.	[bug]		Fix (non-)publication of CDS and CDNSKEY records.			[GL #2103]5499.	[func]		Add &apos;-P ds&apos; and &apos;-D ds&apos; arguments to dnssec-settime.			[GL #1748]5497.	[bug]		&apos;dig +bufsize=0&apos; failed to disable EDNS. [GL #2054]5496.	[bug]		Address a TSAN report by ensuring each rate limiter			object holds a reference to its task. [GL #2081]5495.	[bug]		With query minimization enabled, named failed to			resolve ip6.arpa. names that had extra labels to the			left of the IPv6 part. [GL #1847]5494.	[bug]		Silence the EPROTO syslog message on older systems.			[GL #1928]5493.	[bug]		Fix off-by-one error when calculating new hash table			size. [GL #2104]5492.	[bug]		Tighten LOC parsing to reject a period (&quot;.&quot;) and/or &quot;m&quot;			as a value. Fix handling of negative altitudes which are			not whole meters. [GL #2074]5491.	[bug]		rbtversion-&gt;glue_table_size could be read without the			appropriate lock being held. [GL #2080]5489.	[bug]		Named erroneously accepted certain invalid resource			records that were incorrectly processed after			subsequently being written to disk and loaded back, as			the wire format differed. Such records include: CERT,			IPSECKEY, NSEC3, NSEC3PARAM, NXT, SIG, TLSA, WKS, and			X25. [GL !3953]5488.	[bug]		NTA code needed to have a weak reference on its			associated view to prevent the latter from being deleted			while NTA tests were being performed. [GL #2067]5486.	[func]		Add &apos;rndc dnssec -checkds&apos; command, which signals to			named that the DS record for a given zone or key has			been updated in the parent zone. [GL #1613]	--- 9.16.6 released ---5484.	[func]		Expire zero TTL records quickly rather than using them			for stale answers. [GL #1829]5483.	[func]		A new configuration option &quot;stale-cache-enable&quot; has been			introduced to enable or disable keeping stale answers in			cache. [GL #1712]5482.	[bug]		If the Duplicate Address Detection (DAD) mechanism had			not yet finished after adding a new IPv6 address to the			system, BIND 9 would fail to bind to IPv6 addresses in a			tentative state. [GL #2038]5481.	[security]	&quot;update-policy&quot; rules of type &quot;subdomain&quot; were			incorrectly treated as &quot;zonesub&quot; rules, which allowed			keys used in &quot;subdomain&quot; rules to update names outside			of the specified subdomains. The problem was fixed by			making sure &quot;subdomain&quot; rules are again processed as			described in the ARM. (CVE-2020-8624) [GL #2055]5480.	[security]	When BIND 9 was compiled with native PKCS#11 support, it			was possible to trigger an assertion failure in code			determining the number of bits in the PKCS#11 RSA public			key with a specially crafted packet. (CVE-2020-8623)			[GL #2037]5479.	[security]	named could crash in certain query resolution scenarios			where QNAME minimization and forwarding were both			enabled. (CVE-2020-8621) [GL #1997]5478.	[security]	It was possible to trigger an assertion failure by			sending a specially crafted large TCP DNS message.			(CVE-2020-8620) [GL #1996]5477.	[bug]		The idle timeout for connected TCP sockets, which was			previously set to a high fixed value, is now derived			from the client query processing timeout configured for			a resolver. [GL #2024]5476.	[security]	It was possible to trigger an assertion failure when			verifying the response to a TSIG-signed request.			(CVE-2020-8622) [GL #2028]5475.	[bug]		Wildcard RPZ passthru rules could incorrectly be			overridden by other rules that were loaded from RPZ			zones which appeared later in the &quot;response-policy&quot;			statement. This has been fixed. [GL #1619]5474.	[bug]		dns_rdata_hip_next() failed to return ISC_R_NOMORE			when it should have. [GL !3880]5473.	[func]		The RBT hash table implementation has been changed			to use a faster hash function (HalfSipHash2-4) and			Fibonacci hashing for better distribution. Setting			&quot;max-cache-size&quot; now preallocates a fixed-size hash			table so that rehashing does not cause resolution			brownouts while the hash table is grown. [GL #1775]5471.	[bug]		The introduction of KASP support inadvertently caused			the second field of &quot;sig-validity-interval&quot; to always be			calculated in hours, even in cases when it should have			been calculated in days. This has been fixed. (Thanks to			Tony Finch.) [GL !3735]5469.	[port]		On illumos, a constant called SEC is already defined in			&lt;sys/time.h&gt;, which conflicts with an identically named			constant in libbind9. This conflict has been resolved.			[GL #1993]5468.	[bug]		Addressed potential double unlock in process_fd().			[GL #2005]5466.	[bug]		Addressed an error in recursive clients stats reporting.			[GL #1719]5465.	[func]		Added fallback to built-in trust-anchors, managed-keys,			or trusted-keys if the bindkeys-file (bind.keys) cannot			be parsed. [GL #1235]5464.	[bug]		Requesting more than 128 files to be saved when rolling			dnstap log files caused a buffer overflow. This has been			fixed. [GL #1989]5462.	[bug]		Move LMDB locking from LMDB itself to named. [GL #1976]5461.	[bug]		The STALE rdataset header attribute was updated while			the write lock was not being held, leading to incorrect			statistics. The header attributes are now converted to			use atomic operations. [GL #1475]

            List of files:
            /netbsd-src/external/mpl/bind/dist/install-sh</description>
        <pubDate>Fri, 19 Feb 2021 16:37:01 +0000</pubDate>
        <dc:creator>christos &lt;christos@NetBSD.org&gt;</dc:creator>
    </item>
<item>
        <title>d68c78b834318f3cdeb8c90886a00d333bac01ff - Import bind-9.12.2-P2 since bind-9.10 (the last BSD version) is</title>
        <link>http://src.rcs.uwaterloo.ca:8080/source/history/netbsd-src/external/mpl/bind/dist/install-sh#d68c78b834318f3cdeb8c90886a00d333bac01ff</link>
        <description>Import bind-9.12.2-P2 since bind-9.10 (the last BSD version) isnow out of support.  The changes since our last version imported(9.10.7) version are too big to include inline here; please consultthe CHANGES file in this directory.

            List of files:
            /netbsd-src/external/mpl/bind/dist/install-sh</description>
        <pubDate>Sun, 12 Aug 2018 12:06:53 +0000</pubDate>
        <dc:creator>christos &lt;christos@NetBSD.org&gt;</dc:creator>
    </item>
</channel>
</rss>
