diff --git a/.gitignore b/.gitignore index 9e7b199..53e2222 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /config-8.tar.bz2 /bind-9.7.3.tar.gz /bind-9.7.4b1.tar.gz +/bind-9.7.4.tar.gz diff --git a/bind.spec b/bind.spec index a5f2399..fe1fc2a 100644 --- a/bind.spec +++ b/bind.spec @@ -4,9 +4,9 @@ #%define PATCHVER P3 #%define VERSION %{version}-%{PATCHVER} -#%define VERSION %{version} -%define PREVER b1 -%define VERSION %{version}%{PREVER} +#%define PREVER b1 +#%define VERSION %{version}%{PREVER} +%define VERSION %{version} %{?!SDB: %define SDB 1} %{?!test: %define test 0} @@ -21,7 +21,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.7.4 -Release: 0.3.%{PREVER}%{?dist} +Release: 1%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -58,8 +58,6 @@ Patch107:bind97-dist-pkcs11.patch Patch109:bind97-rh478718.patch Patch110:bind97-rh570851.patch Patch112:bind97-rh645544.patch -Patch113:bind97-CVE-2011-1910.patch -Patch114:bind97-CVE-2011-2464.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -243,8 +241,6 @@ mkdir m4 %patch109 -p1 -b .rh478718 %patch110 -p1 -b .rh570851 %patch112 -p1 -b .rh645544 -%patch113 -p1 -b .CVE-2011-1910 -%patch114 -p1 -b .CVE-2011-2464 # Sparc and s390 arches need to use -fPIE %ifarch sparcv9 sparc64 s390 s390x @@ -680,6 +676,11 @@ rm -rf ${RPM_BUILD_ROOT} %endif %changelog +* Tue Aug 02 2011 Adam Tkac 32:9.7.4-1 +- update to 9.7.4 + - bind97-CVE-2011-1910.patch merged + - bind97-CVE-2011-2464.patch merged + * Wed Jul 06 2011 Adam Tkac 32:9.7.4-0.3.b1 - fix CVE-2011-2464 diff --git a/bind97-CVE-2011-1910.patch b/bind97-CVE-2011-1910.patch deleted file mode 100644 index 42a3076..0000000 --- a/bind97-CVE-2011-1910.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up bind-9.7.4b1/lib/dns/ncache.c.CVE-2011-1910 bind-9.7.4b1/lib/dns/ncache.c ---- bind-9.7.4b1/lib/dns/ncache.c.CVE-2011-1910 2011-05-27 12:02:51.185764809 +0200 -+++ bind-9.7.4b1/lib/dns/ncache.c 2011-05-27 12:03:01.599764788 +0200 -@@ -186,7 +186,7 @@ dns_ncache_addoptout(dns_message_t *mess - */ - isc_buffer_availableregion(&buffer, - &r); -- if (r.length < 2) -+ if (r.length < 3) - return (ISC_R_NOSPACE); - isc_buffer_putuint16(&buffer, - rdataset->type); diff --git a/bind97-CVE-2011-2464.patch b/bind97-CVE-2011-2464.patch deleted file mode 100644 index ffc7681..0000000 --- a/bind97-CVE-2011-2464.patch +++ /dev/null @@ -1,402 +0,0 @@ -diff -up bind-9.7.4b1/lib/dns/include/dns/rdataset.h.CVE-2011-2464 bind-9.7.4b1/lib/dns/include/dns/rdataset.h ---- bind-9.7.4b1/lib/dns/include/dns/rdataset.h.CVE-2011-2464 2010-02-25 06:25:53.000000000 +0100 -+++ bind-9.7.4b1/lib/dns/include/dns/rdataset.h 2011-07-06 22:21:24.757733118 +0200 -@@ -203,6 +203,7 @@ struct dns_rdataset { - #define DNS_RDATASETATTR_RESIGN 0x00040000 - #define DNS_RDATASETATTR_CLOSEST 0x00080000 - #define DNS_RDATASETATTR_OPTOUT 0x00100000 /*%< OPTOUT proof */ -+#define DNS_RDATASETATTR_NEGATIVE 0x00200000 - - /*% - * _OMITDNSSEC: -diff -up bind-9.7.4b1/lib/dns/masterdump.c.CVE-2011-2464 bind-9.7.4b1/lib/dns/masterdump.c ---- bind-9.7.4b1/lib/dns/masterdump.c.CVE-2011-2464 2011-03-18 10:07:02.000000000 +0100 -+++ bind-9.7.4b1/lib/dns/masterdump.c 2011-07-06 22:22:43.675723422 +0200 -@@ -410,6 +410,7 @@ rdataset_totext(dns_rdataset_t *rdataset - isc_uint32_t current_ttl; - isc_boolean_t current_ttl_valid; - dns_rdatatype_t type; -+ unsigned int type_start; - - REQUIRE(DNS_RDATASET_VALID(rdataset)); - -@@ -491,29 +492,26 @@ rdataset_totext(dns_rdataset_t *rdataset - * Type. - */ - -- if (rdataset->type == 0) { -+ if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { - type = rdataset->covers; - } else { - type = rdataset->type; - } - -- { -- unsigned int type_start; -- INDENT_TO(type_column); -- type_start = target->used; -- if (rdataset->type == 0) -- RETERR(str_totext("\\-", target)); -- result = dns_rdatatype_totext(type, target); -- if (result != ISC_R_SUCCESS) -- return (result); -- column += (target->used - type_start); -- } -+ INDENT_TO(type_column); -+ type_start = target->used; -+ if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) -+ RETERR(str_totext("\\-", target)); -+ result = dns_rdatatype_totext(type, target); -+ if (result != ISC_R_SUCCESS) -+ return (result); -+ column += (target->used - type_start); - - /* - * Rdata. - */ - INDENT_TO(rdata_column); -- if (rdataset->type == 0) { -+ if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { - if (NXDOMAIN(rdataset)) - RETERR(str_totext(";-$NXDOMAIN\n", target)); - else -@@ -899,7 +897,7 @@ dump_rdatasets_text(isc_mem_t *mctx, dns - sizeof(trustnames[0]))); - fprintf(f, "; %s\n", trustnames[trust]); - } -- if (rds->type == 0 && -+ if (((rds->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) && - (ctx->style.flags & DNS_STYLEFLAG_NCACHE) == 0) { - /* Omit negative cache entries */ - } else { -@@ -1064,7 +1062,7 @@ dump_rdatasets_raw(isc_mem_t *mctx, dns_ - dns_rdataset_init(&rdataset); - dns_rdatasetiter_current(rdsiter, &rdataset); - -- if (rdataset.type == 0 && -+ if (((rdataset.attributes & DNS_RDATASETATTR_NEGATIVE) != 0) && - (ctx->style.flags & DNS_STYLEFLAG_NCACHE) == 0) { - /* Omit negative cache entries */ - } else { -diff -up bind-9.7.4b1/lib/dns/message.c.CVE-2011-2464 bind-9.7.4b1/lib/dns/message.c ---- bind-9.7.4b1/lib/dns/message.c.CVE-2011-2464 2011-03-12 05:58:28.000000000 +0100 -+++ bind-9.7.4b1/lib/dns/message.c 2011-07-06 22:21:24.760733118 +0200 -@@ -2515,7 +2515,7 @@ dns_message_peekheader(isc_buffer_t *sou - - isc_result_t - dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section) { -- unsigned int first_section; -+ unsigned int clear_after; - isc_result_t result; - - REQUIRE(DNS_MESSAGE_VALID(msg)); -@@ -2527,15 +2527,15 @@ dns_message_reply(dns_message_t *msg, is - msg->opcode != dns_opcode_notify) - want_question_section = ISC_FALSE; - if (msg->opcode == dns_opcode_update) -- first_section = DNS_SECTION_ADDITIONAL; -+ clear_after = DNS_SECTION_PREREQUISITE; - else if (want_question_section) { - if (!msg->question_ok) - return (DNS_R_FORMERR); -- first_section = DNS_SECTION_ANSWER; -+ clear_after = DNS_SECTION_ANSWER; - } else -- first_section = DNS_SECTION_QUESTION; -+ clear_after = DNS_SECTION_QUESTION; - msg->from_to_wire = DNS_MESSAGE_INTENTRENDER; -- msgresetnames(msg, first_section); -+ msgresetnames(msg, clear_after); - msgresetopt(msg); - msgresetsigs(msg, ISC_TRUE); - msginitprivate(msg); -diff -up bind-9.7.4b1/lib/dns/ncache.c.CVE-2011-2464 bind-9.7.4b1/lib/dns/ncache.c ---- bind-9.7.4b1/lib/dns/ncache.c.CVE-2011-2464 2011-07-06 22:21:24.754733118 +0200 -+++ bind-9.7.4b1/lib/dns/ncache.c 2011-07-06 22:21:24.761733118 +0200 -@@ -294,6 +294,7 @@ dns_ncache_addoptout(dns_message_t *mess - RUNTIME_CHECK(dns_rdatalist_tordataset(&ncrdatalist, &ncrdataset) - == ISC_R_SUCCESS); - ncrdataset.trust = trust; -+ ncrdataset.attributes |= DNS_RDATASETATTR_NEGATIVE; - if (message->rcode == dns_rcode_nxdomain) - ncrdataset.attributes |= DNS_RDATASETATTR_NXDOMAIN; - if (optout) -@@ -324,6 +325,7 @@ dns_ncache_towire(dns_rdataset_t *rdatas - - REQUIRE(rdataset != NULL); - REQUIRE(rdataset->type == 0); -+ REQUIRE((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0); - - savedbuffer = *target; - count = 0; -@@ -552,6 +554,7 @@ dns_ncache_getrdataset(dns_rdataset_t *n - - REQUIRE(ncacherdataset != NULL); - REQUIRE(ncacherdataset->type == 0); -+ REQUIRE((ncacherdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0); - REQUIRE(name != NULL); - REQUIRE(!dns_rdataset_isassociated(rdataset)); - REQUIRE(type != dns_rdatatype_rrsig); -@@ -628,6 +631,7 @@ dns_ncache_getsigrdataset(dns_rdataset_t - - REQUIRE(ncacherdataset != NULL); - REQUIRE(ncacherdataset->type == 0); -+ REQUIRE((ncacherdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0); - REQUIRE(name != NULL); - REQUIRE(!dns_rdataset_isassociated(rdataset)); - -@@ -727,6 +731,7 @@ dns_ncache_current(dns_rdataset_t *ncach - - REQUIRE(ncacherdataset != NULL); - REQUIRE(ncacherdataset->type == 0); -+ REQUIRE((ncacherdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0); - REQUIRE(found != NULL); - REQUIRE(!dns_rdataset_isassociated(rdataset)); - -diff -up bind-9.7.4b1/lib/dns/nsec3.c.CVE-2011-2464 bind-9.7.4b1/lib/dns/nsec3.c ---- bind-9.7.4b1/lib/dns/nsec3.c.CVE-2011-2464 2011-03-12 05:58:28.000000000 +0100 -+++ bind-9.7.4b1/lib/dns/nsec3.c 2011-07-06 22:21:24.762733118 +0200 -@@ -1579,7 +1579,7 @@ dns_nsec3_delnsec3s(dns_db_t *db, dns_db - - isc_result_t - dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, -- dns_rdatatype_t type, dns_diff_t *diff) -+ dns_rdatatype_t privatetype, dns_diff_t *diff) - { - dns_dbnode_t *node = NULL; - dns_rdata_nsec3param_t nsec3param; -@@ -1624,9 +1624,9 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_d - dns_rdataset_disassociate(&rdataset); - - try_private: -- if (type == 0) -+ if (privatetype == 0) - goto success; -- result = dns_db_findrdataset(db, node, version, type, 0, 0, -+ result = dns_db_findrdataset(db, node, version, privatetype, 0, 0, - &rdataset, NULL); - if (result == ISC_R_NOTFOUND) - goto success; -@@ -1681,7 +1681,7 @@ dns_nsec3_active(dns_db_t *db, dns_dbver - - isc_result_t - dns_nsec3_activex(dns_db_t *db, dns_dbversion_t *version, -- isc_boolean_t complete, dns_rdatatype_t type, -+ isc_boolean_t complete, dns_rdatatype_t privatetype, - isc_boolean_t *answer) - { - dns_dbnode_t *node = NULL; -@@ -1730,11 +1730,11 @@ dns_nsec3_activex(dns_db_t *db, dns_dbve - *answer = ISC_FALSE; - - try_private: -- if (type == 0 || complete) { -+ if (privatetype == 0 || complete) { - *answer = ISC_FALSE; - return (ISC_R_SUCCESS); - } -- result = dns_db_findrdataset(db, node, version, type, 0, 0, -+ result = dns_db_findrdataset(db, node, version, privatetype, 0, 0, - &rdataset, NULL); - - dns_db_detachnode(db, &node); -diff -up bind-9.7.4b1/lib/dns/rbtdb.c.CVE-2011-2464 bind-9.7.4b1/lib/dns/rbtdb.c ---- bind-9.7.4b1/lib/dns/rbtdb.c.CVE-2011-2464 2011-03-11 08:11:58.000000000 +0100 -+++ bind-9.7.4b1/lib/dns/rbtdb.c 2011-07-06 22:21:24.766733118 +0200 -@@ -278,6 +278,7 @@ typedef ISC_LIST(dns_rbtnode_t) - #define RDATASET_ATTR_RESIGN 0x0020 - #define RDATASET_ATTR_STATCOUNT 0x0040 - #define RDATASET_ATTR_OPTOUT 0x0080 -+#define RDATASET_ATTR_NEGATIVE 0x0100 - - typedef struct acache_cbarg { - dns_rdatasetadditional_t type; -@@ -316,6 +317,8 @@ struct acachectl { - (((header)->attributes & RDATASET_ATTR_RESIGN) != 0) - #define OPTOUT(header) \ - (((header)->attributes & RDATASET_ATTR_OPTOUT) != 0) -+#define NEGATIVE(header) \ -+ (((header)->attributes & RDATASET_ATTR_NEGATIVE) != 0) - - #define DEFAULT_NODE_LOCK_COUNT 7 /*%< Should be prime. */ - -@@ -698,11 +701,13 @@ update_rrsetstats(dns_rbtdb_t *rbtdb, rd - /* At the moment we count statistics only for cache DB */ - INSIST(IS_CACHE(rbtdb)); - -- if (NXDOMAIN(header)) -- statattributes = DNS_RDATASTATSTYPE_ATTR_NXDOMAIN; -- else if (RBTDB_RDATATYPE_BASE(header->type) == 0) { -- statattributes = DNS_RDATASTATSTYPE_ATTR_NXRRSET; -- base = RBTDB_RDATATYPE_EXT(header->type); -+ if (NEGATIVE(header)) { -+ if (NXDOMAIN(header)) -+ statattributes = DNS_RDATASTATSTYPE_ATTR_NXDOMAIN; -+ else { -+ statattributes = DNS_RDATASTATSTYPE_ATTR_NXRRSET; -+ base = RBTDB_RDATATYPE_EXT(header->type); -+ } - } else - base = RBTDB_RDATATYPE_BASE(header->type); - -@@ -2760,6 +2765,8 @@ bind_rdataset(dns_rbtdb_t *rbtdb, dns_rb - rdataset->covers = RBTDB_RDATATYPE_EXT(header->type); - rdataset->ttl = header->rdh_ttl - now; - rdataset->trust = header->trust; -+ if (NEGATIVE(header)) -+ rdataset->attributes |= DNS_RDATASETATTR_NEGATIVE; - if (NXDOMAIN(header)) - rdataset->attributes |= DNS_RDATASETATTR_NXDOMAIN; - if (OPTOUT(header)) -@@ -4793,7 +4800,7 @@ cache_find(dns_db_t *db, dns_name_t *nam - *nodep = node; - } - -- if (RBTDB_RDATATYPE_BASE(found->type) == 0) { -+ if (NEGATIVE(found)) { - /* - * We found a negative cache entry. - */ -@@ -5465,7 +5472,7 @@ cache_findrdataset(dns_db_t *db, dns_dbn - if (found == NULL) - return (ISC_R_NOTFOUND); - -- if (RBTDB_RDATATYPE_BASE(found->type) == 0) { -+ if (NEGATIVE(found)) { - /* - * We found a negative cache entry. - */ -@@ -5676,7 +5683,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *r - negtype = 0; - if (rbtversion == NULL && !newheader_nx) { - rdtype = RBTDB_RDATATYPE_BASE(newheader->type); -- if (rdtype == 0) { -+ if (NEGATIVE(newheader)) { - /* - * We're adding a negative cache entry. - */ -@@ -6218,6 +6225,8 @@ addrdataset(dns_db_t *db, dns_dbnode_t * - } else { - newheader->serial = 1; - newheader->resign = 0; -+ if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) -+ newheader->attributes |= RDATASET_ATTR_NEGATIVE; - if ((rdataset->attributes & DNS_RDATASETATTR_NXDOMAIN) != 0) - newheader->attributes |= RDATASET_ATTR_NXDOMAIN; - if ((rdataset->attributes & DNS_RDATASETATTR_OPTOUT) != 0) -@@ -7916,7 +7925,7 @@ rdatasetiter_next(dns_rdatasetiter_t *it - - type = header->type; - rdtype = RBTDB_RDATATYPE_BASE(header->type); -- if (rdtype == 0) { -+ if (NEGATIVE(header)) { - covers = RBTDB_RDATATYPE_EXT(header->type); - negtype = RBTDB_RDATATYPE_VALUE(covers, 0); - } else -diff -up bind-9.7.4b1/lib/dns/rdataset.c.CVE-2011-2464 bind-9.7.4b1/lib/dns/rdataset.c ---- bind-9.7.4b1/lib/dns/rdataset.c.CVE-2011-2464 2011-03-12 05:58:28.000000000 +0100 -+++ bind-9.7.4b1/lib/dns/rdataset.c 2011-07-06 22:21:24.768733118 +0200 -@@ -324,7 +324,7 @@ towiresorted(dns_rdataset_t *rdataset, c - count = 1; - result = dns_rdataset_first(rdataset); - INSIST(result == ISC_R_NOMORE); -- } else if (rdataset->type == 0) { -+ } else if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { - /* - * This is a negative caching rdataset. - */ -diff -up bind-9.7.4b1/lib/dns/resolver.c.CVE-2011-2464 bind-9.7.4b1/lib/dns/resolver.c ---- bind-9.7.4b1/lib/dns/resolver.c.CVE-2011-2464 2011-07-06 22:21:24.750733118 +0200 -+++ bind-9.7.4b1/lib/dns/resolver.c 2011-07-06 22:21:24.771733118 +0200 -@@ -426,6 +426,7 @@ struct dns_resolver { - FCTX_ADDRINFO_TRIED) != 0) - - #define NXDOMAIN(r) (((r)->attributes & DNS_RDATASETATTR_NXDOMAIN) != 0) -+#define NEGATIVE(r) (((r)->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) - - static void destroy(dns_resolver_t *res); - static void empty_bucket(dns_resolver_t *res); -@@ -1050,7 +1051,7 @@ fctx_sendevents(fetchctx_t *fctx, isc_re - * Negative results must be indicated in event->result. - */ - if (dns_rdataset_isassociated(event->rdataset) && -- event->rdataset->type == dns_rdatatype_none) { -+ NEGATIVE(event->rdataset)) { - INSIST(event->result == DNS_R_NCACHENXDOMAIN || - event->result == DNS_R_NCACHENXRRSET); - } -@@ -4218,7 +4219,7 @@ validated(isc_task_t *task, isc_event_t - if (result != ISC_R_SUCCESS && - result != DNS_R_UNCHANGED) - goto noanswer_response; -- if (ardataset != NULL && ardataset->type == 0) { -+ if (ardataset != NULL && NEGATIVE(ardataset)) { - if (NXDOMAIN(ardataset)) - eresult = DNS_R_NCACHENXDOMAIN; - else -@@ -4542,7 +4543,7 @@ cache_name(fetchctx_t *fctx, dns_name_t - result = ISC_R_SUCCESS; - if (!need_validation && - ardataset != NULL && -- ardataset->type == 0) { -+ NEGATIVE(ardataset)) { - /* - * The answer in the cache is - * better than the answer we -@@ -4672,7 +4673,7 @@ cache_name(fetchctx_t *fctx, dns_name_t - if (result == DNS_R_UNCHANGED) { - if (ANSWER(rdataset) && - ardataset != NULL && -- ardataset->type == 0) { -+ NEGATIVE(ardataset)) { - /* - * The answer in the cache is better - * than the answer we found, and is -@@ -4702,7 +4703,7 @@ cache_name(fetchctx_t *fctx, dns_name_t - * Negative results must be indicated in event->result. - */ - if (dns_rdataset_isassociated(event->rdataset) && -- event->rdataset->type == dns_rdatatype_none) { -+ NEGATIVE(event->rdataset)) { - INSIST(eresult == DNS_R_NCACHENXDOMAIN || - eresult == DNS_R_NCACHENXRRSET); - } -@@ -4782,7 +4783,7 @@ ncache_adderesult(dns_message_t *message - * care about whether it is DNS_R_NCACHENXDOMAIN or - * DNS_R_NCACHENXRRSET then extract it. - */ -- if (ardataset->type == 0) { -+ if (NEGATIVE(ardataset)) { - /* - * The cache data is a negative cache entry. - */ -diff -up bind-9.7.4b1/lib/dns/validator.c.CVE-2011-2464 bind-9.7.4b1/lib/dns/validator.c ---- bind-9.7.4b1/lib/dns/validator.c.CVE-2011-2464 2011-03-11 08:11:59.000000000 +0100 -+++ bind-9.7.4b1/lib/dns/validator.c 2011-07-06 22:21:24.774733118 +0200 -@@ -129,6 +129,8 @@ - #define SHUTDOWN(v) (((v)->attributes & VALATTR_SHUTDOWN) != 0) - #define CANCELED(v) (((v)->attributes & VALATTR_CANCELED) != 0) - -+#define NEGATIVE(r) (((r)->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) -+ - static void - destroy(dns_validator_t *val); - -@@ -735,7 +737,7 @@ dsvalidated(isc_task_t *task, isc_event_ - name = dns_fixedname_name(&val->fname); - if ((val->attributes & VALATTR_INSECURITY) != 0 && - val->frdataset.covers == dns_rdatatype_ds && -- val->frdataset.type == 0 && -+ NEGATIVE(&val->frdataset) && - isdelegation(name, &val->frdataset, DNS_R_NCACHENXRRSET)) { - if (val->mustbesecure) { - validator_log(val, ISC_LOG_WARNING, -@@ -4030,7 +4032,7 @@ validator_start(isc_task_t *task, isc_ev - val->attributes |= VALATTR_NEEDNODATA; - result = nsecvalidate(val, ISC_FALSE); - } else if (val->event->rdataset != NULL && -- val->event->rdataset->type == 0) -+ NEGATIVE(val->event->rdataset)) - { - /* - * This is a nonexistence validation. diff --git a/sources b/sources index 2e3140e..992f494 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -dc9187ef930385a68ab8d5553af78987 bind-9.7.4b1.tar.gz +cdf41397389abddb76a117c8e9b7d1dd bind-9.7.4.tar.gz 76857526420dc8e153ad688aeb5a2c4b config-8.tar.bz2