subtree updates

poky: ddb298ce89..fc25449687:
  Alex Kiernan (1):
        rust: Upgrade 1.68.1 -> 1.68.2

  Alexander Kanavin (5):
        selftest/distrodata: clean up exception lists in recipe maintainers test
        dhcpcd: use git instead of tarballs
        perl: patch out build paths from native binaries
        libgcrypt: update 1.10.1 -> 1.10.2
        rpm: update 4.18.0 -> 4.18.1

  Andrew Jeffery (1):
        Revert "ipk: Decode byte data to string in manifest handling"

  Archana Polampalli (1):
        git: ignore CVE-2023-25815

  Arslan Ahmad (1):
        kernel-fitimage: Fix the default dtb config check

  Bruce Ashfield (9):
        kernel: improve initramfs bundle processing time
        yocto-bsps: update to v5.15.106
        linux-yocto/5.15: update to v5.15.109
        linux-yocto/5.15: update to v5.15.110
        linux-yocto/5.15: update to v5.15.111
        linux-yocto/5.15: update to v5.15.112
        linux-yocto/5.15: update to v5.15.113
        kernel: don't force PAHOLE=false
        linux-yocto: move build / debug dependencies to .inc

  Chen Qi (1):
        staging.bbclass: do not add extend_recipe_sysroot to prefuncs of prepare_recipe_sysroot

  Chi Xu (1):
        expect: Add ptest support

  Daniel Ammann (1):
        overview-manual: concepts.rst: Fix a typo

  Deepthi Hemraj (1):
        binutils: stable 2.40 branch updates

  Denys Dmytriyenko (1):
        xz: upgrade 5.4.2 -> 5.4.3

  Dmitry Baryshkov (1):
        linux-firmware: upgrade 20230210 -> 20230404

  Eero Aaltonen (1):
        avahi: fix D-Bus introspection

  Enrico Jörns (1):
        package_manager/ipk: fix config path generation in _create_custom_config()

  Jan Vermaete (1):
        cve-update-nvd2-native: added the missing http import

  Joe Slater (1):
        ghostscript: fix CVE-2023-28879

  Johannes Schrimpf (1):
        python3targetconfig.bbclass: Extend PYTHONPATH instead of overwriting

  Kai Kang (1):
        libnotify: remove dependency dbus

  Khem Raj (10):
        cargo: Fix build on musl/riscv
        gawk: Disable known ptest fails on musl
        gawk: Remove redundant patch
        gawk: Add skipped.txt to emit test to ignore
        libxml2: Disable icu tests on musl
        quilt: Fix merge.test race condition
        piglit: Fix c++11-narrowing warnings in tests
        cpio: Run ptests under ptest user
        go: Upgrade 1.20.1 -> 1.20.4
        go: Use -no-pie to build target cgo

  Lee Chee Yang (3):
        release-notes-4.2: update known issues and Repositories/Downloads
        migration-guides: add release-notes for 4.1.4
        migration-guides: add release notes for 4.2.1

  Lorenzo Arena (1):
        conf: add nice level to the hash config ignred variables

  Luca Ceresoli (2):
        ref-manual: classes: kernel: remove incorrect sentence opening
        ref-manual: classes: kernel: document automatic defconfig usage

  Markus Volk (1):
        gtk4: update 4.10.0 -> 4.10.3

  Martin Jansa (7):
        populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override
        populate_sdk_ext.bbclass: redirect stderr to stdout so that both end in LOGFILE
        populate_sdk_base.bbclass: respect MLPREFIX for ptest-pkgs's ptest-runner
        binutils: package static libs from gprofng
        go.bbclass: don't use test to check output from ls
        image-live.bbclass: respect IMAGE_MACHINE_SUFFIX
        rpm: drop unused 0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch

  Martin Siegumfeldt (1):
        systemd-systemctl: fix instance template WantedBy symlink construction

  Michael Halstead (2):
        uninative: Upgrade to 3.10 to support gcc 13
        uninative: Upgrade to 4.0 to include latest gcc 13.1.1

  Michael Opdenacker (2):
        migration-guides: release-notes-4.2: add doc improvement highlights
        releases.svg: fix and explain duration of Hardknott 3.3

  Mikko Rapeli (1):
        qemurunner: avoid leaking server_socket

  Ming Liu (1):
        weston: add xwayland to DEPENDS for PACKAGECONFIG xwayland

  Otavio Salvador (1):
        mesa: 23.0.2 -> 23.0.3

  Pablo Saavedra (1):
        gstreamer1.0: upgrade 1.22.0 -> 1.22.2

  Paul Gortmaker (1):
        scripts: fix buildstats diff/summary hard bound to host python3

  Pavel Zhukov (1):
        lib/terminal.py: Add urxvt terminal

  Pawan Badganchi (1):
        tiff: Add fix for CVE-2022-4645

  Peter Bergin (1):
        update-alternatives.bbclass: fix old override syntax

  Peter Kjellerstedt (3):
        license.bbclass: Include LICENSE in the output when it fails to parse
        musl: Correct SRC_URI
        xf86-video-intel: Use the HTTPS protocol to fetch the Git repositories

  Piotr Łobacz (1):
        libarchive: Enable acls, xattr for native as well as target

  Qiu Tingting (2):
        e2fsprogs: fix ptest bug for second running
        e2fsprogs: Fix error SRCDIR when using usrmerge DISTRO_FEATURES

  Randy MacLeod (1):
        vim: upgrade 9.0.1429 -> 9.0.1527

  Ranjitsinh Rathod (2):
        libbsd: Add correct license for all packages
        kmscube: Correct DEPENDS to avoid overwrite

  Richard Purdie (8):
        qemu: Add fix for powerpc instruction fallback issue
        qemu: Update ppc instruction fix to match revised upstream version
        glib-networking: Add test retry to avoid failures
        glib-networking: Correct glib error handling in test patch
        maintainers.inc: Fix email address typo
        maintainers.inc: Move repo to unassigned
        recipes: Default to https git protocol where possible
        selftest/reproducible: Allow native/cross reuse in test

  Ross Burton (5):
        connman: backport fix for CVE-2023-28488
        cpio: fix appending to archives larger than 2GB
        machine/qemuarm*: don't explicitly set vmalloc
        gdb: fix crashes when debugging threads with Arm Pointer Authentication enabled
        meta: depend on autoconf-archive-native, not autoconf-archive

  Steve Sakoman (3):
        Revert "xserver-xorg: backport fix for CVE-2023-1393"
        poky.conf: bump version for 4.2.1 release
        build-appliance-image: Update to mickledore head revision

  Sudip Mukherjee (4):
        libxfixes: Upgrade to v6.0.1
        xwininfo: upgrade to v1.1.6
        xinput: upgrade to v1.6.4
        libxi: upgrade to v1.8.1

  Thomas Roos (3):
        oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set
        oeqa/selftest/cases/devtool.py: skip all tests require folder a git repo
        oeqa: adding selftest-hello and use it to speed up tests

  Tim Orling (1):
        libmodule-build-perl: upgrade 0.4232 -> 0.4234

  Tom Hochstein (1):
        piglit: Add missing glslang dependencies

  Ulrich Ölmann (1):
        ref-manual: classes.rst: fix typo

  Upgrade Helper (1):
        waffle: upgrade 1.7.0 -> 1.7.2

  Virendra Thakur (1):
        qemu: Whitelist CVE-2023-0664

  Wang Mingyu (18):
        apr: upgrade 1.7.2 -> 1.7.3
        bind: upgrade 9.18.12 -> 9.18.13
        cracklib: upgrade 2.9.10 -> 2.9.11
        libhandy: upgrade 1.8.1 -> 1.8.2
        libpcap: upgrade 1.10.3 -> 1.10.4
        libsdl2: upgrade 2.26.3 -> 2.26.5
        mpg123: upgrade 1.31.2 -> 1.31.3
        man-pages: upgrade 6.03 -> 6.04
        mtools: upgrade 4.0.42 -> 4.0.43
        pango: upgrade 1.50.13 -> 1.50.14
        ruby: upgrade 3.2.1 -> 3.2.2
        texinfo: upgrade 7.0.2 -> 7.0.3
        wpebackend-fdo: upgrade 1.14.0 -> 1.14.2
        xserver-xorg: upgrade 21.1.7 -> 21.1.8
        xwayland: upgrade 22.1.8 -> 23.1.1
        vala: upgrade 0.56.4 -> 0.56.6
        mesa: upgrade 23.0.0 -> 23.0.2
        iso-codes: upgrade 4.13.0 -> 4.15.0

  Xiangyu Chen (1):
        sysstat: Fix CVE-2023-33204

  Yoann Congal (1):
        cve-extra-exclusions: linux-yocto: ignore fixed CVE-2023-1652 & CVE-2023-1829

  Zhixiong Chi (1):
        libpam: Fix the xtests/tst-pam_motd[1|3] failures

  bkylerussell@gmail.com (1):
        kernel-devsrc: depend on python3-core instead of python3

  hen Qi (1):
        unfs3: fix symlink time setting issue

  nikhil (1):
        tiff: Remove unused patch from tiff

meta-raspberrypi: bf948e0aa8..aa0aed9a08:
  Florin Sarbu (1):
        udev-rules-rpi: Use 99-com.rules directly from upstream

  Martin Jansa (3):
        rpi-libcamera-apps: fix flags used in aarch64 builds
        rpi-libcamera-apps: fix version generation on hosts with older python
        rpi-libcamera-apps: bump to latest SRCREV and set PV

meta-openembedded: 2d89a469e5..9286582126:
  Alexander Amelkin (1):
        ipmitool: Update links

  Arsalan H. Awan (1):
        meta-networking/licenses/netperf: remove unused license

  Bartosz Golaszewski (2):
        python3-gpiod: add missing run-time dependencies
        libgpiod: install the libgpiosim header

  Bergin, Peter (1):
        freediameter: fix typo and old overide syntax

  Bhargav Das (2):
        tslib: Add native & nativestdk package support
        pointercal: Add native & nativestdk package support

  Changqing Li (1):
        redis: upgrade 6.2.11 -> 6.2.12

  Chen Qi (1):
        frr: add CVE_PRODUCT

  Jasper Orschulko (1):
        python3-gcovr: Add missing runtime dependency

  Joe Slater (1):
        bats: use baselib

  Khem Raj (48):
        fwupd: Do not emit build time paths into generated headers
        libcereal: Fix TMPDIR leaking into debug_str section
        libtimezonemap: Point to a working SRC_URI
        unixODBC: Update SRC_URI to use updated location of tarball
        unicode-ucd: Update license URI to reflect renamed license
        libx86: Point to working SRC_URI
        ctapi-common: Point to working SRC_URI locations
        netkit-ftp: Update to debian patch 34
        nicstat: Use SOURCEFORGE_MIRROR in SRC_URI
        rp-pppoe: Point SRC_URI to valid location
        ttf-mplus: Point to valid download location for SRC_URI
        ttf-lklug: Point SRC_URI to a working location
        radiusclient-ng: Point SRC_URI to archive.ubuntu.com
        httpfs2: Do not use S during compile/install tasks
        p910nd: Switch to using github for SRC_URI
        mosh: Point SRC_URI to https://mosh.org/
        debootstrap: Update SRC_URI to point to valid URL
        debootstrap: Use DEBIAN_MIRROR for SRC_URI
        ttf-gentium: Switch to debian archive mirror for SRC_URI
        nfacct: Update SRC_URI to point to valid URL
        libencode-perl: Remove buildpaths from generated .exh files
        enca: Remove buildpaths from target scripts
        libirecovery: Add missing build dependency on readline
        fftw: Remove hardcoded sysroot into binaries
        lmdb: Pass CFLAGS to Makefile
        php: Remove buildpaths from scripts and generated headers
        uw-imap: Pass CFLAGS from environment
        libmad: Add a patch to pass cflags to build
        libpeas: Fix reference to TMPDIR in tests
        lirc: Define SH_PATH=/bin/sh
        mce-inject: Pass CFLAGS to make
        nbdkit: Remove buildpaths from binaries
        mpv: Remove references to builddir from mpv binary
        libnice: Remove buildpaths from binaries
        curlpp: Remove references to buildpaths e.g. TMPDIR
        unbound: Remove references to buildpaths
        uml-utilities: Fix references to TMPDIR
        openct: Fix buildpaths being emitted into generated types.h
        minifi-cpp: Remove references to buildpaths in generated files
        freerdp: Fix reference to TMPDIR in libfreerdp2.so
        nautilus: Fix buildpath QA errors
        cgdb: Fix buildpaths emitted into cgdb binary
        ibus: Point python interpreter to target location
        gimp: Fix buildpaths in binaries and scripts
        libgphoto2: Edit out sysroot from CC variable in configure
        vlan: Pass CFLAGS via CCFLAGS
        sgpio: Pass CFLAGS to make
        x265: Pass --debug-prefix-map to nasm

  Markus Volk (1):
        polkit: update SRC_URI

  Martin Jansa (16):
        lirc: fix do_install with multilib
        dleyna-{server,renderer}: fix dev-so QA issue with multilib
        libreport: add dependency on libarchive
        libxmlb: add missing dependency on glib-2.0 and xz
        geoclue: fix build without gobject-introspection-data
        appstream: fix build without gobject-introspection-data
        ostree: fix build without gobject-introspection-data
        rdfind: fix build with -Werror=return-type
        spice-gtk: respect gobject-introspection-data
        cpulimit: fix do_install with multilib
        libnfs: fix installed-vs-shipped issues with multilib
        btrfsmaintenance: install to ${datadir}/${BPN}
        libtomcrypt: pass LIBPATH to fix installed-vs-shipped with multilib
        nanopb: fix installed-vs-shipped with multilib
        nv-codec-headers: fix installed-vs-shipped with multilib
        zfs: fix installation paths for multilib

  Ming Liu (2):
        libusbgx: drop hard-coded /usr/bin,/etc
        libusbgx: check scripts in /etc/usbgx.d

  Mingli Yu (2):
        php: Link with libatomic on rv64
        minicoredumper: correct the sysvinit service file attribute

  Peter Marko (1):
        ntp: whitelist CVE-2019-11331

  Petr Gotthard (1):
        gensio: fix QA issue: non -staticdev package with .a libraries

  Valeria Petrov (1):
        apache2: upgrade 2.4.56 -> 2.4.57

  Virendra Thakur (2):
        p7zip: fix for CVE-2018-5996
        p7zip: Fix for CVE-2016-9296

  Wang Mingyu (6):
        redis: upgrade 7.0.10 -> 7.0.11
        hdf5: Fix install conflict when enable multilib.
        php: upgrade 8.2.4 -> 8.2.5
        postgresql: upgrade 15.2 -> 15.3
        php: upgrade 8.2.5 -> 8.2.6
        nautilus: upgrade 44.0 -> 44.1

  Yogita Urade (1):
        dlt-daemon: fix CVE-2023-26257

  schitrod=cisco.com@lists.openembedded.org (1):
        gnulib: Update recipe name to 2018-12-18

meta-security: 53c5cc794f..d7db0a3bd1:
  Peter Hoyes (1):
        meta-parsec/layer.conf: Insert addpylib declaration

meta-arm: 0b5724266a..8db460fa5d:
  Abdellatif El Khlifi (2):
        kas: corstone1000: set branches to mickledore
        arm-bsp/u-boot: corstone1000: upgrade NVMXIP support

  Emekcan Aras (3):
        arm-bsp/trusted-firmware-m: Align Capsule Update with GPT changes
        arm-bsp/wic: corstone1000: Fix and limit the partition size for corstone1000
        arm-bsp/u-boot: corstone1000: enable PSCI reset

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Id8a293d03f6c2320ff407a7aaed4416038ba04ed

1 files changed, 330 insertions, 0 deletions

diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.13/conf.patch
new file mode 100644
index 0000000000..aa3642acec
--- /dev/null
+++ b/poky/meta/recipes-connectivity/bind/bind-9.18.13/conf.patch
@@ -0,0 +1,330 @@
+Upstream-Status: Inappropriate [configuration]
+
+the patch is imported from openembedded project
+
+11/30/2010 - Qing He <qing.he@intel.com>
+
+diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0
+--- bind-9.3.1.orig/conf/db.0	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/db.0	2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,12 @@
++;
++; BIND reverse data file for broadcast zone
++;
++$TTL	604800
++@	IN	SOA	localhost. root.localhost. (
++			      1		; Serial
++			 604800		; Refresh
++			  86400		; Retry
++			2419200		; Expire
++			 604800 )	; Negative Cache TTL
++;
++@	IN	NS	localhost.
+diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127
+--- bind-9.3.1.orig/conf/db.127	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/db.127	2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,13 @@
++;
++; BIND reverse data file for local loopback interface
++;
++$TTL	604800
++@	IN	SOA	localhost. root.localhost. (
++			      1		; Serial
++			 604800		; Refresh
++			  86400		; Retry
++			2419200		; Expire
++			 604800 )	; Negative Cache TTL
++;
++@	IN	NS	localhost.
++1.0.0	IN	PTR	localhost.
+diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty
+--- bind-9.3.1.orig/conf/db.empty	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/db.empty	2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,14 @@
++; BIND reverse data file for empty rfc1918 zone
++;
++; DO NOT EDIT THIS FILE - it is used for multiple zones.
++; Instead, copy it, edit named.conf, and use that copy.
++;
++$TTL	86400
++@	IN	SOA	localhost. root.localhost. (
++			      1		; Serial
++			 604800		; Refresh
++			  86400		; Retry
++			2419200		; Expire
++			  86400 )	; Negative Cache TTL
++;
++@	IN	NS	localhost.
+diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255
+--- bind-9.3.1.orig/conf/db.255	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/db.255	2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,12 @@
++;
++; BIND reserve data file for broadcast zone
++;
++$TTL	604800
++@	IN	SOA	localhost. root.localhost. (
++			      1		; Serial
++			 604800		; Refresh
++			  86400		; Retry
++			2419200		; Expire
++			 604800 )	; Negative Cache TTL
++;
++@	IN	NS	localhost.
+diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local
+--- bind-9.3.1.orig/conf/db.local	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/db.local	2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,13 @@
++;
++; BIND data file for local loopback interface
++;
++$TTL	604800
++@	IN	SOA	localhost. root.localhost. (
++			      1		; Serial
++			 604800		; Refresh
++			  86400		; Retry
++			2419200		; Expire
++			 604800 )	; Negative Cache TTL
++;
++@	IN	NS	localhost.
++@	IN	A	127.0.0.1
+diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root
+--- bind-9.3.1.orig/conf/db.root	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/db.root	2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,45 @@
++
++; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net.
++;; global options:  printcmd
++;; Got answer:
++;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944
++;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
++
++;; QUESTION SECTION:
++;.				IN	NS
++
++;; ANSWER SECTION:
++.			518400	IN	NS	A.ROOT-SERVERS.NET.
++.			518400	IN	NS	B.ROOT-SERVERS.NET.
++.			518400	IN	NS	C.ROOT-SERVERS.NET.
++.			518400	IN	NS	D.ROOT-SERVERS.NET.
++.			518400	IN	NS	E.ROOT-SERVERS.NET.
++.			518400	IN	NS	F.ROOT-SERVERS.NET.
++.			518400	IN	NS	G.ROOT-SERVERS.NET.
++.			518400	IN	NS	H.ROOT-SERVERS.NET.
++.			518400	IN	NS	I.ROOT-SERVERS.NET.
++.			518400	IN	NS	J.ROOT-SERVERS.NET.
++.			518400	IN	NS	K.ROOT-SERVERS.NET.
++.			518400	IN	NS	L.ROOT-SERVERS.NET.
++.			518400	IN	NS	M.ROOT-SERVERS.NET.
++
++;; ADDITIONAL SECTION:
++A.ROOT-SERVERS.NET.	3600000	IN	A	198.41.0.4
++B.ROOT-SERVERS.NET.	3600000	IN	A	192.228.79.201
++C.ROOT-SERVERS.NET.	3600000	IN	A	192.33.4.12
++D.ROOT-SERVERS.NET.	3600000	IN	A	128.8.10.90
++E.ROOT-SERVERS.NET.	3600000	IN	A	192.203.230.10
++F.ROOT-SERVERS.NET.	3600000	IN	A	192.5.5.241
++G.ROOT-SERVERS.NET.	3600000	IN	A	192.112.36.4
++H.ROOT-SERVERS.NET.	3600000	IN	A	128.63.2.53
++I.ROOT-SERVERS.NET.	3600000	IN	A	192.36.148.17
++J.ROOT-SERVERS.NET.	3600000	IN	A	192.58.128.30
++K.ROOT-SERVERS.NET.	3600000	IN	A	193.0.14.129
++L.ROOT-SERVERS.NET.	3600000	IN	A	198.32.64.12
++M.ROOT-SERVERS.NET.	3600000	IN	A	202.12.27.33
++
++;; Query time: 81 msec
++;; SERVER: 198.41.0.4#53(a.root-servers.net.)
++;; WHEN: Sun Feb  1 11:27:14 2004
++;; MSG SIZE  rcvd: 436
++
+diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf
+--- bind-9.3.1.orig/conf/named.conf	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/named.conf	2005-07-10 22:33:46.000000000 +0200
+@@ -0,0 +1,49 @@
++// This is the primary configuration file for the BIND DNS server named.
++//
++// If you are just adding zones, please do that in /etc/bind/named.conf.local
++
++include "/etc/bind/named.conf.options";
++
++// prime the server with knowledge of the root servers
++zone "." {
++	type hint;
++	file "/etc/bind/db.root";
++};
++
++// be authoritative for the localhost forward and reverse zones, and for
++// broadcast zones as per RFC 1912
++
++zone "localhost" {
++	type master;
++	file "/etc/bind/db.local";
++};
++
++zone "127.in-addr.arpa" {
++	type master;
++	file "/etc/bind/db.127";
++};
++
++zone "0.in-addr.arpa" {
++	type master;
++	file "/etc/bind/db.0";
++};
++
++zone "255.in-addr.arpa" {
++	type master;
++	file "/etc/bind/db.255";
++};
++
++// zone "com" { type delegation-only; };
++// zone "net" { type delegation-only; };
++
++// From the release notes:
++//  Because many of our users are uncomfortable receiving undelegated answers
++//  from root or top level domains, other than a few for whom that behaviour
++//  has been trusted and expected for quite some length of time, we have now
++//  introduced the "root-delegations-only" feature which applies delegation-only
++//  logic to all top level domains, and to the root domain.  An exception list
++//  should be specified, including "MUSEUM" and "DE", and any other top level
++//  domains from whom undelegated responses are expected and trusted.
++// root-delegation-only exclude { "DE"; "MUSEUM"; };
++
++include "/etc/bind/named.conf.local";
+diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local
+--- bind-9.3.1.orig/conf/named.conf.local	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/named.conf.local	2005-07-10 22:14:06.000000000 +0200
+@@ -0,0 +1,8 @@
++//
++// Do any local configuration here
++//
++
++// Consider adding the 1918 zones here, if they are not used in your
++// organization
++//include "/etc/bind/zones.rfc1918";
++
+diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options
+--- bind-9.3.1.orig/conf/named.conf.options	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/named.conf.options	2005-07-10 22:14:06.000000000 +0200
+@@ -0,0 +1,24 @@
++options {
++	directory "/var/cache/bind";
++
++	// If there is a firewall between you and nameservers you want
++	// to talk to, you might need to uncomment the query-source
++	// directive below.  Previous versions of BIND always asked
++	// questions using port 53, but BIND 8.1 and later use an unprivileged
++	// port by default.
++
++	// query-source address * port 53;
++
++	// If your ISP provided one or more IP addresses for stable 
++	// nameservers, you probably want to use them as forwarders.  
++	// Uncomment the following block, and insert the addresses replacing 
++	// the all-0's placeholder.
++
++	// forwarders {
++	// 	0.0.0.0;
++	// };
++
++	auth-nxdomain no;    # conform to RFC1035
++
++};
++
+diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918
+--- bind-9.3.1.orig/conf/zones.rfc1918	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/conf/zones.rfc1918	2005-07-10 22:14:10.000000000 +0200
+@@ -0,0 +1,20 @@
++zone "10.in-addr.arpa"      { type master; file "/etc/bind/db.empty"; };
++ 
++zone "16.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "17.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "18.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "19.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "20.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "21.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "22.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "23.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "24.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "25.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "26.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "27.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "28.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "29.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "30.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++zone "31.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
++
++zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d
+--- bind-9.3.1.orig/init.d	1970-01-01 01:00:00.000000000 +0100
++++ bind-9.3.1/init.d	2005-07-10 23:09:58.000000000 +0200
+@@ -0,0 +1,70 @@
++#!/bin/sh
++
++PATH=/sbin:/bin:/usr/sbin:/usr/bin
++
++# for a chrooted server: "-u bind -t /var/lib/named"
++# Don't modify this line, change or create /etc/default/bind9.
++OPTIONS=""
++
++test -f /etc/default/bind9 && . /etc/default/bind9
++
++test -x /usr/sbin/rndc || exit 0
++
++case "$1" in
++    start)
++	echo -n "Starting domain name service: named"
++
++	modprobe capability >/dev/null 2>&1 || true
++	if [ ! -f /etc/bind/rndc.key ]; then
++	    /usr/sbin/rndc-confgen -a -b 512
++	    chmod 0640 /etc/bind/rndc.key
++	fi
++	if [ -f /var/run/named/named.pid ]; then
++	    ps `cat /var/run/named/named.pid` > /dev/null && exit 1
++	fi
++
++	# dirs under /var/run can go away on reboots.
++	mkdir -p /var/run/named
++	mkdir -p /var/cache/bind
++	chmod 775 /var/run/named
++	chown root:bind /var/run/named >/dev/null 2>&1 || true
++
++	if [ ! -x /usr/sbin/named ]; then
++	    echo "named binary missing - not starting"
++	    exit 1
++	fi
++	if start-stop-daemon --start --quiet --exec /usr/sbin/named \
++		--pidfile /var/run/named/named.pid -- $OPTIONS; then
++	    if [ -x /sbin/resolvconf ] ; then
++		echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo
++	    fi
++	fi
++	echo "."	
++    ;;
++
++    stop)
++	echo -n "Stopping domain name service: named"
++	if [ -x /sbin/resolvconf ]; then
++	    /sbin/resolvconf -d lo
++	fi
++	/usr/sbin/rndc stop >/dev/null 2>&1
++	echo "."	
++    ;;
++
++    reload)
++	/usr/sbin/rndc reload
++    ;;
++
++    restart|force-reload)
++	$0 stop
++	sleep 2
++	$0 start
++    ;;
++    
++    *)
++	echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
++	exit 1
++    ;;
++esac
++
++exit 0