Index: bin/named/unix/os.c
--- bin/named/unix/os.c.orig	2008-05-06 03:32:51 +0200
+++ bin/named/unix/os.c	2008-07-25 07:47:14 +0200
@@ -261,6 +261,13 @@
 	SET_CAP(CAP_SETGID);
 
 	/*
+	 * Since we call chown, we need this.
+	 */
+#if defined(CAP_CHOWN)
+	SET_CAP(CAP_CHOWN);
+#endif
+
+	/*
 	 * Without this, we run into problems reading a configuration file
 	 * owned by a non-root user and non-world-readable on startup.
 	 */

-----------------------------------------------------------------------------

As mentioned in http://article.gmane.org/gmane.network.dns.bind9.dlz/1900,
the '%' symbol is used to escape characters in LDAP URL's. This patch
replaces '%' with '$'. Without this patch BIND+dlz_ldap doesn't work.

As mentionned in http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/5a6cb9a54b56b199
"Assertion debug information" without this patch BIND+dlz crashes when
doing zone transfer request ("host -la domain server")

Index: contrib/dlz/drivers/sdlz_helper.c
--- contrib/dlz/drivers/sdlz_helper.c.orig	2005-09-05 02:10:57 +0200
+++ contrib/dlz/drivers/sdlz_helper.c	2008-11-26 20:46:52 +0100
@@ -166,12 +166,12 @@
 		ISC_LIST_APPEND(*tql, tseg, link);
 
 		/*
-		 * split string at the first "%". set query segment to
+		 * split string at the first "$". set query segment to
 		 * left portion
 		 */
 		tseg->sql = isc_mem_strdup(mctx,
 					   isc_string_separate(&right_str,
-							       "%"));
+							       "$"));
 		if (tseg->sql == NULL) {
 			/* no memory, clean everything up. */
 			result = ISC_R_NOMEMORY;
Index: bin/named/xfrout.c
--- bin/named/xfrout.c.orig	2008-04-03 08:20:33.000000000 +0200
+++ bin/named/xfrout.c	2008-11-27 08:58:20.000000000 +0100
@@ -1744,6 +1745,7 @@ xfrout_senddone(isc_task_t *task, isc_ev
 		sendstream(xfr);
 	} else {
 		/* End of zone transfer stream. */
+               if (xfr->zone != NULL)
 		inc_stats(xfr->zone, dns_nsstatscounter_xfrdone);
 		xfrout_log(xfr, ISC_LOG_INFO, "%s ended", xfr->mnemonic);
 		ns_client_next(xfr->client, ISC_R_SUCCESS);