Full changelog: https://doc.powerdns.com/recursor/changelog/5.0.html#change-5.0.4 Q&A: poudriere: testport ok (14.0-RELEASE;amd64;) Makefile portclippy/portmft processed This release fixes the following CVE: CVE-2024-25583
Created attachment 250200 [details] Update PowerDNS Recursor to 5.0.4 (fixes CVE-2024-25583)
Created attachment 250202 [details] Add entry to VuXML for powerdns-recursor
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=9466b58e054bd1b86a4610a22cb7258f1567117c commit 9466b58e054bd1b86a4610a22cb7258f1567117c Author: Fernando Apesteguía <fernape@FreeBSD.org> AuthorDate: 2024-04-29 06:48:04 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-04-29 06:49:31 +0000 security/vuxml: Add powerdns-recursor DOS * CVE-2024-25583 A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected. PR: 278564 security/vuxml/vuln/2024.xml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=f6a57fcd8166af312bf8f3002253f0f0b8344875 commit f6a57fcd8166af312bf8f3002253f0f0b8344875 Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2024-04-29 06:43:52 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-04-29 16:22:06 +0000 dns/powerdns-recursor: update to 5.0.4 (CVE-2024-25583) ChangeLog: https://blog.powerdns.com/2024/04/24/powerdns-recursor-4-8-8-4-9-5-5-0-4-released * Base Score: 7.5 HIGH * Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H PR: 278564 Reported by: tremere@cainites.net (maintainer) MFH: 2024Q2 (security fix) Security: CVE-2024-25583 dns/powerdns-recursor/Makefile | 2 +- dns/powerdns-recursor/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
A commit in branch 2024Q2 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=aa8ab57da0b25ce2d03706e825e778a03ba17438 commit aa8ab57da0b25ce2d03706e825e778a03ba17438 Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2024-04-29 06:43:52 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-04-29 16:24:23 +0000 dns/powerdns-recursor: update to 5.0.4 (CVE-2024-25583) ChangeLog: https://blog.powerdns.com/2024/04/24/powerdns-recursor-4-8-8-4-9-5-5-0-4-released * Base Score: 7.5 HIGH * Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H PR: 278564 Reported by: tremere@cainites.net (maintainer) MFH: 2024Q2 (security fix) Security: CVE-2024-25583 (cherry picked from commit f6a57fcd8166af312bf8f3002253f0f0b8344875) dns/powerdns-recursor/Makefile | 2 +- dns/powerdns-recursor/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
Committed and merged to 2024Q2. Thanks!