Bug 211854

Summary: dns/powerdns*: backport CVE-2016-6172 fix to 3.x series
Product: Ports & Packages Reporter: Jason Unovitch <junovitch>
Component: Individual Port(s)Assignee: Ports Security Team <ports-secteam>
Status: Closed Overcome By Events    
Severity: Affects Some People CC: tremere
Priority: --- Keywords: needs-patch, needs-qa, security
Version: LatestFlags: junovitch: merge-quarterly?
Hardware: Any   
OS: Any   

Description Jason Unovitch freebsd_committer freebsd_triage 2016-08-15 01:44:16 UTC 
As noted in bug 211147, there is an issue with specially crafted queries in PowerDNS that impact the older release.  We've just updated to the 4.x series but given the scope of that change open this to start tracking a backport of the pertinent fix to the older 3.x in quarterly.
Comment 1 Jason Unovitch freebsd_committer freebsd_triage 2016-08-15 01:45:38 UTC 
Add PowerDNS maintainer. Can you test the upstream change for this and give a thumbs up if QA checks out? It looks like https://github.com/PowerDNS/pdns/pull/4134/commits/a014f4c224a7b21f1c648257d1fd1128413129aa is the pertinent pull request.
Comment 2 Jason Unovitch freebsd_committer freebsd_triage 2016-11-27 03:32:37 UTC 
Sorry, this is overcome by events with the 4.x series on 2016Q4.