Summary: | dns/powerdns-recursor: Upgrade to recent version (v4.0.4) - current(4.0.3) is vulnerable | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Dani I. <i.dani> | ||||
Component: | Individual Port(s) | Assignee: | Jason Unovitch <junovitch> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Many People | CC: | ghostonthewire, junovitch, ports-secteam, tremere | ||||
Priority: | --- | Keywords: | patch, patch-ready, security | ||||
Version: | Latest | Flags: | tremere:
maintainer-feedback+
junovitch: merge-quarterly+ |
||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Dani I.
2017-01-16 10:18:44 UTC
Created attachment 178975 [details] dns/powerdns-recursor: Update to version 4.0.4 dns/powerdns-recursor: Update to version 4.0.4 - Bump version to 4.0.4 - patch-lua-recursor4.cc is no longer needed [^1] - patch-mtasker__fcontext.cc is no longer needed [^2] - Adapt patches that are still relevant Has been built successfully on following versions: 10.2-RELEASE-p28/amd64 10.2-RELEASE-p28/i386 10.3-RELEASE-p15/amd64 10.3-RELEASE-p15/i386 11.0-RELEASE-p6/amd64 11.0-RELEASE-p6/i386 Full poudriere logs - https://gist.github.com/edfaf1d5c7b819e05397105f90b1a000 [^1]: https://github.com/PowerDNS/pdns/commit/f8a00d4 [^2]: https://github.com/PowerDNS/pdns/commit/b28b185, https://github.com/PowerDNS/pdns/commit/ddf6fa5 Looks good to me and can be committed. A commit references this bug: Author: junovitch Date: Wed Jan 18 11:22:48 UTC 2017 New revision: 431785 URL: https://svnweb.freebsd.org/changeset/ports/431785 Log: Document mulitiple PowerDNS vulnerabilities PR: 216135 PR: 216136 Reported by: Dani <i.dani@outlook.com> Security: CVE-2016-2120 Security: CVE-2016-7068 Security: CVE-2016-7072 Security: CVE-2016-7073 Security: CVE-2016-7074 Security: https://vuxml.FreeBSD.org/freebsd/e3200958-dd6c-11e6-ae1b-002590263bf5.html Changes: head/security/vuxml/vuln.xml A commit references this bug: Author: junovitch Date: Wed Jan 18 11:24:41 UTC 2017 New revision: 431788 URL: https://svnweb.freebsd.org/changeset/ports/431788 Log: dns/powerdns-recursor: update 4.0.3 -> 4.0.4 Changes: https://doc.powerdns.com/md/changelog/#powerdns-recursor-404 PR: 216135 Reported by: Dani <i.dani@outlook.com> Submitted by: ghostonthewire@gmail.com Approved by: Ralf van der Enden <tremere@cainites.net> (maintainer) Security: CVE-2016-7068 Security: CVE-2016-7073 Security: CVE-2016-7074 Security: https://vuxml.FreeBSD.org/freebsd/e3200958-dd6c-11e6-ae1b-002590263bf5.html MFH: 2017Q1 Changes: head/dns/powerdns-recursor/Makefile head/dns/powerdns-recursor/distinfo head/dns/powerdns-recursor/files/extrapatch-setuid head/dns/powerdns-recursor/files/patch-dnsname.hh head/dns/powerdns-recursor/files/patch-lua-recursor4.cc head/dns/powerdns-recursor/files/patch-mtasker__fcontext.cc A commit references this bug: Author: junovitch Date: Wed Jan 18 11:25:18 UTC 2017 New revision: 431789 URL: https://svnweb.freebsd.org/changeset/ports/431789 Log: MFH: r431788 dns/powerdns-recursor: update 4.0.3 -> 4.0.4 Changes: https://doc.powerdns.com/md/changelog/#powerdns-recursor-404 PR: 216135 Reported by: Dani <i.dani@outlook.com> Submitted by: ghostonthewire@gmail.com Approved by: Ralf van der Enden <tremere@cainites.net> (maintainer) Approved by: ports-secteam (with hat) Security: CVE-2016-7068 Security: CVE-2016-7073 Security: CVE-2016-7074 Security: https://vuxml.FreeBSD.org/freebsd/e3200958-dd6c-11e6-ae1b-002590263bf5.html Changes: _U branches/2017Q1/ branches/2017Q1/dns/powerdns-recursor/Makefile branches/2017Q1/dns/powerdns-recursor/distinfo branches/2017Q1/dns/powerdns-recursor/files/extrapatch-setuid branches/2017Q1/dns/powerdns-recursor/files/patch-dnsname.hh branches/2017Q1/dns/powerdns-recursor/files/patch-lua-recursor4.cc branches/2017Q1/dns/powerdns-recursor/files/patch-mtasker__fcontext.cc To all involved for the initial report, the patch, and the maintainer approval; thanks! |