Bug 238705

Summary: dns/powerdns: Update to 4.1.10 (Fixes security vulnerabilities)
Product: Ports & Packages Reporter: Ralf van der Enden <tremere>
Component: Individual Port(s)Assignee: Steve Wills <swills>
Status: Closed FIXED    
Severity: Affects Many People CC: i.dani, ports-secteam
Priority: Normal Keywords: security
Version: LatestFlags: swills: merge-quarterly+
Hardware: Any   
OS: Any   
URL: https://doc.powerdns.com/authoritative/changelog/4.1.html#change-4.1.10
Attachments:
Description Flags
Update to PowerDNS Authoritative Server 4.1.9
tremere: maintainer-approval+
Update to PowerDNS Authoritative Server 4.1.10
tremere: maintainer-approval+
Describe vulnerabilities for VuXML none

Description Ralf van der Enden 2019-06-19 12:19:05 UTC 
Created attachment 205219 [details]
Update to PowerDNS Authoritative Server 4.1.9

Changelog:
This maintenance release of the PowerDNS Authoritative Server has the following changes[1]:

- #7922: by popular demand, the option to disable superslave support has been backported from 4.2.0 to 4.1.9
- #7921: `pdnsutil b2b-migrate` would lose NSEC3 settings. This has been corrected now.

QA:
portlint: OK (looks fine.)
testport: OK (12.0, amd64, DOCS EXAMPLES LUAJIT MYSQL OPTALGO PGSQL PROTOBUF)
Comment 1 Ralf van der Enden 2019-06-19 12:21:20 UTC 
The Makefile has been formatted using ports-mgt/portfmt, which accounts for the additional changes in the diff
Comment 2 Ralf van der Enden 2019-06-21 11:31:34 UTC 
Created attachment 205258 [details]
Update to PowerDNS Authoritative Server 4.1.10


This release and 4.1.9 together fix the following security advisories:

PowerDNS Security Advisory 2019-04 (CVE-2019-10162)
PowerDNS Security Advisory 2019-05 (CVE-2019-10163)

Bug Fixes:
Do not exit on exception parsing names of name servers to notify.ΒΆ

QA:
portlint: OK (looks fine.)
testport: OK (12.0, amd64, DOCS EXAMPLES LUAJIT MYSQL OPTALGO PGSQL PROTOBUF)
Comment 3 Ralf van der Enden 2019-06-21 11:32:19 UTC 
Created attachment 205259 [details]
Describe vulnerabilities for VuXML
Comment 4 Dani I. 2019-06-24 09:31:32 UTC 
Could someone commit this please? :)
Comment 5 commit-hook freebsd_committer freebsd_triage 2019-06-30 20:39:32 UTC 
A commit references this bug:

Author: swills
Date: Sun Jun 30 20:39:27 UTC 2019
New revision: 505486
URL: https://svnweb.freebsd.org/changeset/ports/505486

Log:
  dns/powerdns: update to 4.1.10

  PR:		238705
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  MFH:		2019Q2
  Security:	1c21f6a3-9415-11e9-95ec-6805ca2fa271

Changes:
  head/dns/powerdns/Makefile
  head/dns/powerdns/distinfo
Comment 6 commit-hook freebsd_committer freebsd_triage 2019-06-30 20:45:42 UTC 
A commit references this bug:

Author: swills
Date: Sun Jun 30 20:45:24 UTC 2019
New revision: 505487
URL: https://svnweb.freebsd.org/changeset/ports/505487

Log:
  MFH: r499039 r505025 r505486

  dns/powerdns: update to 4.1.8

  PR:		236717
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)

  Similar to r502813 for dns/powerdns-recursor, fix build on GCC-based
  systems:

    Don't add -L/usr/lib unconditionally, it makes gcc8 (used on GCC-based
    systems) link to base libstdc++.

  Given that this is a build fix that does not affect clang-based systems,
  there should be no need to bump portrevision.

  PR:		238742
  Reported by:	pkubaj
  Approved by:	maintainer

  dns/powerdns: update to 4.1.10

  PR:		238705
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  Security:	1c21f6a3-9415-11e9-95ec-6805ca2fa271

  Approved by:	ports-secteam (implicit)

Changes:
_U  branches/2019Q2/
  branches/2019Q2/dns/powerdns/Makefile
  branches/2019Q2/dns/powerdns/distinfo
  branches/2019Q2/dns/powerdns/files/patch-configure
Comment 7 Steve Wills freebsd_committer freebsd_triage 2019-06-30 20:47:31 UTC 
Committed, thanks!
Comment 8 Steve Wills freebsd_committer freebsd_triage 2019-07-01 10:52:03 UTC 
Oops, committed the wrong patch.
Comment 9 commit-hook freebsd_committer freebsd_triage 2019-07-01 15:45:42 UTC 
A commit references this bug:

Author: swills
Date: Mon Jul  1 15:44:48 UTC 2019
New revision: 505605
URL: https://svnweb.freebsd.org/changeset/ports/505605

Log:
  dns/powerdns: Actually update to 4.1.10

  Previous update was old patch to 4.1.9

  PR:		238705
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  MFH:		2019Q2
  Security:	1c21f6a3-9415-11e9-95ec-6805ca2fa271

Changes:
  head/dns/powerdns/Makefile
  head/dns/powerdns/distinfo
Comment 10 commit-hook freebsd_committer freebsd_triage 2019-07-01 15:46:45 UTC 
A commit references this bug:

Author: swills
Date: Mon Jul  1 15:45:59 UTC 2019
New revision: 505606
URL: https://svnweb.freebsd.org/changeset/ports/505606

Log:
  MFH: r505605

  dns/powerdns: Actually update to 4.1.10

  Previous update was old patch to 4.1.9

  PR:		238705
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  Security:	1c21f6a3-9415-11e9-95ec-6805ca2fa271

  Approved by:	ports-secteam (implicit)

Changes:
_U  branches/2019Q2/
  branches/2019Q2/dns/powerdns/Makefile
  branches/2019Q2/dns/powerdns/distinfo
Comment 11 Steve Wills freebsd_committer freebsd_triage 2019-07-01 15:47:12 UTC 
Committed, thanks!