Bug 249560

Summary:

dns/powerdns: update to 4.3.1 (fixes 1 CVE)

Product:

Ports & Packages

Reporter:

Ralf van der Enden <tremere>

Component:

Individual Port(s)

Assignee:

Kurt Jaeger <pi>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

michael.glaus, pi

Priority:

---

Version:

Latest

Hardware:

Any

OS:

Any

URL:

https://doc.powerdns.com/authoritative/changelog/4.3.html#change-4.3.1

Attachments:

Description	Flags
Update to PowerDNS Auhoritative Server 4.3.1	tremere: maintainer-approval+
Security advisory for VuXML (1 CVE)	none

Description Ralf van der Enden 2020-09-24 07:06:40 UTC

Created attachment 218230 [details]
Update to PowerDNS Auhoritative Server 4.3.1

This release contains the fix for PowerDNS Security Advisory 2020-05 (CVE-2020-17482). More information can be found here: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
It also contains several other fixes and improvements:

Improvements:
- EL8 pkgs: Build mysql backend against mariadb-connector-c-devel
- gpgsql: Reintroduce prepared statements
- gsqlite3backend: add missing indexes
- use real remote for supermaster createSlaveDomain()
- Optimize IXFR-to-AXFR fallback path
- Install bind SQL schema files as part of bindbackend
- Do not send out of zone lookups to the backends

Bug Fixes:
- Raise an exception on invalid hex content in unknown records.
- Handle the extra single-row result set of MySQL stored procedures


Lua(JIT) knobs are now the same as for dns/dnsdist and dns/powerdns-recursor

Comment 1 Ralf van der Enden 2020-09-24 07:27:30 UTC

Created attachment 218232 [details]
Security advisory for VuXML (1 CVE)

Comment 2 Michael Glaus 2020-09-24 14:08:27 UTC

*** Bug 249561 has been marked as a duplicate of this bug. ***

Comment 3 Kurt Jaeger freebsd_committer

2020-09-28 09:37:45 UTC

testbuilds@work

Comment 4 commit-hook freebsd_committer

2020-09-28 09:43:02 UTC

A commit references this bug:

Author: pi
Date: Mon Sep 28 09:42:56 UTC 2020
New revision: 550413
URL: https://svnweb.freebsd.org/changeset/ports/550413

Log:
  security/vuxml: add entry dns/powerdns below 4.3.1

  - CVE-2020-17482

  PR:		249560
  Submitted by:	Ralf van der Enden <tremere@cainites.net>
  Relnotes:	https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html

Changes:
  head/security/vuxml/vuln.xml

Comment 5 Kurt Jaeger freebsd_committer

2020-09-29 01:46:15 UTC

Committed, thanks!

Comment 6 commit-hook freebsd_committer

2020-09-29 01:46:45 UTC

A commit references this bug:

Author: pi
Date: Tue Sep 29 01:46:09 UTC 2020
New revision: 550465
URL: https://svnweb.freebsd.org/changeset/ports/550465

Log:
  dns/powerdns: update 4.3.0 -> 4.3.1

  Improvements:
  - EL8 pkgs: Build mysql backend against mariadb-connector-c-devel
  - gpgsql: Reintroduce prepared statements
  - gsqlite3backend: add missing indexes
  - use real remote for supermaster createSlaveDomain()
  - Optimize IXFR-to-AXFR fallback path
  - Install bind SQL schema files as part of bindbackend
  - Do not send out of zone lookups to the backends

  Bug Fixes:
  - Raise an exception on invalid hex content in unknown records.
  - Handle the extra single-row result set of MySQL stored procedures

  PR:		249560
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  Security:	CVE-2020-17482
  		https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
  Relnotes:	https://doc.powerdns.com/authoritative/changelog/4.3.html#change-4.3.1

Changes:
  head/dns/powerdns/Makefile
  head/dns/powerdns/distinfo
  head/dns/powerdns/pkg-descr
  head/dns/powerdns/pkg-plist

Comment 7 commit-hook freebsd_committer

2020-09-30 07:49:15 UTC

A commit references this bug:

Author: krion
Date: Wed Sep 30 07:49:08 UTC 2020
New revision: 550653
URL: https://svnweb.freebsd.org/changeset/ports/550653

Log:
  MFH: r550465

  dns/powerdns: update 4.3.0 -> 4.3.1

  Improvements:
  - EL8 pkgs: Build mysql backend against mariadb-connector-c-devel
  - gpgsql: Reintroduce prepared statements
  - gsqlite3backend: add missing indexes
  - use real remote for supermaster createSlaveDomain()
  - Optimize IXFR-to-AXFR fallback path
  - Install bind SQL schema files as part of bindbackend
  - Do not send out of zone lookups to the backends

  Bug Fixes:
  - Raise an exception on invalid hex content in unknown records.
  - Handle the extra single-row result set of MySQL stored procedures

  PR:		249560
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  Security:	CVE-2020-17482
  		https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
  Relnotes:	https://doc.powerdns.com/authoritative/changelog/4.3.html#change-4.3.1

  Approved by:	ports-secteam (blanket)

Changes:
_U  branches/2020Q3/
  branches/2020Q3/dns/powerdns/Makefile
  branches/2020Q3/dns/powerdns/distinfo
  branches/2020Q3/dns/powerdns/pkg-descr
  branches/2020Q3/dns/powerdns/pkg-plist