Summary: | dns/powerdns-recursor: update to 4.8.1 (fixes CVE-2023-22617) | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Ralf van der Enden <tremere> | ||||||
Component: | Individual Port(s) | Assignee: | Fernando Apesteguía <fernape> | ||||||
Status: | Closed FIXED | ||||||||
Severity: | Affects Many People | CC: | fernape, ports-secteam | ||||||
Priority: | --- | Keywords: | security | ||||||
Version: | Latest | Flags: | fernape:
merge-quarterly+
|
||||||
Hardware: | Any | ||||||||
OS: | Any | ||||||||
URL: | https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.1 | ||||||||
Attachments: |
|
Created attachment 239659 [details]
Add entry to VuXML for PowerDNS Recursor
Thank you very much for the VuXML entry! A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=2c4784a7609ff0ef908af4e533c178ca3fa026d1 commit 2c4784a7609ff0ef908af4e533c178ca3fa026d1 Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2023-01-23 17:07:40 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2023-01-24 06:43:57 +0000 dns/powerdns-recursor: update to 4.8.1 (fixes CVE-2023-22617) ChangeLog: https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.1 Avoid unbounded recursion when retrieving DS records from some misconfigured domains. PR: 269116 Reported by: tremere@cainites.net (maintainer) MFH: 2023Q1 (security fix) Security: CVE-2023-22617 dns/powerdns-recursor/Makefile | 3 +-- dns/powerdns-recursor/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 5 deletions(-) A commit in branch 2023Q1 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=08389f09e4b24c0ee05de9eabffa3eb9e45e392e commit 08389f09e4b24c0ee05de9eabffa3eb9e45e392e Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2023-01-23 17:07:40 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2023-01-24 06:45:55 +0000 dns/powerdns-recursor: update to 4.8.1 (fixes CVE-2023-22617) ChangeLog: https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.1 Avoid unbounded recursion when retrieving DS records from some misconfigured domains. PR: 269116 Reported by: tremere@cainites.net (maintainer) MFH: 2023Q1 (security fix) Security: CVE-2023-22617 (cherry picked from commit 2c4784a7609ff0ef908af4e533c178ca3fa026d1) dns/powerdns-recursor/Makefile | 2 +- dns/powerdns-recursor/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=6ce46aad1724ae98a6aad1a9789389893eab4252 commit 6ce46aad1724ae98a6aad1a9789389893eab4252 Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2023-01-23 17:12:27 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2023-01-24 06:46:41 +0000 security/vuxml: register dns/powerdns-recursor vulnerability CVE-2023-22617 PR: 269116 security/vuxml/vuln/2023.xml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) Committed and merged to 2023Q1, Thanks! |
Created attachment 239658 [details] Update to PowerDNS Recursor 4.8.1 This release fixes CVE-2023-22617 (see URL) and only that. Q&A: poudriere: testport ok (13.1-RELEASE;amd64;) Makefile portclippy/portmft processed