Created attachment 206533 [details] Update to PowerDNS Auhoritative Server 4.1.13 4.1.13 changelog: The 4.1.12 release was skipped due to a packaging issue. This is a bugfix release for high traffic setups using the pipebackend or remotebackend. It contains the following changes: gpgsqlbackend: add missing schema file to Makefile (#8157) stop using select() in places where FDs can be >1023 (#8162) 4.1.11 changelog: This release contains the updated PostgreSQL schema for PowerDNS Security Advisory 2019-06 (CVE-2019-10203). Upgrading is not enough - you need to manually apply the schema change: ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END; ====== I've added a pkg-install file with a 10s delay which essentially says the same as mentioned in the 4.1.11 changelog. Since this is the first time a schema change is required to fix a security vulnerability I hope this is the best way to do it. If not... I'm ready to be educated :) ====== QA: portlint: OK (looks fine.) testport: OK (12.0, amd64)
Created attachment 207101 [details] Update to PowerDNS Authrotative Server 4.2.0
In the new patch I changed the delay from 10s to 5s.
testbuilds@work
A commit references this bug: Author: pi Date: Thu Sep 5 16:51:06 UTC 2019 New revision: 511195 URL: https://svnweb.freebsd.org/changeset/ports/511195 Log: dns/powerdns: upgrade 4.1.14 -> 4.2.0 - Please note: to fix CVE-2019-10203, upgrading is not enough Manually apply the schema change: ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END; PR: 239850 Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer) MFH: 2019Q3 Relnotes: https://doc.powerdns.com/authoritative/changelog/4.2.html http://blog.powerdns.com/2019/08/29/powerdns-authoritative-server-4-2-0/ Security: CVE-2019-10203 Changes: head/dns/powerdns/Makefile head/dns/powerdns/distinfo head/dns/powerdns/files/patch-pdns_dns__random.cc head/dns/powerdns/files/pdns.in head/dns/powerdns/files/pkg-message.in head/dns/powerdns/pkg-install head/dns/powerdns/pkg-plist
A commit references this bug: Author: krion Date: Wed Sep 25 13:43:24 UTC 2019 New revision: 512785 URL: https://svnweb.freebsd.org/changeset/ports/512785 Log: MFH: r511195 dns/powerdns: upgrade 4.1.14 -> 4.2.0 - Please note: to fix CVE-2019-10203, upgrading is not enough Manually apply the schema change: ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END; PR: 239850 Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer) Relnotes: https://doc.powerdns.com/authoritative/changelog/4.2.html http://blog.powerdns.com/2019/08/29/powerdns-authoritative-server-4-2-0/ Security: CVE-2019-10203 Approved by: ports-secteam (implicit) Changes: _U branches/2019Q3/ branches/2019Q3/dns/powerdns/Makefile branches/2019Q3/dns/powerdns/distinfo branches/2019Q3/dns/powerdns/files/patch-pdns_dns__random.cc branches/2019Q3/dns/powerdns/files/pdns.in branches/2019Q3/dns/powerdns/files/pkg-message.in branches/2019Q3/dns/powerdns/pkg-install branches/2019Q3/dns/powerdns/pkg-plist