Bug 249560 - dns/powerdns: update to 4.3.1 (fixes 1 CVE)
Summary: dns/powerdns: update to 4.3.1 (fixes 1 CVE)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Kurt Jaeger
URL: https://doc.powerdns.com/authoritativ...
Keywords:
: 249561 (view as bug list)
Depends on:
Blocks:
 
Reported: 2020-09-24 07:06 UTC by Ralf van der Enden
Modified: 2020-09-30 07:49 UTC (History)
2 users (show)

See Also:


Attachments
Update to PowerDNS Auhoritative Server 4.3.1 (4.46 KB, patch)
2020-09-24 07:06 UTC, Ralf van der Enden
tremere: maintainer-approval+
Details | Diff
Security advisory for VuXML (1 CVE) (1.70 KB, patch)
2020-09-24 07:27 UTC, Ralf van der Enden
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ralf van der Enden 2020-09-24 07:06:40 UTC
Created attachment 218230 [details]
Update to PowerDNS Auhoritative Server 4.3.1

This release contains the fix for PowerDNS Security Advisory 2020-05 (CVE-2020-17482). More information can be found here: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
It also contains several other fixes and improvements:

Improvements:
- EL8 pkgs: Build mysql backend against mariadb-connector-c-devel
- gpgsql: Reintroduce prepared statements
- gsqlite3backend: add missing indexes
- use real remote for supermaster createSlaveDomain()
- Optimize IXFR-to-AXFR fallback path
- Install bind SQL schema files as part of bindbackend
- Do not send out of zone lookups to the backends

Bug Fixes:
- Raise an exception on invalid hex content in unknown records.
- Handle the extra single-row result set of MySQL stored procedures


Lua(JIT) knobs are now the same as for dns/dnsdist and dns/powerdns-recursor
Comment 1 Ralf van der Enden 2020-09-24 07:27:30 UTC
Created attachment 218232 [details]
Security advisory for VuXML (1 CVE)
Comment 2 michael.glaus 2020-09-24 14:08:27 UTC
*** Bug 249561 has been marked as a duplicate of this bug. ***
Comment 3 Kurt Jaeger freebsd_committer 2020-09-28 09:37:45 UTC
testbuilds@work
Comment 4 commit-hook freebsd_committer 2020-09-28 09:43:02 UTC
A commit references this bug:

Author: pi
Date: Mon Sep 28 09:42:56 UTC 2020
New revision: 550413
URL: https://svnweb.freebsd.org/changeset/ports/550413

Log:
  security/vuxml: add entry dns/powerdns below 4.3.1

  - CVE-2020-17482

  PR:		249560
  Submitted by:	Ralf van der Enden <tremere@cainites.net>
  Relnotes:	https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html

Changes:
  head/security/vuxml/vuln.xml
Comment 5 Kurt Jaeger freebsd_committer 2020-09-29 01:46:15 UTC
Committed, thanks!
Comment 6 commit-hook freebsd_committer 2020-09-29 01:46:45 UTC
A commit references this bug:

Author: pi
Date: Tue Sep 29 01:46:09 UTC 2020
New revision: 550465
URL: https://svnweb.freebsd.org/changeset/ports/550465

Log:
  dns/powerdns: update 4.3.0 -> 4.3.1

  Improvements:
  - EL8 pkgs: Build mysql backend against mariadb-connector-c-devel
  - gpgsql: Reintroduce prepared statements
  - gsqlite3backend: add missing indexes
  - use real remote for supermaster createSlaveDomain()
  - Optimize IXFR-to-AXFR fallback path
  - Install bind SQL schema files as part of bindbackend
  - Do not send out of zone lookups to the backends

  Bug Fixes:
  - Raise an exception on invalid hex content in unknown records.
  - Handle the extra single-row result set of MySQL stored procedures

  PR:		249560
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  Security:	CVE-2020-17482
  		https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
  Relnotes:	https://doc.powerdns.com/authoritative/changelog/4.3.html#change-4.3.1

Changes:
  head/dns/powerdns/Makefile
  head/dns/powerdns/distinfo
  head/dns/powerdns/pkg-descr
  head/dns/powerdns/pkg-plist
Comment 7 commit-hook freebsd_committer 2020-09-30 07:49:15 UTC
A commit references this bug:

Author: krion
Date: Wed Sep 30 07:49:08 UTC 2020
New revision: 550653
URL: https://svnweb.freebsd.org/changeset/ports/550653

Log:
  MFH: r550465

  dns/powerdns: update 4.3.0 -> 4.3.1

  Improvements:
  - EL8 pkgs: Build mysql backend against mariadb-connector-c-devel
  - gpgsql: Reintroduce prepared statements
  - gsqlite3backend: add missing indexes
  - use real remote for supermaster createSlaveDomain()
  - Optimize IXFR-to-AXFR fallback path
  - Install bind SQL schema files as part of bindbackend
  - Do not send out of zone lookups to the backends

  Bug Fixes:
  - Raise an exception on invalid hex content in unknown records.
  - Handle the extra single-row result set of MySQL stored procedures

  PR:		249560
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  Security:	CVE-2020-17482
  		https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
  Relnotes:	https://doc.powerdns.com/authoritative/changelog/4.3.html#change-4.3.1

  Approved by:	ports-secteam (blanket)

Changes:
_U  branches/2020Q3/
  branches/2020Q3/dns/powerdns/Makefile
  branches/2020Q3/dns/powerdns/distinfo
  branches/2020Q3/dns/powerdns/pkg-descr
  branches/2020Q3/dns/powerdns/pkg-plist