Bug 269116 - dns/powerdns-recursor: update to 4.8.1 (fixes CVE-2023-22617)
Summary: dns/powerdns-recursor: update to 4.8.1 (fixes CVE-2023-22617)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Fernando Apesteguía
URL: https://docs.powerdns.com/recursor/ch...
Keywords: security
Depends on:
Blocks:
 
Reported: 2023-01-23 14:26 UTC by Ralf van der Enden
Modified: 2023-01-24 06:51 UTC (History)
2 users (show)

See Also:
fernape: merge-quarterly+


Attachments
Update to PowerDNS Recursor 4.8.1 (931 bytes, patch)
2023-01-23 14:26 UTC, Ralf van der Enden
tremere: maintainer-approval+
Details | Diff
Add entry to VuXML for PowerDNS Recursor (1.22 KB, patch)
2023-01-23 14:27 UTC, Ralf van der Enden
tremere: maintainer-approval?
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ralf van der Enden 2023-01-23 14:26:49 UTC
Created attachment 239658 [details]
Update to PowerDNS Recursor 4.8.1

This release fixes CVE-2023-22617 (see URL) and only that.

Q&A:
poudriere: testport ok (13.1-RELEASE;amd64;)
Makefile portclippy/portmft processed
Comment 1 Ralf van der Enden 2023-01-23 14:27:35 UTC
Created attachment 239659 [details]
Add entry to VuXML for PowerDNS Recursor
Comment 2 Fernando Apesteguía freebsd_committer 2023-01-23 17:17:53 UTC
Thank you very much for the VuXML entry!
Comment 3 commit-hook freebsd_committer 2023-01-24 06:49:12 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=2c4784a7609ff0ef908af4e533c178ca3fa026d1

commit 2c4784a7609ff0ef908af4e533c178ca3fa026d1
Author:     Ralf van der Enden <tremere@cainites.net>
AuthorDate: 2023-01-23 17:07:40 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-01-24 06:43:57 +0000

    dns/powerdns-recursor: update to 4.8.1 (fixes CVE-2023-22617)

    ChangeLog: https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.1

    Avoid unbounded recursion when retrieving DS records from some misconfigured
    domains.

    PR:             269116
    Reported by:    tremere@cainites.net (maintainer)
    MFH:            2023Q1 (security fix)
    Security:       CVE-2023-22617

 dns/powerdns-recursor/Makefile | 3 +--
 dns/powerdns-recursor/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)
Comment 4 commit-hook freebsd_committer 2023-01-24 06:50:13 UTC
A commit in branch 2023Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=08389f09e4b24c0ee05de9eabffa3eb9e45e392e

commit 08389f09e4b24c0ee05de9eabffa3eb9e45e392e
Author:     Ralf van der Enden <tremere@cainites.net>
AuthorDate: 2023-01-23 17:07:40 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-01-24 06:45:55 +0000

    dns/powerdns-recursor: update to 4.8.1 (fixes CVE-2023-22617)

    ChangeLog: https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.1

    Avoid unbounded recursion when retrieving DS records from some misconfigured
    domains.

    PR:             269116
    Reported by:    tremere@cainites.net (maintainer)
    MFH:            2023Q1 (security fix)
    Security:       CVE-2023-22617

    (cherry picked from commit 2c4784a7609ff0ef908af4e533c178ca3fa026d1)

 dns/powerdns-recursor/Makefile | 2 +-
 dns/powerdns-recursor/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 5 commit-hook freebsd_committer 2023-01-24 06:51:14 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=6ce46aad1724ae98a6aad1a9789389893eab4252

commit 6ce46aad1724ae98a6aad1a9789389893eab4252
Author:     Ralf van der Enden <tremere@cainites.net>
AuthorDate: 2023-01-23 17:12:27 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-01-24 06:46:41 +0000

    security/vuxml: register dns/powerdns-recursor vulnerability

    CVE-2023-22617

    PR:     269116

 security/vuxml/vuln/2023.xml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
Comment 6 Fernando Apesteguía freebsd_committer 2023-01-24 06:51:32 UTC
Committed and merged to 2023Q1,

Thanks!